Fiyo CMS version 2.0.2.1 suffers from multiple persistent cross site scripting vulnerabilities.
5732fdfc5011b9dc19c8c8eaf3c4b3828bf0fc3780fe9b88c196adbe676b6107When accessing resources via the ServletContext methods getResource() getResourceAsStream() and getResourcePaths() the paths should be limited to the current web application. The validation was not correct and paths of the form "/.." were not rejected. Note that paths starting with "/../" were correctly rejected. Apache Tomcat versions 6.0.0 through 6.0.44, 7.0.0 through 7.0.64, and 8.0.0.RC1 through 8.0.26.
b1f753e54e5215e5b5e3807834777c09565ba6a20e0a2b3c9fb5433a181e671aThe index page of the Manager and Host Manager applications included a valid CSRF token when issuing a redirect as a result of an unauthenticated request to the root of the web application. This token could then be used by an attacker to construct a CSRF attack. Apache Tomcat versions 7.0.1 through 7.0.67, 8.0.0.RC1 through 8.0.31, and 9.0.0.M1 are affected.
cac499db9a90243eb7e3a3ae64996e75bfc026156676e4f5e2b513a78ec60214The StatusManagerServlet could be loaded by a web application when a security manager was configured. This servlet would then provide the web application with a list of all deployed applications and a list of the HTTP request lines for all requests currently being processed. This could have exposed sensitive information from other web applications such as session IDs to the web application. Apache Tomcat versions 6.0.0 through 6.0.44, 7.0.0 through 7.0.67, 8.0.0.RC1 through 8.0.30, and 9.0.0.M1 are affected.
881ae95f3222d34f23b6f66acf5f6fe6bc505df9c7afff2901307b8b3b3a741fDell OpenManage Server Administrator version 8.2 suffers from an authenticated directory traversal vulnerability.
f79a0b4fd92e8976403bd4b3878b355070b977051c0ec9f4ffe8fe936a2be51dWhen recycling the Request object to use for a new request, the requestedSessionSSL field was not recycled. This meant that a session ID provided in the next request to be processed using the recycled Request object could be used when it should not have been. This gave the client the ability to control the session ID. In theory, this could have been used as part of a session fixation attack but it would have been hard to achieve as the attacker would not have been able to force the victim to use the 'correct' Request object. It was also necessary for at least one web application to be configured to use the SSL session ID as the HTTP session ID. This is not a common configuration. Apache Tomcat versions 7.0.5 through 7.0.65, 8.0.0.RC1 through 8.0.30, and 9.0.0.M1 are affected.
f04a5470641204db89ec17e9b80c496ffce8bd8aae7f2efd4bc0229158a89b21Apache Tomcat provides several session persistence mechanisms. The StandardManager persists session over a restart. The PersistentManager is able to persist sessions to files, a database or a custom Store. The Cluster implementation persists sessions to one or more additional nodes in the cluster. All of these mechanisms could be exploited to bypass a security manager. Session persistence is performed by Tomcat code with the permissions assigned to Tomcat internal code. By placing a carefully crafted object into a session, a malicious web application could trigger the execution of arbitrary code. Apache Tomcat versions 6.0.0 through 6.0.44, 7.0.0 through 7.0.67, 8.0.0.RC1 through 8.0.30, and 9.0.0.M1 are affected.
d8b973e72649ee49a60e92929010021e4dfc8736401a1288bdb928d8309d8597ManageEngine Firewall Analyzer version 8.5 suffers from a remote SQL injection vulnerability.
203b6cdf8a8826ec7dc6dc08b58ffe98cd59dcd74b8ded9ec3ce4969545c2a02PLANET IP surveillance camera model ICA-5350V suffers from authentication bypass, cross site request forgery, cross site scripting, arbitrary file read, hardcoded credential, and local file inclusion vulnerabilities.
9760b0ddcfb05af2b4f17976ad5b7b98e7d7ce2e5fee368b40236d57d5e5a7b7SOLIDserver versions 5.0.4 and below suffer from a local file inclusion vulnerability.
01fe2fec29a6447d363278aed3981ba0efe470dabc0e35b81ca17d0daae55ab6SamenBlog Weblog Service suffers from cross site request forgery and cross site scripting vulnerabilities.
68b5084457f76fb3532f45c3afce9726fa50bde054a8ae2bf5a8047cfa6d3a81E-Cidade suffers from a path traversal vulnerability.
627a5e737562ff52b9fcd20e8d27159fb5a876854f062d1aa3897b98a610fd5aThru Managed File Transfer Portal version 9.0.2 suffers from an insecure direct object reference vulnerability in the contacts list functionality.
04bf2eec97770c7bbdcc28f9522714c4b0542d404957116ca9741cfcd118f04aThru Managed File Transfer Portal version 9.0.2 suffers from an insecure direct object reference vulnerability in the upload functionality.
f0fc879814ce1f79dd42f81a3bfde9648a14d4d21f9c544a934eff7660ae4c39The Thru Managed File Transfer application version 9.0.2 allows both unauthenticated and authenticated users to upload files, including viruses.
178fc60f24aa280af3d976a9ac3ef913d89f1c7872bc906e522d80c60a97306bThru Managed File Transfer Portal version 9.0.2 suffers from an insecure direct object reference vulnerability that references log data.
2147fd1a7ff3b5ec34b6336e5ee66f68da4bfc155effb2b3a760db009af938d9Avast versions 11.1.2245 and below suffer from a heap overflow bug in the Avast Virtualization kernel mode driver (aswSnx.sys).
2c796139cc9e2722f6b6c01834bdd5bbb89e28eec134eb6c447b41be2bb893a4BlackBerry Enterprise Service 12 (BES12) Self-Service suffers from cross site scripting and remote SQL injection vulnerabilities.
bccb524b4e8c8a2a544b1ac425471a5dfdcadc43ccf9ad6bad80a14bece9af97Drupal version 8.0.x-dev suffers from a cross site scripting vulnerability on IE8 and older versions.
6033651a038afbdd206da94672f053201eacaf29cd9cdb3888fc615957ea8087Novell Filr version 1.2.0 build 846 suffers from a cross site scripting vulnerability.
86b28f39cecdb7be563acb8a2f24c7e992a2c156cabd954c2ee3d4d4d3b8da2dThru Managed File Transfer Portal version 9.0.2 suffers from a remote SQL injection vulnerability.
e5c2bd00a93ce0b886ab5d27c5ecc5d879763a1889a4729da8faf34af093fd77Red Hat Security Advisory 2016-0277-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.
16f8193295d41539b260186af779c496a1c336c7b0b9f4d88547042401772ac9Thru Managed File Transfer Portal version 9.0.2 suffers from a cross site scripting vulnerability.
e0c6c0e9ba1dfbb79a77ae2d57381ec098b0846532313373f1f0ef0c0886b5c6Debian Linux Security Advisory 3484-1 - Stepan Golosunov discovered that xdelta3, a diff utility which works with binary files, is affected by a buffer overflow vulnerability within the main_get_appheader function, which may lead to the execution of arbitrary code.
092897d5c817b1aa740e90a25d1710b333227949f37d0ba18586704e0de5f3adDebian Linux Security Advisory 3483-1 - Gustavo Grieco discovered an out-of-bounds write vulnerability in cpio, a tool for creating and extracting cpio archive files, leading to a denial of service (application crash).
982b4436bbc04685bb4ec3b4e6989b7d0ec39eca9cd6ba847333f9b2f46a73ea
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed