FreeBSD Security Advisory - Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch(1) to pass certain ed(1) scripts to the ed(1) editor, which would run commands.
e51056b21bf1261aca861b5f157bbc4e6a512d1bfac5ac420da3eafded8f669eFreeBSD Security Advisory - The input path in routed(8) will accept queries from any source and attempt to answer them. However, the output path assumes that the destination address for the response is on a directly connected network.
6e6f6efe8ccdaea30a1e791ecaa8631267bf969b10fccf2d5ab6051794966af0Microweber version 1.0.3 suffers from an authenticated arbitrary command execution vulnerability. The issue is caused due to the improper verification when uploading files in '/src/Microweber/functions/plupload.php' script. This can be exploited to execute arbitrary PHP code by bypassing the extension restriction by putting the dot character at the end of the filename and uploading a malicious PHP script file that will be stored in '/userfiles/media/localhost/uploaded' directory.
f1cffcc7d9af29ea26cfec8db7c5124e95587a2760677dedfc3ceed4bc68be20Microweber version 1.0.3 suffers from cross site request forgery and stored cross site scripting vulnerabilities.
fd3e529674691ba93a8f91d109f7cc51674224f43685681fb7eadda1a89dbe0cA cross site request forgery vulnerability in the comment form of WordPress versions 3.8.1, 3.8.2, and 4.2.2 allows for administrative impersonation.
09bde7dbd69e0407c983900deddc0b9dca95ac73b0615577e5ae18fe9eb615ceUbuntu Security Notice 2705-1 - Qin Zhao discovered Keystone disabled certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate. Brant Knudson discovered Keystone disabled certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate. Various other issues were also addressed.
562e20b238e38b9c71afcc748894aa1f5d751ae0722e5ca24eb36405f9cf09adUbuntu Security Notice 2704-1 - Rajaneesh Singh discovered Swift does not properly enforce metadata limits. An attacker could abuse this issue to store more metadata than allowed by policy. Clay Gerrard discovered Swift allowed users to delete the latest version of object regardless of object permissions when allow_version is configured. An attacker could use this issue to delete objects. Various other issues were also addressed.
8db03feeaa7eb981bf4b8d968079bfd997f069ce59de6319218290165007e54cUbuntu Security Notice 2703-1 - Bastian Blank discovered that Cinder guessed image formats based on untrusted data. An attacker could use this to read arbitrary files from the Cinder host.
2c7e6089909cd03cabdb33832e99e7a730e87548b3d944b7e6e449d2db188de5Red Hat Security Advisory 2015-1564-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the way the Linux kernel's netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially crafted packets that would initiate the loading of a large number of extensions, causing the targeted system in that network to crash. It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system.
40ede30d6e6cf20dbab081504c2f5e114b04769bab17677d0d0c97032009daf2Red Hat Security Advisory 2015-1565-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the way the Linux kernel's netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially crafted packets that would initiate the loading of a large number of extensions, causing the targeted system in that network to crash. A stack-based buffer overflow flaw was found in the Linux kernel's early load microcode functionality. On a system with UEFI Secure Boot enabled, a local, privileged user could use this flaw to increase their privileges to the kernel level, bypassing intended restrictions in place.
179873d3f9002fb4db51e8b9c22ef1d4b5cb4592c64af9a8c4b6b95906ef2a19Red Hat Security Advisory 2015-1534-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the way the Linux kernel's netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially crafted packets that would initiate the loading of a large number of extensions, causing the targeted system in that network to crash. A stack-based buffer overflow flaw was found in the Linux kernel's early load microcode functionality. On a system with UEFI Secure Boot enabled, a local, privileged user could use this flaw to increase their privileges to the kernel level, bypassing intended restrictions in place.
048d2d5cc4c394bfaaa95fb119f66f3f8d4896e9a5488b77527d6292a1ab8197HPE Security Bulletin HPSBUX03388 SSRT102180 1 - A potential security vulnerability has been identified with HP-UX running OpenSSL with SSL/TLS enabled. This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as Logjam which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
f1baefdd8fc532cad3b81cfd65b89cde5c0b763dce7ec8f780f53b520447f879TRENDnet WPA default keys are constructed insecurely making cracking achievable. In this advisory are links to useful dictionaries for cracking various models affected.
14ea0ec60c2c7c9acb67d3c3f6ab17ec493e3b5ec2c93221dd1cec83e86c45d0A new attack vector against memory de-duplication in Virtual Machine Monitors (VMM) was discovered where attackers can effectively leak randomized base addresses of libraries and executables in processes of neighboring Virtual Machines (VM).
9e6b738d2e5eaffe490fd377d28c69a0a18083b0200b814f25bc8610ba712523Obfuscated execve /bin/sh Linux/x86 shellcode.
032c418457b93cf465d252e8beeb7e6d7ea63cf2404b1127e6e115dcdea6c922WordPress MP3-jPlayer plugin version 2.3.2 suffers from a path disclosure vulnerability.
b8fbb759e7b1e1395decffc5aa185e679dc8ee3e5aea8bf2ca8664c00c24b580
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed