RedTeam Pentesting discovered that attackers can configure a proxy host and port to be used when fetching print jobs with WebClientPrint Processor (WCPP). This proxy setting may be distributed via specially crafted websites and is set without any user interaction as soon as the website is accessed. Version 2.0.15.109 is affected.
09c0e3cd68348e506a9714a171060413afaa79dbee57b201c4d67e7fd6a31b1c
RedTeam Pentesting discovered that rogue updates trigger a remote code execution vulnerability in WebClientPrint Processor (WCPP). These updates may be distributed through specially crafted websites and are processed without any user interaction as soon as the website is accessed. However, the browser must run with administrative privileges. Version 2.0.15.109 is affected.
16d24709c0cb5cba7e8f5f98b3f1f03545ac4ec24730922aafb7e643bd7c27d7
RedTeam Pentesting discovered that WebClientPrint Processor (WCPP) does not validate TLS certificates when initiating HTTPS connections. Thus, a man-in-the-middle attacker may intercept and/or modify HTTPS traffic in transit. This may result in a disclosure of sensitive information and the integrity of printed documents cannot be guaranteed. Version 2.0.15.109 is affected.
d5d5ce3f3fb5bf4d769947dc95fa513fec9e066196c762f799c032bd2ce628d1
WebClientPrint Processor version 2.0.15.109 suffers from a remote code execution vulnerability via print jobs.
76fbb2cc02917553f3f3564e781c290894efa3b6b06fcd52855df0eeb4b137ec
Backdrop CMS versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability.
3a131c576e912714853a602a6727328fd8a1c421a17ee63b991836fc04035f40
Red Hat Security Advisory 2017-2524-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. The following packages have been upgraded to a later upstream version: ansible. Multiple security issues have been addressed.
33d24d0ae6ef6c520ee5abc9a80f8d042eb685f1a5d9a37ffb1c2af99bff2122
Ubuntu Security Notice 3401-1 - It was discovered that TeX Live incorrectly handled certain system commands. If a user were tricked into processing a specially crafted TeX file, a remote attacker could execute arbitrary code.
e2dd15b88bd511cf338df474d6659910010ee0c046f5ebf774a500cbf8251847
Debian Linux Security Advisory 3951-1 - Sebastian Krahmer discovered that a programming error in the mount helper binary of the Smb4k Samba network share browser may result in local privilege escalation.
f090c64e83c637a740e51341916f0499c6f32755580e47146fb7b8bf082aafbd
Debian Linux Security Advisory 3950-1 - Hossein Lotfi and Jakub Jirasek from Secunia Research have discovered multiple vulnerabilities in LibRaw, a library for reading RAW images. An attacker could cause a memory corruption leading to a DoS (Denial of Service) with craft KDC or TIFF file.
6bd640d22d0636b104d231b80f39fb8bd250f4aa1590299391ca0277bd425d7b
This Metasploit module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated sessions. Registry key modifications are cleaned up after payload invocation. This Metasploit module requires the architecture of the payload to match the OS, but the current low-privilege Meterpreter session architecture can be different. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process. This Metasploit module invokes the target binary via cmd.exe on the target. Therefore if cmd.exe access is restricted, this module will not run correctly.
5643c9d59dd3082682db29197c72dec6efcfecef92c481633dd466d8973ffddb
VMware vSphere Data Protection appliances 5.5.x through 6.1.x contain a known ssh private key for the local user admin who is a sudoer without password.
da43f1b8658e9dca1a899f0e3320cbdd45e21733390f2eee1ad8ce0320ef87ea
This Metasploit module exploits an unauthenticated remote PHP code execution vulnerability in IBM OpenAdmin Tool included with IBM Informix versions 11.5, 11.7, and 12.1. The 'welcomeServer' SOAP service does not properly validate user input in the 'new_home_page' parameter of the 'saveHomePage' method allowing arbitrary PHP code to be written to the config.php file. The config.php file is executed in most pages within the application, and accessible directly via the web root, resulting in code execution. This Metasploit module has been tested successfully on IBM OpenAdmin Tool 3.14 on Informix 12.10 Developer Edition (SUSE Linux 11) virtual appliance.
cb6e9a3b36f0f3954b25245916aa392a5a80294c27ec99178fffa5ccf236d183
BetterCAP is a powerful, flexible, and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.
1b364d7e31be5fa7b5f93eefe76763ad7bd4ac0b7b6bb4af05483157580a9cb9
AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
2d22fcaafb697d13fb5080642c250d008ac33244c5db7ec12ac7a5ae4ecaa708
Red Hat Security Advisory 2017-2493-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. This release provides an update to OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2.
433eb5a4ba8c2a4ffb2b9fdb5aae2ede9d17adb9eef7d9ad9f509286e86517e5
Red Hat Security Advisory 2017-2494-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. This release provides an update to OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2.
5df0cde009ea76fc4d097ec8af7d6914e065e0eb2e8b377de3486c9be15a06b4
Ubuntu Security Notice 3399-1 - Hank Leininger discovered that cvs did not properly handle SSH for remote repositories. A remote attacker could use this to construct a cvs repository that when accessed could run arbitrary code with the privileges of the user.
e23e4f58ae7a4fb2abde5c65507b1ea997de4d014bc53813f98e38b53a87c713
Ubuntu Security Notice 3398-1 - Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
5171bb449a2c30960b248aece49de8e4622c8d0b6b55a34c13fb9f1067da82e7
Red Hat Security Advisory 2017-2492-01 - XML Security Library is a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards "XML Digital Signature" and "XML Encryption". Security Fix: It was discovered xmlsec1's use of libxml2 inadvertently enabled external entity expansion along with validation. An attacker could craft an XML file that would cause xmlsec1 to try and read local files or HTTP/FTP URLs, leading to information disclosure or denial of service.
e8bcf95b5c5ae7a1240f8be1f988de36d99bb4814d5eaf28c6f9b0ad935bf1d5
Ubuntu Security Notice 3400-1 - It was discovered that Augeas incorrectly handled certain strings. An attacker could use this issue to cause Augeas to crash, leading to a denial of service, or possibly execute arbitrary code.
069c31ed3c92aa61e9da9557a3351b78cdf628e2ca68cd856e67f0af67331b0d
Gentoo Linux Security Advisory 201708-8 - An use-after-free vulnerability has been found in bzip2 that could allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.6-r8 are affected.
5253c85b763cf31254a3615b19f2ca67a15a7bef7732e42cd55f6e3f95a14ae1
Disk Pulse Enterprise version 9.9.16 suffers from a buffer overflow vulnerability.
d912d43c81019acbe1933be10d2b6ea8ce752e3e94c51db6a7952e1417a1d4b9
Disk Sorter Enterprise version 9.9.12 suffers from a buffer overflow vulnerability.
97c7ddeef785d663a8b2d6446641dfb2b1d2592d891303c48c05ebcbd80a07e4
Sync Breeze Enterprise version 9.9.16 suffers from a buffer overflow vulnerability.
af2dfa454607dc92428a09464003ca14fa99ef04f1f8c8848a4b9cdd8d1831c3
Apache2Triad version 1.5.4 suffers from session fixation, cross site request forgery, and cross site scripting vulnerabilities.
8b8eebdfe33ae61532f0ab8b2beb38d3db0a8fc43dcbd93aa095cacc5a57b08e