This Metasploit module exploits a missing authorization vulnerability in the "update_roles" action of "users" controller of Katello and Red Hat Satellite (Katello 1.5.0-14 and earlier) by changing the specified account to an administrator account.
e0371216c7f1d8860897ca9e5f3d083fc1371c2aca741321b8cb6ff295f73dbf
HP Security Bulletin HPSBMU02967 2 - A potential security vulnerability has been identified with HP Unified Functional Testing Running on Windows. This vulnerability could be remotely exploited to allow execution of arbitrary code. Revision 2 of this advisory.
2f6821a2bbe5c89e9584369176f1507af47b959c73828363027e25e99bb9a72a
webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header.
d20d6eda27bee2e48fd7dddd353b5841c8f19f449a5657951a591227c486e56e
InterWorx Web Control Panel version 5.0.13 build 574 suffers from a remote SQL injection vulnerability.
afe204bd4b2997915e002624fe94d4bf76d844faa9571607108500b7840dbc16
EDITStuff version 6 suffers from a remote command execution vulnerability.
06f370fb97a0e7da39a9a0cbebd48d7b55eb97d5f9bebf21fd64712e2f49061e
Red Hat Security Advisory 2014-0330-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote attacker could use this flaw to perform password guessing attacks on Samba user accounts. Note: this flaw only affected Samba when deployed as a Primary Domain Controller. A flaw was found in the way the pam_winbind module handled configurations that specified a non-existent group as required. An authenticated user could possibly use this flaw to gain access to a service using pam_winbind in its PAM configuration when group restriction was intended for access to the service.
4ccb4fc6b11f92b846e743e89d1a56c9ca11c685ff04515006ad01325ecf4870
Red Hat Security Advisory 2014-0328-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the get_rx_bufs() function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc() function. A privileged guest user could use this flaw to crash the host. A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on the system.
89d9790834be4c375db2c9b80b34a6a4d366543a7220b333921532be2e3a6db5
Ubuntu Security Notice 2155-1 - Jann Horn discovered that OpenSSH incorrectly handled wildcards in AcceptEnv lines. A remote attacker could use this issue to possibly bypass certain intended environment variable restrictions.
bdab8f1f7c649a8126f6b3e5005887d52b74e90bdcf86a7ec2876e9b2f3169bb
iThoughtsHD version 4.19 suffers from cross site scripting, denial of service, and null byte injection file upload vulnerabilities.
b199b6f0f1f8a2eca6898cd60ae8f911d2ac84d212c86fb60f88639298107746
WinRAR version 4.20 suffers from a file extension spoofing vulnerability.
82cbbc5f4144a0fc90c9e134c84a23a3de5dbc828d91d37dafd7aa754218b05c
When authenticated as an administrator on LifeSize UVC 1.2.6, an attacker can abuse the ping diagnostic functionality to achieve remote command execution as the www-data user (or equivalent).
efca4edbd5362527ab761c155c785c794bfe447ad8520c997f75d88b0393b019
This Metasploit module exploits a vulnerability found in FreePBX version 2.9, 2.10, and 2.11. It's possible to inject arbitrary PHP functions and commands in the "/admin/config.php" parameters "function" and "args".
1c02024d4a3f7042c08772f0fe212d3e817f272a686805a55db99a37717d3b29
qEngine CMS version 6.0.0 suffers from a remote code execution vulnerability.
3536bc3d3347ae2420fc82be365206a80c0fb4b85a80355bd91dc1bee782d639
qEngine CMS version 6.0.0 suffers from a local file inclusion vulnerability.
9a4ca90342e80435948a3c42e20b9d22c7c5b898de1d6c741e985b5ece077e69
qEngine CMS version 6.0.0 suffers from a database backup disclosure vulnerability.
c9a818f093860746a364a8d9c4151bdd7d23aa5c8a8ef6e520aefd1971896914
Nagios 3.5.0 suffers from an off-by-one memory access vulnerability.
69651640bf2e907cef3c5b36888f005619b1f471351155a6054b7efd9226bb08
Icinga version 1.9.1 suffers from buffer overflow and off-by-one memory access vulnerabilities.
a80f7605d0c312fc041a1a22841376ec743fc06341d21397c2f1cd1348d95d96
check_mk version 1.2.2p2 suffers from possible command execution, cross site request forgery, cross site scripting, and arbitrary deletion vulnerabilities.
805993d64a93f7667967f255ea59069a2875f8da5ef1aed9aa89e3ee8e21f148
Cacti version 0.8.7g suffers from stored cross site scripting, cross site request forgery, and possible command execution vulnerabilities.
a60f85a2d28f7d6505f3ecacf176ca9ddaef9f4003db247563075b71d7f4162d
The c0c0n 2014 call for papers has been announced. It will take place August 22nd through the 23rd, 2014 in Cochin, India.
7dc5a5d889fcb04585b16b79bd6a8af8c473227390d5703e0a0fbe23582fbab3
Ubuntu Security Notice 2154-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20130906 package.
db0bb7598d0ce78b823879d8616fc042fa6c46ae17e6aa342b29fc69a0ba253a
Ubuntu Security Notice 2153-1 - Kees Cook discovered that initramfs-tools incorrectly mounted /run without the noexec option, contrary to expected behaviour.
0c0be50832191b5dd596c547394e1fef8f12e9e8ef6f54a4d8205d8eaaae8cda
RSA BSAFE MES 4.0.5 contains fix for a security vulnerability that could potentially be exploited by malicious users to deny access to the affected system.
dfe19b0d0c102e00ac21bfdce90d832a779c6e7fcfdf9adf1d7faa4dce766eea
Debian Linux Security Advisory 2883-1 - Several vulnerabilities have been discovered in the chromium web browser.
20d2cc124c759b4aeafe649d18d538e924cbb1dda3765de0b62d0d053aa72638
php-font-lib version 0.3 suffers from a reflective cross site scripting vulnerability.
1a474dde8ce092bdffb789154f90356da33e4828fac208b7fd109580e7cc335d