Western Digital Arkeia Appliance version 10.0.10 suffers from local file inclusion and unauthenticated firmware upload vulnerabilities.
986980ef6f7a090f7de67c61f20277e211d6c6bd9bfdb11aea4f532caa3ad9cdOpenEMR version 4.1.1 Patch 14 suffers from remote shell upload and remote SQL injection vulnerabilities.
dd2bb2f9a5d3ce8ac7e4ee72e80cd42dbbbcb6ec9045c094bc63c0831a0f7e7aThe Vino VNC server, which is also the default VNC server in Ubuntu (3.4.2-0ubuntu1.2), is vulnerable to a persistent denial of service vulnerability. The vulnerability is triggered when a VNC client, who claims to only support protocol version 3.3, sends malformed data during the authentication selection stage of the authentication process.
2a86c57ec668584e1c10178732acfc9a1b36983b15434b763d969877df0a7998Apple Security Advisory 2013-09-17-1 - OS X Server v2.2.2 is now available and addresses issues in ClamAV, PostgreSQL, and Wiki Server.
c516deac95bf69d79df1127a6874872a55731b550670e67d4698fcc32e5a44eeRed Hat Security Advisory 2013-1269-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird handled certain DOM JavaScript objects. An attacker could use this flaw to make JavaScript client or add-on code make incorrect, security sensitive decisions.
2ac6c15fe7915dc21bfde37dbea34126a051989ad6dcc45ad3abd8a142937d5eDebian Linux Security Advisory 2758-1 - It was discovered that python-django, a high-level Python web develompent framework, is prone to a denial of service vulnerability via large passwords.
5595b282fdbea1494cb8ba11a4337119b7bf4982945bd53492ae2fbd5ce7b724Red Hat Security Advisory 2013-1268-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Firefox handled certain DOM JavaScript objects. An attacker could use this flaw to make JavaScript client or add-on code make incorrect, security sensitive decisions.
dc08eb08373c1fda25db89c9b74ea5d8897d4cb1e76d065445c7a870cc5ec4fbUbuntu Security Notice 1951-1 - Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Firefox. Atte Kettunen discovered a flaw in the HTML5 Tree Builder when interacting with template elements. In some circumstances, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
ae7ff1f917c1950c5b6490ce8854e1e96917dda5d21236bc3d2616020543035eMandriva Linux Security Advisory 2013-236 - svnserve takes a --pid-file option which creates a file containing the process id it is running as. It does not take steps to ensure that the file it has been directed at is not a symlink. If the pid file is in a directory writeable by unprivileged users, the destination could be replaced by a symlink allowing for privilege escalation. svnserve does not create a pid file by default.
66588c56007bb3eaf59215bec294d584644e2b7fb108e8c2fc69f17aec0113bcWordPress RokNewsPager plugin version 1.17 suffers from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.
9478525d347154fcda7328dbe60c6bfeb918b3150874fd1c635d27e94addacfdWordPress RokStories plugin version 1.25 suffers from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.
0863ac73a48a29232f7f2d7ff9dc54aba5a9f353c60aa43ba69632c79ba9f148The ShortComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks when the "numDataElements" field is 0. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was purchased through the Packet Storm Bug Bounty program.
9b46afd762236e62d711f0fada9c9de29c69547da21046abe1e2ed3b09781fccThe ShortComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks when the "numDataElements" field is 0. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.
b69d9577ff19470b3048d950dd9549dc3b2aa75f7581440fc3a967b43221d8d6This Metasploit module abuses a command injection on the clear_keys.pl perl script, installed with the Sophos Web Protection Appliance, to escalate privileges from the "spiderman" user to "root". This Metasploit module is useful for post exploitation of vulnerabilities on the Sophos Web Protection Appliance web ui, executed by the "spiderman" user. This Metasploit module has been tested successfully on Sophos Virtual Web Appliance 3.7.0.
7b650af9e32cadfdd3be9e6255740c3a5d42d0ac1627d52bec5e8e35f7e5b29bRed Hat Security Advisory 2013-1265-01 - JBoss Web is a web container based on Apache Tomcat. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process.
ed88b7deaf57daa692d0f6dd5fc2d12538c3e9f89c4222ad893b47d1e15cb4ceVarious D-Link Routers are vulnerable to OS command injection in the UPnP SOAP interface. This Metasploit module has been tested successfully on DIR-300, DIR-600, DIR-645, DIR-845 and DIR-865. According to the vulnerability discoverer, more D-Link devices may be affected.
52a628392ec5ee753541865f4aca6952fbf591c9999c1f65fb1b299552915715This Metasploit module exploits a command injection vulnerability on Sophos Web Protection Appliance 3.7.9, 3.8.0 and 3.8.1. The vulnerability exists on the sblistpack component, reachable from the web interface without authentication. This Metasploit module has been tested successfully on Sophos Virtual Web Appliance 3.7.0.
bcde5e8d8f05d7b1ad0a9daef6977f314f81b4851a6c07b2830229371f0f0838Gentoo Linux Security Advisory 201309-10 - A vulnerability in Adobe Reader could result in execution of arbitrary code execution or denial of service. Versions less than 9.5.5 are affected.
52ddb634b7774ad1e10d667fae86852b4c89bea6f1e4154dd4d134165c6f0eb4This Metasploit module exploits a directory traversal vulnerability on Agnitum Outpost Internet Security 8.1. The vulnerability exists in the acs.exe component, allowing the user to load load arbitrary DLLs through the acsipc_server named pipe, and finally execute arbitrary code with SYSTEM privileges. This Metasploit module has been tested successfully on Windows 7 SP1 with Agnitum Outpost Internet Security 8.1 (32 bits and 64 bits versions).
c725a9edfaf376428bc599d7a1561e16694e97bcddedbb8f573cc30689f520c3This Metasploit module exploits a path traversal flaw in the HP ProCurve Manager SNAC Server. The vulnerability in the UpdateDomainControllerServlet allows an attacker to upload arbitrary files, just having into account binary writes aren't allowed. Additionally, authentication can be bypassed in order to upload the file. This Metasploit module has been tested successfully on the SNAC server installed with HP ProCurve Manager 4.0.
c9ac22deeaaeec7f4f88fb2108052d3e62513624019a0ece3319ace029dc61b8This Metasploit module exploits a path traversal flaw in the HP ProCurve Manager SNAC Server. The vulnerability in the UpdateCertificatesServlet allows an attacker to upload arbitrary files, just having into account binary writes aren't allowed. Additionally, authentication can be bypassed in order to upload the file. This Metasploit module has been tested successfully on the SNAC server installed with HP ProCurve Manager 4.0.
035ab4f7cfde066435067dd5814bd3a0184f062d3375d4af40bf2b00ed890298cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage.
63b8661a7ea102e25f67122b90819e8c58f7e0ceb6acd6ea7d8bb9138e380914
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed