This advisory details a vulnerability found within Kaseya Browser Android application. A path traversal vulnerability was discovered within an exported content provider, resulting in the disclosure of arbitrary files, including internal application files.
cd0eed73304887bcbc11bac4f7dca27d8f196f11666aa9eebef47a9489785ca8This advisory documents proof of concept flows for manipulation the HTML tag injection vulnerability discovered in Signal Desktop. Versions affected include 1.7.1, 1.8.0, 1.9.0, 1.10.0, and 1.10.1.
5f9aa1e1147648a40479bc5b43a72f60f8b6d73aedadd62e3613fc7f5288b2b5This advisory describes a buffer overflow found in Huawei P8 Lite ALE-21 HI621sft, operating system versions EMUI 3.1 - wkupccpu debugfs driver.
d40d38e0a9f14578c574f26fe0869def5ba0555d6b646ec1c96d3aea5c4ed0ceThis advisory discusses a Microsoft Windows kernel pool memory disclosure into NTFS metadata ($LogFile) in Ntfs!LfsRestartLogFile.
79957168f93861bbb46f21290a78b65b360080d54ec073682cd4e16fbff74b4bThis advisory describes a local privilege escalation via guest-account in LightDM found in Ubuntu versions 16.10 / 16.04 LTS.
7eb1528e323459cf945e526fa778e82b210bbab5581e8b3874acbbb6985be89bThis advisory discloses a critical severity security vulnerability which was introduced in version 1.4.1 of Crowd. Versions of Crowd starting with 1.4.1 before 2.8.8 (the fixed version for 2.8.x) and from 2.9.0 before 2.9.5 (the fixed version for 2.9.x) are affected by this vulnerability. The Crowd LDAP directory connector allowed an attacker to gain remote code execution in Crowd by injecting malicious attributes in LDAP entries.
00e91976667b938daa14e3aa6743fb0498e57d84e1eb456c7cb1f29f942fcf81This advisory discloses a critical severity security vulnerability which was introduced in version 2.3.1 of Bamboo. Versions of Bamboo starting with 2.3.1 before 5.11.4.1 (the fixed version for 5.11.x) and from 5.12.0 before 5.12.3.1 (the fixed version for 5.12.x) are affected by this vulnerability.
dbfb17c0ede40ea6f49b801493783efdda5b7f9fcc1178a440c9e193c5f682f4Bamboo suffers from deserialization and missing authentication check vulnerabilities. This advisory discloses multiple critical severity security vulnerabilities of which the earliest vulnerability was introduced in version 2.3.1 of Bamboo. Versions of Bamboo starting with 2.3.1 before 5.9.9 (the fixed version for 5.9.x) are vulnerable.
27f3a84e5ff5328e43491d29c853f00c327b6ccf574c0b242b8a87e43667a2daThis advisory details multiple vulnerabilities found within the Kaseya BYOD Gateway software. By chaining a combination of lacking SSL verification, poor authentication mechanisms and arbitrary redirection vulnerabilities, a malicious entity may potentially compromise any Kaseya BYOD installation. The Kaseya BYOD Gateway software uses a redirection feature, wherein users are redirected to their local Kaseya installation via Kaseya's hosted servers. The update request from the BYOD Gateway software to the Kaseya hosted servers was not found to verify SSL certificates and fails to implement any form of authentication, instead relying on the length of the gateway identifier to provide security. Thus, the security of the solution depends on an attacker's ability to enumerate the gateway identifier. Once a malicious user enumerates the Gateway identifier, then they may update the redirect rule for that customer in Kaseya's hosted servers, redirecting customers to a malicious Kaseya BYOD Gateway. Version 7.0.2 is affected.
84b242264d948879e1883fb40c965edd3e0f9240397d1c5870d701482625f9beThis advisory discusses open redirect issues in Facebook, both old and new.
4aa7a6ba3a89f57a83a96ba40e358dfc5dc69f38da33da44ddb91cbefd30001bThis advisory discusses a weak cryptography implementation in NRPE, the remote monitoring agent distributed with Nagios.
9513ca804b2266816b1f59df17644a5e411eb0d568e52e7f93c445b9e778b63cThis advisory documents the 17th PayPal bug bounty Vulnerability Labs received for a cross site scripting vulnerability.
c3159303306fc3e4bd5a3833fb174c160953470d614af33b1969327a5efddea0This advisory documents the Oracle Web Logic Node Manager UNC path remote file execution exploitation details.
daaffc0bec7c483c0d88adc5451469a0a0532e7447405434739568711c8fe617This advisory discusses a re mote scripting injection issue with Skype on Mac OS X.
709d209d6b139b30f4f885a39c7413251dcb2f639592c6e221e4bcd8027a2517This advisory documents a large amount of remote file inclusion vulnerabilities in numerous Joomla components.
58b131c80a539ceae3408fb3b0abcf155b28e84326413db44b9b2eb5a5ab76a6Core Security Technologies Advisory - This advisory describes multiple vulnerabilities based on quirks in how Windows handles file names. Nginx, Cherokee, Mongoose, and LightTPD webservers suffer from related vulnerabilities. Details are provided.
d14c8eb014b778de314270ccadfa10820be40c7e4cb58c2ae40cd08b564722b4Core Security Technologies Advisory - This advisory describes two vulnerabilities that provide access to any file stored in on a user's desktop system if it is running a vulnerable version of Internet Explorer. These vulnerabilities can be used in attacks combined with a number of insecure features of Internet Explorer to provide remote access to locally stored files without the need for any further action from the victim after visiting a website controlled by the attacker.
c800a9c7100145533df8300c9ca9eb4514a7c1bea12adc78a2c14e81e1b7f5a6This advisory documents vulnerabilities in the HMS HICP protocol as well as an Intellicom NetBiterConfing.exe remote stack overflow vulnerability. Proof of concept code included.
568bd797eaf1f7ed214afde142e6f10f82177d14ce3e3f83f9c7be7f09b32e90This advisory discusses the idea of leveraging ftp using the likes of a cross site request forgery attack.
7fb17ffceff5669295410473648b9b821097dd9a109cceaa4c8721d590ce1646This advisory discusses the filetype.vim vulnerability in Vim version 7.2b.10 that allows for arbitrary code execution and also notes that the Vim patch 7.1.300 did not fix the vulnerability.
ce5ac1fb0fa0e4f7d6ca3213e51c52d637564fd39e7c05602f63456e5bd83fcdThis advisory describes a vulnerability that affects Toshiba Bluetooth Host Stack implementations up to version 4.0.23. A vulnerability has been discovered that enables the attacker to remotely perform a denial of service (DoS) against the host.
afac835d95351affa9150b1c3de9d4648a67d9b51242cbbca4586e35acbec055This advisory documents an anomaly involving Microsoft's Wireless Network Connection. If a laptop connects to an ad-hoc network it can later start beaconing the ad-hoc network's SSID as its own ad-hoc network without the laptop owner's knowledge. This can allow an attacker to attach to the laptop as a prelude to further attack.
78cd0166cc3fdf94d948b2a5271ecace8556a14b625a9e730b15c0da1b9c63faDuring the development of the Hardening-Patch which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered. This advisory describes one of these flaws concerning a weakness in the file upload code, that allows overwriting the GLOBALS array when register_globals is turned on. Overwriting this array can lead to unexpected security holes in code assumed secure. This vulnerability can allow for remote PHP code execution. Affected versions are PHP4 versions 4.4.0 and below and PHP5 versions 5.0.5 and below.
f8dc972de9ab9723e24e079bb1aa1db52acccf6b34d75a662360600fa9ba97a0During the development of the Hardening-Patch which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered. This advisory describes one of these flaws concerning a weakness in the implementation of the parse_str() function. Under certain conditions triggering the memory_limit request shutdown during a parse_str() call will result in the core of PHP believing that the register_globals directive is turned on (for the rest of the lifetime of the involved webserver process). This may allow an attacker to exploit security flaws in PHP applications that exist due to uninitialized global variables. Affected versions are PHP4 versions 4.4.0 and below and PHP5 versions 5.0.5 and below.
10f101097fd39138422e2a7874bdb94d072b4fbdce038e8405003d6abe5001f5Yager, an online air-combat simulation game, is vulnerable to several overflows as well as several Denial of Service attacks. This advisory details issues in versions up to 5.24.
3e9e1377c6d538e2c6ab12326ddfb1a9889cb7aee4dbb8d4f3c1fecd7afb77aaDebian Security Advisory 569-1 - invalid free(3) in netkit-telnet-ssl. This advisory describes patching for a hole found in netkit-telnet-ssl which may allow for remote code execution as whatever user runs telnetd, which would typically be the telnetd user. The issue is corrected in 0.17.17+0.1-2woody2 (stable) or 0.17.24+0.1-4 (unstable). Issue discovered by Michal Zalewski.
4c9cedabacc6129768c28a491660d95ee2da7fdf06dfe2847138a00934f1b34f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed