Microsoft Internet Explorer 11 is not following the CORS specification for local files like Chrome and Firefox. Microsoft does not believe this to be a security issue.
d427f830f768b41cde9f338a6e270c5ffdd96617add1cdcfb86beb27d8769480Silverstripe theme Newedge suffers from a cross site scripting vulnerability.
2ad7428ab78125654bb9ea68b2d4509003baf6277ff46bf667722791a214f490This Metasploit module exploits an Object Injection vulnerability in Kaltura. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the context of the web server user. Kaltura has a module named keditorservices that takes user input and then uses it as an unserialized function parameter. The constructed object is based on the SektionEins Zend code execution POP chain PoC, with a minor modification to ensure Kaltura processes it and the Zend_Log function's __destruct() method is called. Kaltura versions prior to 11.1.0-2 are affected by this issue. This Metasploit module was tested against Kaltura 11.1.0 installed on CentOS 6.8.
ba9012dd4f49aefcf4379514160c82dc80f1785189dc8f95974035d6f73830f1This Metasploit module exploits the "diagnostic console" feature in the Metasploit Web UI to obtain a reverse shell. The diagnostic console is able to be enabled or disabled by an administrator on Metasploit Pro and by an authenticated user on Metasploit Express and Metasploit Community. When enabled, the diagnostic console provides access to msfconsole via the web interface. An authenticated user can then use the console to execute shell commands. NOTE: Valid credentials are required for this module. Tested against: Metasploit Community 4.1.0, Metasploit Community 4.8.2, Metasploit Community 4.12.0
4f3bb48177d573f2d188fe4a2e93543cd54f1257e65865784c469730b1b9051bBT Wifi Extenders models 300, 600, and 1200 suffer from a cross site scripting vulnerability.
83936b94e6a31c5e450025084893cfe0398ef6c6e6db76f38eb0bae5f21ba3f2OpenSSL Security Advisory 20160922 - A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected. Other issues were also addressed.
a53149075294f036c481adb55b177d02ac0016e0b66f800b8c0c0007205c8169A malicious sftp server may force a client-side relative path traversal in jsch's implementation for recursive sftp-get allowing the server to write files outside the clients download basedir with effective permissions of the jsch sftp client process. Versions 0.1.53 and below are affected.
dfd3deafc8949119431558bc8219895f763a1d7d6a7b008eccb812e5d19ba8c3Red Hat Security Advisory 2016-1929-01 - The Red Hat Virtualization Manager is a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a User Portal, and a Representational State Transfer Application Programming Interface.
3ee538c0aaa549ab5d18246c3c4622ad49709868320fe43f9a88a24749885c98Ubuntu Security Notice 3086-1 - Gabriel Campana and Adrien Guinet discovered that the format parsing code in Irssi did not properly verify 24bit color codes. A remote attacker could use this to cause a denial of service. Gabriel Campana and Adrien Guinet discovered that a buffer overflow existed in the format parsing code in Irssi. A remote attacker could use this to cause a denial of service.
15c90ebd3e904029fba9881f6dbc8e9e6a410f30e6186de1df8a56ae608cbde0Cisco Security Advisory - A vulnerability in the web interface of Cisco Cloud Services Platform (CSP) 2100 could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of specific values received as part of a user-supplied HTTP request. An attacker could exploit this vulnerability by sending a malicious dnslookup request to the affected system. An exploit could allow the attacker to execute arbitrary code with the privileges of the user. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
8731cd1cbf84584d77f464395b046f1d584283f6f275720ace0f5a8b16adcab6Cisco Security Advisory - A vulnerability in the web-based GUI of the Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerability is due to insufficient sanitization of user-supplied input. An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands. An exploit could allow the attacker to execute arbitrary commands on the host operating system with the privileges of root. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
9343f1c17b903b45ca82ec6c8055e965ee0f731450cf9f75d4a416d56862d7daRed Hat Security Advisory 2016-1912-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.4.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
467f9f0c4185f7eeab096f04d27efb9531ee7b702be7fa9ed85b474eff19cb04Debian Linux Security Advisory 3672-1 - Gabriel Campana and Adrien Guinet from Quarkslab discovered two remotely exploitable crash and heap corruption vulnerabilities in the format parsing code in Irssi, a terminal based IRC client.
97008b1a02dd2b486695cfe1a1215f3399c3acbc97833e9d306ee3feeff887b7Slackware Security Advisory - New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
11a9518b5c9052a5c0386685348fd032806bb820a88ab46029ed0344e430a847HP Security Bulletin HPSBGN03645 2 - Potential vulnerabilities have been identified in HPE Helion OpenStack Glance. The vulnerabilities can be remotely exploited to allow access restriction bypass and unauthorized access. A malicious tenant is able to reuse deleted Glance image IDs to share malicious images with other tenants in a manner that is undetectable to the victim tenant if the Helion OpenStack administrators have both: 1. Edited the policy.json file to allow non-admin tenants to share images with other tenants or edited policy.json to allow non-admin tenants to create public images. 2. Deleted image IDs from the Glance database, either manually or using the purge tool ("glance-manage db purge"). Revision 2 of this advisory.
93d9fa4e73c175cadb2970de87cb2c96d44f75b9068aac11b3f186bfbd90da53HP Security Bulletin HPSBHF03646 1 - Potential security vulnerabilities in NTP have been addressed with HPE Comware 7 (CW7) network products. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or other impacts affecting integrity. Revision 1 of this advisory.
3e4a383f81b8f831a71fee10d049a8ec3ad082e9cef8cad751135dbe0d5d3940Slackware Security Advisory - New irssi packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
303b6bba1b501ca9e9e84c69a28b9a43e05ddfb990b6c0ec607fdf281c521f32Ubuntu Security Notice 3085-1 - It was discovered that the GDK-PixBuf library did not properly handle specially crafted bmp images, leading to a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted bmp file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. It was discovered that the GDK-PixBuf library contained an integer overflow when handling certain images. If a user or automated system were tricked into opening a crafted image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.
b035e6e2ba842dd98dff4d0e3bbbd7aa7e279b8f19c65c0078a8767cabf4b05dSymantec Antivirus includes RAR unpacking memory corruption issues that can lead to remote code execution.
9f57b2a3b52264e8df535a836560985566bdee33f433a00744602c523418b41fMicrosoft PowerPoint 2010 suffers from an invalid pointer dereference vulnerability.
5c7cd7d8e99b6f1f1a0d9fbb154e1948a7c293749f6d7b8665e48d59d78f8193WordPress W3 Total Cache (w3tc) plugin versions 0.9.4.1 and below suffer from a cross site scripting vulnerability.
fd336a5de820d4386bd67cceecd95849541d0a8251cd5a04277ce69a6823f9b8Apple Security Advisory 2016-09-20-6 - The tvOS 10 advisory has been released to describe issues relating to memory corruption, code execution, and more.
ab45f96469bc940b0ae9cf0757fe1cbccc4121a9a24ef6478e6e25e9f26ebe40Exponent CMS versions 2.3.9 and below suffer from a remote blind SQL injection vulnerability.
3e237ec6c00af59c1ddbf878a77aa82dabfd991c656a7c28bd3a59c7ae1da0edApple Security Advisory 2016-09-20-3 - The iOS 10 advisory has been updated to include additional findings. These relate to code execution and more.
d7c5222827e5b762f68b16f83c6d5772f01a5ec22554d1e95d15cfb70a475b92VegaDNS version 0.13.2 suffers from a remote command injection vulnerability.
691f14f46448b114528c54e8b25a49d68c7140203e7d8634eb7318d2424b2d4a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed