Red Hat Security Advisory 2014-0790-01 - Dovecot is an IMAP server, written with security primarily in mind, for Linux and other UNIX-like systems. It also contains a small POP3 server. It supports mail in both the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. It was discovered that Dovecot did not properly discard connections trapped in the SSL/TLS handshake phase. A remote attacker could use this flaw to cause a denial of service on an IMAP/POP3 server by exhausting the pool of available connections and preventing further, legitimate connections to the IMAP/POP3 server to be made.
0e13ed0ca0865bb4148cdab7442ec2e3cbc2d65acb04cd37108d09f3f118e88c
Red Hat Security Advisory 2014-0789-01 - The mod_wsgi adapter is an Apache module that provides a WSGI-compliant interface for hosting Python-based web applications within Apache. It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. Note: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation.
df6960d3491b83351ea2981cdccc88228741b708fd75b9ad397502a3952d4d4e
Red Hat Security Advisory 2014-0788-01 - The mod_wsgi adapter is an Apache module that provides a WSGI-compliant interface for hosting Python-based web applications within Apache. It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. Note: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation.
57c0800b7f3ba48e76c145bcd7098f16e17916222f694350196c4fe97a356438
Red Hat Security Advisory 2014-0792-01 - Red Hat JBoss Enterprise Web Platform is a platform for Java applications, which integrates the JBoss Web Server with JBoss Hibernate and JBoss Seam. It was found that the org.jboss.seam.web.AuthenticationFilter class implementation did not properly use Seam logging. A remote attacker could send specially crafted authentication headers to an application, which could result in arbitrary code execution with the privileges of the user running that application. The CVE-2014-0248 issue was discovered by Marek Schmidt of Red Hat.
d264fc26b9e87effa16c94b201823aee95d04b749b963f509a2b404fdd55bd4a
Red Hat Security Advisory 2014-0794-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. It was found that the org.jboss.seam.web.AuthenticationFilter class implementation did not properly use Seam logging. A remote attacker could send specially crafted authentication headers to an application, which could result in arbitrary code execution with the privileges of the user running that application. The CVE-2014-0248 issue was discovered by Marek Schmidt of Red Hat.
439b96c02a30c4328b81453d07a7086ec8c6af7f89b4275e8c8731cefb9e9772
Red Hat Security Advisory 2014-0791-01 - Red Hat JBoss Enterprise Web Platform is a platform for Java applications, which integrates the JBoss Web Server with JBoss Hibernate and JBoss Seam. It was found that the org.jboss.seam.web.AuthenticationFilter class implementation did not properly use Seam logging. A remote attacker could send specially crafted authentication headers to an application, which could result in arbitrary code execution with the privileges of the user running that application. The CVE-2014-0248 issue was discovered by Marek Schmidt of Red Hat.
560b97d2370ca4284212130499acba95663b8d20758d8acd8e448914811060d8
Red Hat Security Advisory 2014-0793-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. It was found that the org.jboss.seam.web.AuthenticationFilter class implementation did not properly use Seam logging. A remote attacker could send specially crafted authentication headers to an application, which could result in arbitrary code execution with the privileges of the user running that application. The CVE-2014-0248 issue was discovered by Marek Schmidt of Red Hat.
71f11326c586f5c3601f41424af7061f1e6c23e84b907f4f5fc03198bc4abc09
Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
b2008713dccbaff442909f9725fde99b723311ed09d5cb961a6fa237a372a196
Drupal versions 5, 6, and 7 suffer from a cross site scripting vulnerability.
0a41801d96ef56fb221a470344be2e6815c1304687e4a5802e95ca5896451f33
This Metasploit module exploits an injection vulnerability in Cogent DataHub prior to 7.3.5. The vulnerability exists in the GetPermissions.asp page, which makes insecure use of the datahub_command function with user controlled data, allowing execution of arbitrary datahub commands and scripts. This Metasploit module has been tested successfully with Cogent DataHub 7.3.4 on Windows 7 SP1.
ea90ec1ce02362764c088f9a23d4e3e49eb058ef8047c0f1c9b916a1d71d04e3
ZeusCart version 4.x suffers from a remote SQL injection vulnerability.
14392edcd2386fc3bfa622c4621025b3d4cac45565be688d86e2d5c417ae827b
Red Hat Security Advisory 2014-0786-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
a129a6ab0073091556499735a5f8f8e80ead78b268c608d9656be19c8bbccf5f
Microsoft Dynamics CRM 2013 is susceptible to multiple security vulnerabilities such as cross site request forgery, cross browser, replay, and file upload attacks.
6b2cfd8531debcc4385762b23654dceb2f5f418d1dd4aad882be46f1e63e17e0
r2dr2 is a UDP amplification attack tool for committing DRDoS denial of service attacks.
90aad7c803a9edd43b0a8e6475f9e30fc2f194c5f679e6328122032f306cfc15
TimThumb version 2.8.13 with WebShot enabled suffers from a remote code execution vulnerability.
6c1a5f9fe02b211531e8610b366ae5ef5647ad9b838030ad32e7a11481a4ccac
HP Security Bulletin HPSBHF03052 - Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC), HP Network Products including 3COM and H3C routers and switches running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, modify or disclose information. Revision 1 of this advisory.
b47b3c7f4ac3559bddf86c59b1503433af2a0bfc437cd35375d3a4fc1b150437
This Metasploit module exploits an remote buffer overflow vulnerability on several D-Link routers. The vulnerability exists in the handling of HTTP queries to the authentication.cgi with long password values. The vulnerability can be exploitable without authentication. This Metasploit module has been tested successfully on D-Link firmware DIR645A1_FW103B11. Other firmwares such as the DIR865LA1_FW101b06 and DIR845LA1_FW100b20 are also vulnerable.
450e0c17e9ed8a5889f1222fd8943a072ac89cff24fdb5117836d675f119995d
This Metasploit module exploits an anonymous remote code execution vulnerability on several D-Link routers. The vulnerability exists in the handling of HTTP queries to the hedwig.cgi with long value cookies. This Metasploit module has been tested successfully on D-Link DIR300v2.14, DIR600 and the DIR645A1_FW103B11 firmware.
34fd8be52c6556ed2de772a2ee3aff9ac71be9f460f14eb17c88ae1909383dd4
SpamTitan version 6.01 suffer from a reflective cross site scripting vulnerability.
f3ac07a043a85c59a96327ff59d22880505e159ff1b3503616bcd8dbd5fce37c
This script automates scanning for the Supermicro IPMI/BMC cleartext password vulnerability. It can check full subnets or individual hosts and includes an option to scan via proxy and to view vulnerable hosts listed in ShodanHQ.
e368bb65b92ec2b0491d4f9bcbea58351c46f62c857e2b132316a9843b04816d
Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
25d4bc4e590478b83b26d629bca17049d507bdcc5b7e005af9a4b7b761b33434
Gentoo Linux Security Advisory 201406-21 - Multiple vulnerabilities have been discovered in cURL, the worst of which could lead to man-in-the-middle attacks. Versions less than 7.36.0 are affected.
090b15096d43be2a5496a00652c5582533b2fa4c98c5f69f159e282331632787
Gentoo Linux Security Advisory 201406-20 - A vulnerability has been found in nginx which may allow execution of arbitrary code. Versions less than 1.4.7 are affected.
3e519a84a2acdaf4c4485c9b31a5fdcefeaa8e4c356e434dd87d582ec8ce444e
Gentoo Linux Security Advisory 201406-19 - Multiple vulnerabilities have been discovered in Mozilla Network Security Service, the worst of which could lead to Denial of Service. Versions less than 3.15.3 are affected.
74e12d781dc2269c43a0d713ed2d5e4560d44b59280cef7ff26ff92e33913982
Red Hat Security Advisory 2014-0784-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module, a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user.
2fe962a0ac26681f3b48cc7f43712a45010ac30946e2d8611c69b22787862bf3