It was discovered that the session tokens in EMC Secure Remote Services Virtual Edition are Base64 encoded XML tokens that lack any cryptographic protection. Due to this it is possible for attackers to create their own session cookies. Attackers with network access (insiders) to the ESRS Web Portal can exploit this issue to gain unauthorized access to the management interface.
151cc56ac265671c750c63e5338bd4cbdd1d2ba6148271d1080ba9484f3b172aEMC Documentum Content Server contains multiple vulnerabilities that could be exploited by malicious users to compromise the Content Server in several ways.
95830881705d0d2408b47ceb7001260e614677f1858c088afc5e0922d3a4aee9RSA Archer GRC platform contains fixes for multiple cross site request forgery vulnerabilities that could potentially be exploited by malicious users to perform unauthorized actions on behalf of authenticated users of the application.
959a33a5b9f33dbce4f82531607aa009fbef57c91009bfcaa6085f4d703795d5Ubuntu Security Notice 2711-1 - It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
637f1672470959d86194903a05d03503644b70c98bc272b459ef69a1bfc19637This is a fun write-up detailing vulnerabilities in Oracle products discovered by the security community and how Oracle CSO Mary Ann Davidson's math on the subject just does not add up. No surprise there.
2da1fcf5b8f0090fe5d0ec336bb7d93cd663a84c8ff4ad87b305664d9081d629This Metasploit module exploits three separate vulnerabilities in Symantec Endpoint Protection Manager in order to achieve a remote shell on the box as NT AUTHORITY\SYSTEM. The vulnerabilities include an authentication bypass, a directory traversal and a privilege escalation to get privileged code execution.
55479cb3065f838f82cc61df0c4fdee54d41ee44aace24351aecba453e3be8c5This Metasploit module exploits a stack based buffer overflow in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC file. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing a user of VideoCharge Studio to open a malicious .VSC file.
5afb52ddd9c049208eb1441710497e2625b20e4833296328ac22be987e5b2017This Metasploit module will exploit the Werkzeug debug console to put down a Python shell. This debugger "must never be used on production machines" but sometimes slips passed testing. Tested against 0.9.6 on Debian, 0.9.6 on Centos, 0.10 on Debian.
c66135298bdbc3ecf2b75f9d3d628a64cee1d120ca05cf2ddac7c252fa2aba07RSA BSAFE Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C all suffer from various crypto, denial of service, and underflow vulnerabilities.
249db2924aab5ee66f78a2cea495509bc66d1e874798148d85df7a38d50f16a4Gentoo Linux Security Advisory 201508-3 - A bug in the Icecast code handling source client URL authentication causes a Denial of Service condition. Versions less than 2.4.2 are affected.
7d860a37ca2e6eb7705507bfb6605db340741515e8d65938618a23309044f202Gentoo Linux Security Advisory 201508-2 - Multiple vulnerabilities have been found in libgadu, the worst of which may result in execution of arbitrary code. Versions less than 1.12.0 are affected.
ac6323304dec7a73e7b87d81f49e9a488514b085986f013e99182e85aa74812fGentoo Linux Security Advisory 201508-1 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.508 are affected.
0847bbaee6df81c0c128448e66176965e633dd961c717381e4b388a8b8ad5416Red Hat Security Advisory 2015-1635-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts.
a0efdeb75f1c30ee358397a36729d3fe23e95d4dc3424a9aa6ec32de06cdaf97Red Hat Security Advisory 2015-1634-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.
e2762eea5beb5fd075760c1b0b8af959cd5f3c3de8d5ef879e22ec6715b97e02Red Hat Security Advisory 2015-1633-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. An assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server to crash.
d091320b57163b4490f94feff3ef41c63366f20353500a6e770c256ec6180c43Red Hat Security Advisory 2015-1631-01 - Red Hat Ceph Storage is a massively scalable, open, software-defined storage platform that combines the most stable version of Ceph with a Ceph management platform, deployment tools, and support services. It was discovered that ceph-deploy, a utility for deploying Red Hat Ceph Storage, would create the keyring file with world readable permissions, which could possibly allow a local user to obtain authentication credentials from the keyring file. ceph has been upgraded from v0.80.8.1 to v0.80.8.2.
fe73ad4a770c72f8100654d86047b20f029b23f77a092e0e02e9755c7903b274Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 to fix security issues.
ddd1377dc71f5d5573e3e5e113250659fa5106c15a9db1996d2a264f41de8a60Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.
c5563a7464d928ff21dd335904c774ff47e54780fa40f3c9603723d7ca88c81cRed Hat Security Advisory 2015-1630-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server.
31d5def2c42016aa18d489eedd4022a3fdb32f470a20bed0708b9c3529e62a47Red Hat Security Advisory 2015-1629-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server.
193f2f3152d15e39225d22426ed2be7c4dea32eaf1a7cf33d2bced97b5f15dc4Red Hat Security Advisory 2015-1628-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server.
a51eb1ee58883d7b18206e0a8a5b2389573c95a87c5662f85dd577031dafa293Red Hat Security Advisory 2015-1627-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. An invalid free flaw was found in glibc's getaddrinfo() function when used with the AI_IDN flag. A remote attacker able to make an application call this function could use this flaw to execute arbitrary code with the permissions of the user running the application. Note that this flaw only affected applications using glibc compiled with libidn support.
09824f32e3805a9e1048366162b64a1f26104e46bb0ac50ac2b3cfa92168bbebSagemcom F@ST 3864 V2 suffers from a remote administrative password disclosure vulnerability.
4785f978ec11eae3cb7d66c426a2da4745f92845b090dd7546527e3baa917392Microsoft Windows HTA (HTML Application) remote code execution exploit that leverages MS14-064.
b64cfa67cfacfa43395c6d7db885dc72105cb1baf59dcf8b104e0c9985ebcbe7Various Comtrend routers suffer from cross site request forgery vulnerabilities.
e075f47c52d3263edf9bcad894a9d0275e22ef6410176b35861b5f4f4b21a56c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed