PHP Login and User Management versions 4.1.0 and below suffers from a remote shell upload vulnerability.
bd0631b0840255f200ab219736fbbaaaSecunia Security Advisory - A vulnerability has been reported in IBM Hardware Management Console (HMC) and IBM Systems Director Management Console (SDMC), which can be exploited by malicious, local users to gain escalated privileges.
816c9014a7eab97f8609ba8fb5676b68Ubuntu Security Notice 1539-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system. Various other issues were also addressed.
c6958da0516ad29999afbe85cd2acea0Red Hat Security Advisory 2012-1169-01 - Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. Condor installations that rely solely upon host-based authentication were vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker could bypass the target site's host-based authentication and be authorized to perform privileged actions. Condor deployments using host-based authentication that contain no hostnames or use authentication stronger than host-based are not vulnerable.
98652961eb29280ee0bd37542bef08c1Red Hat Security Advisory 2012-1168-01 - Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. Condor installations that rely solely upon host-based authentication were vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker could bypass the target site's host-based authentication and be authorized to perform privileged actions. Condor deployments using host-based authentication that contain no hostnames or use authentication stronger than host-based are not vulnerable.
1277f8f2a0cb0785eebef8f3580cc2b2This Metasploit module exploits a path traversal flaw in Novell ZENworks Asset Management 7.5. By exploiting the CatchFileServlet, an attacker can upload a malicious file outside of the MalibuUploadDirectory and then make a secondary request that allows for arbitrary code execution.
8c94989c617aa92806f333c02a5ccf9eRed Hat Security Advisory 2012-1165-01 - JBoss Enterprise BRMS Platform is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for JBoss Enterprise BRMS Platform 5.3.0. It includes various bug fixes. The following security issue is also fixed with this release: It was found that the JMX Console did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the JMX Console, into visiting a specially-crafted URL, the attacker could perform operations on MBeans, which may lead to arbitrary code execution in the context of the JBoss server process.
5c84e6f534d6af6121783976efbf43beUbuntu Security Notice 1533-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system. Various other issues were also addressed.
02e3ab665f99c2becbff7af3f76da4d5Ubuntu Security Notice 1532-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system. Various other issues were also addressed.
643e40ef4808b43a2dda3fe2a84ff6d9School Management System version 1.0 suffers from credential and backup disclosure vulnerabilities.
057913cec4bc4ede459d2073ec8dc375Secunia Security Advisory - A vulnerability has been reported in Hitachi JP1/Integrated Management, which can be exploited by malicious people to conduct cross-site scripting attacks.
35d472f808e0cb2b37cc13fed0cf5ccaOracle Business Transaction Management Server version 12.1.0.2.7 suffers from a FlashTunnelService remote file deletion vulnerability.
896c6723e4d3eb5be9d4fa7c77601292Oracle Business Transaction Management Server version 12.1.0.2.7 suffers from a remote code execution vulnerability in the FlashTunnelService WriteToFile message. Proof of concept included.
942dde996f9deaa3c951dcebc0fb416fSecunia Security Advisory - Multiple vulnerabilities have been discovered in the WP Lead Management plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.
ffe53d97f6a59971cc40b16983295479This Metasploit module exploits a vulnerability found in SharePoint Server 2007 SP2. The software contains a directory traversal, that allows a remote attacker to write arbitrary files to the filesystem, sending a specially crafted SOAP ConvertFile request to the Office Document Conversions Launcher Service, which results in code execution under the context of 'SYSTEM'. The module uses uses the Windows Management Instrumentation service to execute an arbitrary payload on vulnerable installations of SharePoint on Windows 2003 Servers. It has been successfully tested on Office SharePoint Server 2007 SP2 over Windows 2003 SP2.
aecf7d89719f33bb3c548cb8e12e80ffThis Metasploit module exploits a remote buffer overflow in the ZENworks Configuration Management. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted packet with the opcode 0x4c (PROXY_CMD_PREBOOT_TASK_INFO2) to port 998/TCP. The module has been successfully tested on Novell ZENworks Configuration Management 10 SP2 / SP3 and Windows Server 2003 SP2 (DEP bypass).
1a33622010827cdca11c0a08502688f0This Metasploit module exploits a remote buffer overflow in the ZENworks Configuration Management. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted packet with the opcode 0x6c (PROXY_CMD_GET_NEXT_STEP) to port 998/TCP. The module has been successfully tested on Novell ZENworks Configuration Management 10 SP2 / SP3 and Windows Server 2003 SP2 (DEP bypass).
6d002a51f579c4b68215ef6f42ba2182Secunia Security Advisory - Three vulnerabilities have been reported Oracle Transportation Management, which can be exploited by malicious, local users to gain knowledge of sensitive information, malicious users to gain knowledge of sensitive information, and malicious people to manipulate certain data.
a82eb6fbd678974a2ea6c9d6c502300aSecunia Security Advisory - Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise Human Resource Management System (HRMS), which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.
9faa813687cb112480e1cffb93d5ab2bThis Metasploit module exploits a remote buffer overflow in the ZENworks Configuration Management 10 SP2. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted packet with the opcode 0x06 (PROXY_CMD_CLEAR_WS) to the 998/TCP port. The module has been successfully tested on Novell ZENworks Configuration Management 10 SP2 and Windows Server 2003 SP2 (DEP bypass).
f34f24fcc433e4b088d9cd6e4754435bThis Metasploit module exploits a remote buffer overflow in the ZENworks Configuration Management 10 SP2. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted packet with the opcode 0x21 (PROXY_CMD_FTP_FILE) to port 998/TCP. The module has been successfully tested on Novell ZENworks Configuration Management 10 SP2 and Windows Server 2003 SP2 (DEP bypass).
152908928a9c6adae51d63c01d75b875Secunia Security Advisory - IBM has acknowledged a weakness and a vulnerability in IBM WebSphere ILOG JRules and IBM WebSphere Operational Decision Management, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks.
1ee3a31e542e10179432880d9284d665Debian Linux Security Advisory 2511-1 - Several security vulnerabilities have been found in Puppet, a centralized configuration management.
fcdba1fd04ebb02566f9813a18b2fc84This Metasploit module exploits a vulnerability in AdminStudio LaunchHelp.dll ActiveX control. The LaunchProcess function found in LaunchHelp.HelpLauncher.1 allows remote attackers to run arbitrary commands on the victim machine. This Metasploit module has been successfully tested with the ActiveX installed with AdminStudio 9.5, which also comes with Novell ZENworks Configuration Management 10 SP2, on IE 6 and IE 8 over Windows XP SP 3.
66c6a3ef11bb525cd8be0342facce81fRed Hat Security Advisory 2012-1060-01 - Cobbler is a network install server. Cobbler supports PXE, virtualized installs, and re-installing existing Linux machines. A command injection flaw was found in Cobbler's power management XML-RPC method. A remote, authenticated user who is permitted to perform Cobbler configuration changes via the Cobbler XML-RPC API, could use this flaw to execute arbitrary code with root privileges on the Red Hat Network Satellite server. Note: Red Hat Network Satellite uses a special user account to configure Cobbler. By default, only this account is permitted to perform Cobbler configuration changes, and the credentials for the account are only accessible to the Satellite host's administrator. As such, this issue only affected environments where the administrator allowed other users to make Cobbler configuration changes.
fe9045b8f0d6abd85965decfc6a0906cDebian Linux Security Advisory 2503-1 - It was discovered that malicious clients can trick the server component of the Bcfg2 configuration management system to execute commands with root privileges.
710de808f5e47c592133b3a940489e9f
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed