Cisco Security Advisory - Cisco Unified MeetingPlace Application Server contains an authentication bypass vulnerability and Cisco Unified MeetingPlace Web Conferencing Server contains an arbitrary login vulnerability. For both vulnerabilities, successful exploitation could allow an unauthenticated, remote attacker to impersonate a legitimate user and send arbitrary commands to the affected system with the privileges of that user. Cisco has released free software updates that address these vulnerabilities. A workaround is available for the Cisco Unified MeetingPlace Web Conferencing Server Arbitrary Login Vulnerability.
ac07829fb7b4753ccebbf00ed0c285629430bffc56279f0d3c6718c7b22d630aViproy Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.
8c765de8ebd06f2a12c1e1ff3be3e4e5f33bb6e44daa21085344559c1f80ada4Cisco Security Advisory - Cisco Firewall Services Module (FWSM) Software for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by denial of service vulnerabilities.
dfc74086525fd29ad67a867f642218e7c5734e07af57e597473bc95e74cc4a23Cisco Security Advisory - Cisco ASA Software is affected by multiple denial of service vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of these vulnerabilities.
91b7a8189bf2977d48e203cde125ed290f34a3c3567439e5be4e845abaeeab16This is the Call For Papers for DeepSec 2013, the seventh DeepSec In-Depth Security Conference. This annual event will take place from November 19th to the 22nd at the Imperial Riding School Renaissance Hotel in Vienna, Austria.
2f399af9cd5cc20dd71d5427c7424f8b0a7b6528114262a3651561cb7ad4601eBigAnt Server version 2.97 DDNF username buffer overflow exploit with DEP and ASLR bypass. Binds a shell to port 4444.
b114dd8d646dddbf65d73b849faaedfb56e723603110598c6f7794f930cfb69fMandriva Linux Security Advisory 2013-099 - Function DecompressRTF() in libytnef 1.5 leads to a buffer overflow on certain TNEF files (presumably, on files, generated by some recent versions of MS software).
6c014053c253064da717050ce3757845ba06162383cf1497886281721e40ddc5Mandriva Linux Security Advisory 2013-098 - The Portable SDK for UPnP Devices libupnp library contains multiple buffer overflow vulnerabilities. Devices that use libupnp may also accept UPnP queries over the WAN interface, therefore exposing the vulnerabilities to the internet.
f8496243e7f0256fe58f41cd2454656be93b6bfe7cf9d3facfeb6bad9b7497ebMandriva Linux Security Advisory 2013-097 - Just Ferguson discovered that libotr, an off-the-record messaging library, can be forced to perform zero-length allocations for heap buffers that are used in base64 decoding routines. An attacker can exploit this flaw by sending crafted messages to an application that is using libotr to perform denial of service attacks or potentially execute arbitrary code. The updated packages have been patched to correct this issue.
ba44af9f2a93bd9c88d88b13fbd48e0e938b28d608578c8c0e39c4c29d29b7d9Mandriva Linux Security Advisory 2013-096 - The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the checkers.pid, and vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files. A security issue due to syslog being used inside of sighandlers has also been fixed. Finally, keepalived was failing to load the ip_vs kernel module because of an incorrect modprobe option. This has also been corrected.
f3cd472376eebff910246245a399722a96d596a772515aa4360494a1cf49a7a1Mandriva Linux Security Advisory 2013-095 - Two improper permission check issues were discovered in the reflection API in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Various other issues were also addressed.
45b414ad1d7bafe7ea541cbe9a5e727f7af41ca7e2b60153b3a757f05bea9ebeMandriva Linux Security Advisory 2013-120 - PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key. Note: any ElGamal keys that have previously been generated by PyCrypto should be regenerated after installing this update.
6c5ced1cb976616b44a9b19f8d6c624360fe034c06be3fdeeb2c1cd174c8a0f9Mandriva Linux Security Advisory 2013-119 - python-httplib2 ships its own copy of the Mozilla NSS certificates, but it should use the system-wide ones provided by the rootcerts package instead. This has been corrected.
9e0e55e9b02986ac7bae70bcab429a6d3fe5131a1a3a0c2b4963111a34d43205Mandriva Linux Security Advisory 2013-094 - It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine.
b6673c0aa0caa23d9da1f516d68005045d1a553e921e5fe10d188b6bd94c16bfMandriva Linux Security Advisory 2013-118 - Universal Feed Parser before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document.
fb5ebc586396c019e439047a9c56d93e71eb681ddca2bbf7c365abe597b3d5beMandriva Linux Security Advisory 2013-117 - A race condition was found in the way the Python distutils module set file permissions during the creation of the.pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's.pypirc file, which can contain usernames and passwords for code repositories. Additionally, python has been built against the system expat and ffi libraries, to avoid any future issues with those.
b37beb64b8420308a38954d7c844e4b884068359c49384647a0c67551cbe9601Mandriva Linux Security Advisory 2013-116 - Stack-based buffer overflow in libpixman has unspecified impact and attack vectors.
bd668a8e9ffb55c3c93cd9dfa26a45223599069231f7f3238d60a9fe065e1266Mandriva Linux Security Advisory 2013-115 - Zend_Dom, Zend_Feed, Zend_Soap, and Zend_XmlRpc in Zend Framework before 1.11.13 and 1.12.0 are vulnerable to XML Entity Expansion vectors, leading to Denial of Service vectors. XEE attacks occur when the XML DOCTYPE declaration includes XML entity definitions that contain either recursive or circular references; this leads to CPU and memory consumption, making Denial of Service exploits trivial to implement. A vulnerability was reported in Zend Framework versions prior to 1.11.15 and 1.12.1, which can be exploited to disclose certain sensitive information. This flaw is caused due to an error in the Zend_Feed_Rss and Zend_Feed_Atom classes of the Zend_Feed component, when processing XML data. It can be used to disclose the contents of certain local files by sending specially crafted XML data including external entity references.
8a2cf44910a41a1057caa350947b89fbe76c9dfa88f6b892d0b720a0742bd661Mandriva Linux Security Advisory 2013-114 - ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory. The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity issue in the soap_xmlParseFile and soap_xmlParseMemory functions. Various other issues have also been addressed.
300d6d024575289b1802726ba11c43c279ed42aad1d023b478f6e96f8e3ae2d3Debian Linux Security Advisory 2659-1 - Timur Yunusov and Alexey Osipov from Positive Technologies discovered that the XML files parser of ModSecurity, an Apache module whose purpose is to tighten the Web application security, is vulnerable to XML external entities attacks. A specially-crafted XML file provided by a remote attacker, could lead to local file disclosure or excessive resources (CPU, memory) consumption when processed.
2ecf19e474f3d84104001f515f49ee5b01e068c895b4d46153fcc73ed4e1f6efMandriva Linux Security Advisory 2013-113 - It was discovered that Perl's 'x' string repeat operator is vulnerable to a heap-based buffer overflow. An attacker could use this to execute arbitrary code. Various other issues were also addressed.
d121a52e5d21e1a1d884bfa0b4351192f0257e3310ec24006cce477233f1c93aMandriva Linux Security Advisory 2013-112 - Multiple cross-site scripting vulnerabilities in Open Ticket Request System Help Desk 2.4.x before 2.4.13, 3.0.x before 3.0.15, and 3.1.x before 3.1.9, and OTRS ITSM 2.1.x before 2.1.5, 3.0.x before 3.0.6, and 3.1.x before 3.1.6, allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with expression property in the STYLE attribute of an arbitrary element or UTF-7 text in an HTTP-EQUIV=CONTENT-TYPE META element. Cross-site scripting vulnerability in Open Ticket Request System Help Desk 2.4.x before 2.4.14, 3.0.x before 3.0.16, and 3.1.x before 3.1.10, when Firefox or Opera is used, allows remote attackers to inject arbitrary web script or HTML via an e-mail message body with nested HTML tags. Cross-site scripting vulnerability in Open Ticket Request System Help Desk 2.4.x before 2.4.15, 3.0.x before 3.0.17, and 3.1.x before 3.1.11 allows remote attackers to inject arbitrary web script or URL in the SRC attribute of an element, as demonstrated by an IFRAME element.
ef99ff1195e6fef97371a1c9efaee80a50ab7b45cb1d0b8ea55436dc8f49df6dRed Hat Security Advisory 2013-0733-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. Multiple Cross-Site Request Forgery flaws were found in the GateIn Portal. If a remote attacker could trick a logged in user into visiting an attacker-controlled URL, the attacker could perform actions with the privileges of the logged in user.
2da1df32470c1f69190f3f15c14a728a5c78c199c123a3388a73a3f5cf59f222Mandriva Linux Security Advisory 2013-093 - Bob Nomnomnom reported a Denial of Service vulnerability in IRCD-Hybrid, an Internet Relay Chat server. A remote attacker may use an error in the masks validation and crash the server. Please note that due to the previously suboptimal nature of the sysvinit script, systemd systems would not correctly detect the daemon process as running and thus could not stop the service. As a result, you may have to manually kill the process and start the service after upgrading.
82edadde42df55b1fa66aa6272a2e9ed9b2ee2251faa4e96bfc056bb06e90b47Ubuntu Security Notice 1799-1 - It was discovered that the NVIDIA graphics drivers incorrectly handled large ARGB cursors. A local attacker could use this issue to gain root privileges. The NVIDIA graphics drivers have been updated to 304.88 to fix this issue. In addition to the security fix, the updated packages contain bug fixes, new features, and possibly incompatible changes.
900d2b5ea2faf160dfa451a4cb5bedf7a0facfcea0ba2924f93049b6e6da2b0d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed