portfwd is a small userlevel daemon which forwards incoming TCP connections or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding and transparent proxy.
a880cf57ae00224c470c387cf2de8abbb53c4d761b4d67be5b0c9e15c3484066Some Linksys Routers are vulnerable to an authenticated OS command injection in the Web Interface. Default credentials are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. A ping command against a controlled system could be used for testing purposes. The user must be prudent when using this module since it modifies the router configuration while exploitation, even when it tries to restore previous values.
842e633a501f723e29c147350b0f672da78b474050f74be28f55d1501d673b3cRuby Gem Karteek Docsplit version 0.5.4 fails to sanitize user-supplied input. If a user is tricked into extracting a file with shell characters in the name, code can be executed remotely.
b21afb51938c4e491625c88dec36626c10a2f58c611fc3dcdcfd45693ccba644This bulletin summary lists 9 released Microsoft security bulletins for April, 2013.
9fa04ce0853d4066597878eb3bbbae6b5ee870541cf6c8172630ebf4a59016bdphpMyAdmin version 3.5.7 suffers from a reflective cross site scripting vulnerability.
373323d449040d80cf19a424efb57660421ebce6af076a5b804b8d44f7724af3The app_tmp directory is set to be world readable and writable by Firefox for Android. This potentially allows for third party applications to replace or alter Firefox add-ons when downloaded because they are temporarily stored in the app_tmp directory before installation.
323e774a7be57857607c34b40f5d3df75b387103d0ff33bd02ee5880b6c397bfZAPms version 1.41 suffers from a remote SQL injection vulnerability.
fdbb3c9ac475faabb959b176c865bb90290f7c1e94579706c71fa54561f748d7This is a simple python tool written to extract all web resources by leveraging an exposed .SVN folder.
2675f79a415d1f1f96f60a6a337e25c1fb941c47573e612e32d8468062080155Mandriva Linux Security Advisory 2013-081 - An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the gegl utility processed.ppm image files. An attacker could create a specially-crafted.ppm file that, when opened in gegl, would cause gegl to crash or, potentially, execute arbitrary code.
5e6cd5cf68993eaf8d5b1a8de79004e00215d35203e5d44e86a442d35c902bc8Mandriva Linux Security Advisory 2013-080 - There is a security issue in Ganglia Web going back to at least 3.1.7 which can lead to arbitrary script being executed with web user privileges possibly leading to a machine compromise. Additionally, an issue where active NFS mounts caused gmond to not start has also been corrected. When installing ganglia-gmetad, the installer uses the non-existent nobody, and not nogroup, as the group when changing new ownership of files.
3c961b95991381bc79dc24781ff27c697f4bc29f2ff8bf5a43e1b9053a4769a8Mandriva Linux Security Advisory 2013-077 - The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfaces/gtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings file to overflow a statically-sized buffer on the stack.
d15fbb0cd85903accc91fa6774002011340db685ec6a8f976265991dcf13a79eMandriva Linux Security Advisory 2013-078 - fail2ban before 0.8.8 didn't escape the content of <matches> (if used in custom action files), which could cause issues on the system running fail2ban as it scans log files, depending on what content is matched, since that content could contain arbitrary symbols.
02f0ceebdef9f69b3240d65ae187a46acf7a7e763e43fddb26a82309d5e67241Mandriva Linux Security Advisory 2013-092 - The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8-6 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service via a crafted PNG file that triggers incorrect memory allocation.
d7b8e31000d6f94514dd6bb1b2196951e4c3914af5eb3d0eba49fa8c550fc240Mandriva Linux Security Advisory 2013-091 - Icecast didn't strip newlines from log entries, therefore allowing users to forge log entries.
d678e8f696c183eb66fee5d804148e481f6780789c17e07f36a70fc0fe1ced17Mandriva Linux Security Advisory 2013-090 - An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially-crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. The updated packages have been patched to correct this issue.
52b38a58d8663a77ed183b461180c1ba5f7327f1147c9fc9ad9385aff5163ee1Mandriva Linux Security Advisory 2013-089 - An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially-crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. The updated packages have been patched to correct this issue.
d8a45b54c37f2206c92a6365555941b6c0d4767b9db2b8a89a9e0c163126018cMandriva Linux Security Advisory 2013-088 - Several temporary file handling flaws were found in HPLIP. A local attacker could use these flaws to perform a symbolic link attack, overwriting arbitrary files accessible to a process using HPLIP.
6f358311920293588298d9da643b86de9ef48803cf0271f554493dbbea14ffe7Mandriva Linux Security Advisory 2013-079 - Updated ffmpeg packages fix security vulnerabilities.
011cf87409193cbe68c990031fad2605ef53df2af20292fbb0fe6d5c5c969937Mandriva Linux Security Advisory 2013-087 - Mozilla community member Tobias Schula reported that if gfx.color_management.enablev4 preference is enabled manually in about:config, some grayscale PNG images will be rendered incorrectly and cause memory corruption during PNG decoding when certain color profiles are in use. A crafted PNG image could use this flaw to leak data through rendered images drawing from random memory. By default, this preference is not enabled. Various other issues were also addressed.
8dbda59f28a3be5e867bc9959eeb7c29a12cbc2e377b5713680241dda8c74519Mandriva Linux Security Advisory 2013-086 - contrib/pdfmark/pdfroff.sh in GNU troff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. The contrib/gdiffmk/tests/runtests.in scripts in GNU troff 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro#####.tmp or /tmp/##### temporary file. The contrib/eqn2graph/eqn2graph.sh, contrib/pic2graph/pic2graph.sh scripts in GNU troff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files via a symlink attack on a file in a temporary directory, a different vulnerability than CVE-2004-1296. The contrib/groffer/perl/roff2.pl scripts in GNU troff 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2004-0969. The updated packages have been patched to correct these issues.
0de17ba22272b3a3d36b067a2beabe8eb38298c3d26a34deb5b497588491615cMandriva Linux Security Advisory 2013-085 - contrib/pdfmark/pdfroff.sh in GNU troff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. The contrib/gdiffmk/tests/runtests.in scripts in GNU troff 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro#####.tmp or /tmp/##### temporary file. The contrib/eqn2graph/eqn2graph.sh, contrib/pic2graph/pic2graph.sh scripts in GNU troff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files via a symlink attack on a file in a temporary directory, a different vulnerability than CVE-2004-1296. The updated packages have been patched to correct these issues.
5c7df6f745f8b79b66fed6840c0d39eaf7b32f66e462ebf8ebd790d032ffcb4bMandriva Linux Security Advisory 2013-084 - gnome-keyring seems to obey the configuration asking it to stop caching passphrases, but after a while it doesn't cache nor does it ask for the passphrase.
1d755992c671fbd15c6ce5f16e59fba3a2f9233efd2ad0ed9f6f915f83023dc7Mandriva Linux Security Advisory 2013-083 - It was discovered that the version of glib shipped with MBS 1 does not sanitise certain DBUS related environment variables. When used in combination with a setuid application which utilizes dbus via glib, a local user could gain escalated privileges with a specially crafted environment. This is related to a similar issue with dbus. This updated version of glib adds appropriate protection against such scenarios and also adds additional hardening when used in a setuid environment.
00be062d264761ffaab6ba68820ff25e49ad0147fd9a2fcb5e84638ffc2517f0Red Hat Security Advisory 2013-0727-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way KVM handled guest time updates when the buffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register crossed a page boundary. A privileged guest user could use this flaw to crash the host or, potentially, escalate their privileges, allowing them to execute arbitrary code at the host kernel level.
8dbf79cce44ee7c7a8b5ef0d8c7a498872b08b14f5e166dcdc471e2aed88b38bRed Hat Security Advisory 2013-0728-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was found that documentation created by RDoc was vulnerable to a cross-site scripting attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's session. As RDoc is used for creating documentation for Ruby source files, it is not a common scenario to make such documentation accessible over the network.
e4aa1360f63ad9831bbfb889675e74bdad2f2deae445fbb8e575b78c0ff578e1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed