UNA version 10.0.0 RC1 suffers from a persistent cross site scripting vulnerability in polyglot.php.
e5256b578b274aaf68a41ee33a072fae920639e4f32a32ad3e061c9f3af6ca4bF5 ships a public/private key pair on BIG-IP appliances that allows passwordless authentication to any other BIG-IP box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root.
6ac4496033f2428dbb162f6a1981e581a57e0ffa587cd8f0dc742fc39045f66eZero Day Initiative Advisory 12-091 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists because Symantec Web Gateway allows unauthenticated users to upload a file while preserving the file extension. This allows users to upload additional script files that can be used to execute remote code from user supplied commands under the context of the webserver.
e6455c20b1364db65ee13fb4709268297326339c75eaaeafc7611ed4f8084cddZero Day Initiative Advisory 12-090 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists due to insufficiently filtered user-supplied data used in a call to exec() in multiple script pages. The affected scripts are located in '/spywall/ipchange.php' and 'network.php'. There is also a flaw in '/spywall/download_file.php' that allows unauthenticated users to download and delete any file on the server.
27dcc990753c286009309447bb9c72ba6733589421579106d30bc8c69f3a95efThis Metasploit module can be used to execute arbitrary commands on IIS servers that expose the /msadc/msadcs.dll Microsoft Data Access Components (MDAC) Remote Data Service (RDS) DataFactory service using VbBusObj or AdvancedDataFactory to inject shell commands into Microsoft Access databases (MDBs), MSSQL databases and ODBC/JET Data Source Name (DSN). Based on the msadcs.pl v2 exploit by Rain.Forest.Puppy, which was actively used in the wild in the late Ninties. MDAC versions affected include MDAC 1.5, 2.0, 2.0 SDK, 2.1 and systems with the MDAC Sample Pages for RDS installed, and NT4 Servers with the NT Option Pack installed or upgraded 2000 systems often running IIS3/4/5 however some vulnerable installations can still be found on newer Windows operating systems. Note that newer releases of msadcs.dll can still be abused however by default remote connections to the RDS is denied. Consider using VERBOSE if you're unable to successfully execute a command, as the error messages are detailed and useful for debugging. Also set NAME to obtain the remote hostname, and METHOD to use the alternative VbBusObj technique.
382234f494b3e6be1ceaa9dc39e8b06bf8faad703997a8f0eec9259b5d187113The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
9c16c6cc30e22732c7b928b01088f86c4f085521f0bfb79c1767d04fbea1d1c6HP Security Bulletin HPSBUX02784 SSRT100871 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.
c8cd23f3678147e9687ce204ce5796798aa365b0cbd0273a21667ba087d2b32dCisco Security Advisory - Cisco IOS XR Software contains a vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP440) and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric. Cisco has released free software updates that address this vulnerability.
fff41f08fd976df15727676fbdf3534859a2336101b9fdcdc8160a445d8bf795Apache Commons Compress versions 1.0 through 1.4 and Apache Ant versions 1.5 through 1.8.3 suffer from a denial of service vulnerability. The bzip2 compressing streams in Apache Commons Compress and Apache Ant internally use sorting algorithms with unacceptable worst-case performance on very repetitive inputs. A specially crafted input to Compress' BZip2CompressorOutputStream or Ant's <bzip2> task can be used to make the process spend a very long time while using up all available processing time effectively leading to a denial of service.
764b4680811098ad5654daa7aacc0274f9de6ab81bef5b8286b792367f7e802cPHPCollab version 2.5 suffers from an unauthenticated file upload vulnerability.
b659409d571a68a9b67a3701abfc25188156d0e9e9e283e902fe7b44fa58cec0PHPCollab version 2.5 suffers from an unauthenticated database backup download vulnerability.
9a46856d1ef2f65839de2f080ba3af5ea42fd6478ae04438b9ce383fffe5a549Debian Linux Security Advisory 2477-1 - Several vulnerabilities have been discovered in Sympa, a mailing list manager, that allow to skip the scenario-based authorization mechanisms. This vulnerability allows to display the archives management page, and download and delete the list archives by unauthorized users.
37cb6256cfe6274a5cb1a1b9b1e0069e644afac7767a82dbb30bc47bf7edababSecunia Security Advisory - A security issue has been reported in iLunascape for Android, which can be exploited by malicious people to bypass certain security restrictions.
3d982947ccd530967d72e8709da18e0c4a242698a739698220be334a6d6179ceThe Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
16900475f719f8394ae99a19bad4cf17fa77baa7b0eaea068548cdbae183151cHP Security Bulletin HPSBOV02780 SSRT100766 - A potential security vulnerability has been identified with OpenVMS ACMELOGIN when SYS$ACM system service for authentication is enabled. The vulnerability could be locally exploited to allow unauthorized access and increased privileges. Revision 1 of this advisory.
6c5294cf2ec6ac1543b4bd7cf33a0f5a1880b30f46ebeac990527d00fadea9a5HP Security Bulletin HPSBUX02777 SSRT100854 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote Denial of Service (DoS), unauthorized modification and disclosure of information. Revision 1 of this advisory.
2cc74a2a5e99e58215f13d95e8b49783618308eb6d3e4abfe71dd4568d72d61eA vulnerability is caused due to an integer overflow error in the vclmi.dll module when allocating memory for an embedded image object. This can be exploited to cause a heap-based buffer overflow via, for example using a specially crafted JPEG object within a DOC file. OpenOffice.org 3.3.0 and 3.4 beta users are advised to upgrade to Apache OpenOffice 3.4. Users who are unable to upgrade immediately should be cautious when opening untrusted documents.
9b9385109737f1c4e076d9b046209fed8fd0d8cc5001274e0f5a3f2bbb355d40Mandriva Linux Security Advisory 2012-068 - PHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files. A remote unauthenticated attacker could obtain sensitive information, cause a denial of service condition or may be able to execute arbitrary code with the privileges of the web server. It was discovered that the previous fix for the CVE-2012-1823 vulnerability was incomplete. The updated packages provides the latest version which provides a solution to this flaw.
5f07bbe61bf5a454e33f2bc2bed0f93359504f04f545248be27c70f9cec98327Core Security Technologies Advisory - SAP Netweaver is a technology platform for building and integrating SAP business applications. Multiple vulnerabilities have been found in SAP Netweaver that could allow an unauthenticated, remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered sending specially crafted SAP Diag packets to remote TCP port 32NN (being NN the SAP system number) of a host running the "Dispatcher" service, part of SAP Netweaver Application Server ABAP. By sending different messages, the different vulnerabilities can be triggered.
84108ccf75a417b942e0291cf7c3798ea4c264ddce271305c260f4c3931d47e5Ubuntu Security Notice 1439-1 - Matthias Weckbecker discovered a cross-site scripting (XSS) vulnerability in Horizon via the log viewer refresh mechanism. If a user were tricked into viewing a specially crafted log message, a remote attacker could exploit this to modify the contents or steal confidential data within the same domain. Thomas Biege discovered a session fixation vulnerability in Horizon. An attacker could exploit this to potentially allow access to unauthorized information and capabilities. Various other issues were also addressed.
7b70699a65f9988c4c343caffced00dfe13277d783584ab531944622f4ea9fbaHP Security Bulletin HPSBMU02770 SSRT100848 - Potential security vulnerabilities have been identified with HP Insight Management Agents for Windows Server. The vulnerabilities could be exploited remotely resulting in cross site request forgery (CSRF), cross site scripting (XSS), URL redirection, unauthorized modification, and Denial of Service (DoS). Revision 1 of this advisory.
1a187ac2c37a3636dcd170dae015d6bfd3eadef2a9c915970b3725a3b7906c3eWebsense (Triton version 7.6) suffers from an unauthenticated remote command execution vulnerability as SYSTEM.
f645a7caf1ec5fabb47c1071d27be9fb15b3446fd7b8739afcce59b8eb6a2056The ACTi Web Configurator 3.0 for ACTi IP Surveillance Cameras contains a directory traversal vulnerability within the cgi-bin directory. An unauthenticated remote attacker can use this vulnerability to retrieve arbitrary files that are located outside the root of the web server.
cd526d96e19262e3b3c0e25617019f84a594ac02d555f92b3a0491802618f9b0HP Security Bulletin HPSBPI02728 SSRT100692 6 - In November, 2011, a potential security vulnerability was identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. This revision, version 6, of the Security Bulletin announces the availability of firmware updates for additional devices.
6b9303b4257f0a92fb10e6843f9b596fd3b0ff2087609043ce342140b4a101adSecunia Security Advisory - Mavituna Security has discovered two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
99e4a80d2911f5d23e18a8a9ef3c053eb989085192b6b620ab1e5f44ad95aca8Secunia Security Advisory - Mavituna Security has discovered a vulnerability in Exponent CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
6b93b50373c08f0695b7705c828a1b2e88bd559a718e31dfdac19c79f82319e0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed