HP Security Bulletin HPSBMU03601 1 - HPE Insight Control server deployment has addressed the following security vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN" which could be exploited remotely resulting in disclosure of information Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) Multiple vulnerabilities that can be exploited locally resulting in Cross-site scripting (XSS), and Information Disclosure. Revision 1 of this advisory.
5d35db5021a3e1e977bf248f0f4d2e0973624f00926593096b12913d74b63dac
VMWare vSphere web client versions 5.1 through 6.0 suffer from a flash cross site scripting vulnerability.
c8bcafc14366eb011661d7807d12b5eae2d46687efbe3ab82c1bfd0c94794b23
Cisco Security Advisory - A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.
422dd95ef9c0a22224d798a49ef218e76220a608771dbadde196bfc3eb0fb2fb
Ubuntu Security Notice 2950-5 - USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. Various other issues were also addressed.
a5115fbeb6574c22cf7909ecfb3b0b6ae9b4be9907873ac8ac4827c6e8dc2822
PHP CRUD version 1.4 comes installed with weakly protected backdoor accounts.
afbdbdccb8b0070e88719f96bce319853dcec0ef7e570a7a2e94806aad01a7d8
Teampass version 2.1.25 suffers from an arbitrary file download.
3edaa0800807b1b4d192d83a6f21a5419b3a9c8e2a27038d5ad01c3ecbf88d59
Teampass version 2.1.25 suffers from an unauthenticated access vulnerability.
fecc638060588bca639b8060b787f342bada3e6c58c51e9584c086a6cc319278
Open-Xchange OX AppSuite versions 7.8.0 and below suffer from cross site scripting, open redirection, and argument injection vulnerabilities.
be81227b99ff680bacfa0f6ca34d199f06524971f330e92cb21190ca6a661f2f
dotCMS versions prior to 3.5 and 3.3.2 suffers from an email header injection vulnerability.
8a2aa086022ce89bb40306dc783a8bd835f0e4f8c1d80ad34fa487953fa9ea7b
Slackware Security Advisory - New libarchive packages are available for Slackware 14.1 and -current to fix a security issue.
8dcafe00750b08175eab4172d9b1dd6a10111253f455b4ecf54c3eee62f4cdbb
Red Hat Security Advisory 2016-1106-01 - jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fix: A heap-based buffer overflow flaw was found in jq's tokenadd() function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system.
4b8ac741815c3c26582c6c9cb2f86adad564f8ed4ceabcfdafdb836b6ab307c1
Bugcrowd's web application suffered from a filter bypass and malicious script insertion vulnerability.
0319346452cc49b60abff62b532b7229e6158e1cfd2951b03b793951d0f38e0e
Dounia Creation version 1.4 suffers from remote SQL injection and weak default password vulnerabilities.
86d6f70b5e494f3c5826be9dac233fac905a3201a90ce9a807f69878d5a9fc37
This Metasploit module exploits an authentication bypass and arbitrary file upload in Oracle Application Testing Suite (OATS), version 12.4.0.2.0 and unknown earlier versions, to upload and execute a JSP shell.
472df2245622a97749e8706f2ba968606decb46822546f51bf7cc6c5391ad65f
Ubuntu Security Notice 2984-1 - It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Hans Jerry Illikainen discovered that the PHP Zip extension incorrectly handled certain malformed Zip archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.
264cfc8cd7257e3fdc5b3ecb5d21a1ddea22e0c427eef2997d33a60a1c152159
HP Security Bulletin HPSBGN03605 1 - A potential vulnerability has been identified in HPE Service Manager. The vulnerability could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
d65b75f5ab641a72a1689f928cc8b1e48e6eab3b06ac1c7255f27b9bc4141865
This Metasploit module exploits a pre-auth file upload to install a new root user to /etc/passwd and an SSH key to /etc/dropbear/authorized_keys. FYI, /etc/{passwd,dropbear/authorized_keys} will be overwritten. /etc/persistent/rc.poststart will be overwritten if PERSIST_ETC is true. This method is used by the "mf" malware infecting these devices.
bb35dd847b4006bfddf6670aa0099dfa601022d89cda1ae234b032fd32276366
PowerFolder version 10.4.321 suffers from a remote code execution vulnerability. Proof of concept exploit included.
0f0efada160c1447152adc09401bed6a535c764c9ce9e56f17fa7b105821aa98
AfterLogic WebMail Pro ASP.NET versions prior to 6.2.7 suffer from an administrator account takeover via an XXE injection vulnerability.
285a356df0342917c10949047f0e7a8de20316652b88f7502badf4e23df2d5c3
Red Hat Security Advisory 2016-1100-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.
b70f2e42ede5e8da8e1e8e7a87cd9775e00d40e084a51ce37fc464b37cd86495
XenAPI for XenForo version 1.4.1 suffers from a remote SQL injection vulnerability.
7c3a37ee9ac8d2b769a495f772ba61c0683b07b2341e2500844b324ffac74676
Debian Linux Security Advisory 3586-1 - It was discovered that a buffer overflow in the XMLRPC response encoding code of the Atheme IRC services may result in denial of service.
aa2e48dd1598aac48f47d914c160293f08d5b7c396bab401c847c24cfdb0235d
Red Hat Security Advisory 2016-1098-01 - jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fix: A heap-based buffer overflow flaw was found in jq's tokenadd() function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system.
e5082f024d9d1cffd20ad196891fab3bec8fae91dbf4d0db215c6bdf68e423d3
Red Hat Security Advisory 2016-1099-01 - jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fix: A heap-based buffer overflow flaw was found in jq's tokenadd() function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system.
78c4251cc04ffbfe8ae9a5c3083f623d6791288c6353f113aab81871dd062679
MediaLink router MWN-WAPR300N suffers from multiple session related issues such as not being able to logout and sessions do not time out. Insecure transport is another issue.
d083f82d3886c34b608717c7e62cbdb88123448dd50ef58ccf95bfc5317898cc