CA Technologies Support is alerting customers to multiple potential risks with CA Unified Infrastructure Management. Multiple vulnerabilities exist that can allow an attacker, who has access to the network on which CA UIM is running, to run arbitrary CA UIM commands on machines where the CA UIM probes are running. An attacker can also gain access to other machines running CA UIM and access the filesystems of those machines. The first vulnerability, has a medium risk rating and concerns a hardcoded secret key, which can allow an attacker to access sensitive information. The second vulnerability has a medium risk rating and concerns a hardcoded passphrase, which can allow an attacker to access sensitive information. The third vulnerability has a high risk rating and concerns a lack of authentication, which can allow a remote attacker to conduct a variety of attacks, including file reading/writing. Affected versions include 8.5.1, 8.5, and 8.4.7.
6e99f3fdbc87760f71a42c271a8fbbfbUbuntu Security Notice 3755-1 - It was discovered that GD incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. It was discovered that GD incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service.
56d9031d70fa876968c2b397983064afsqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
f8172574e6c94b3c3fdce9988fe1d65eThis Metasploit module exploits a path traversal via Jetdirect to gain arbitrary code execution by writing a shell script that is loaded on startup to /etc/profile.d. Then, the printer is restarted using SNMP. A large amount of printers are impacted.
330fb84840e2b0a7602e2d3e4c2701b5Ubuntu Security Notice 3753-1 - It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
cf3741f7e3e80b17a174f1f6f5ad3137Couchbase Server allows for authenticated users to send arbitrary erlang code to diag/eval.
1a112ea45d4e8f0f5bcf925e8e4587b6Gentoo Linux Security Advisory 201808-4 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Versions less than 2.20.4 are affected.
5f0385617a3cb454f5a2e9982381b1a2Gentoo Linux Security Advisory 201808-2 - A vulnerability has been found in LXC which may allow for arbitrary file access (read-only). Versions less than 3.0.1-r1 are affected.
508a6a1ce9c1ecac3ddc1b7dac14917aUbuntu Security Notice 3749-1 - Multiple memory safety issues were fixed in Spidermonkey. An attacker could potentially exploit these to cause a denial of service, or execute arbitrary code.
693d2fa8a599799659710831e785b425Debian Linux Security Advisory 4279-1 - Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary (non-user controlled) addresses, including from the kernel and all other processes running on the system or cross guest/host boundaries to read host memory.
aab9fef60b5c6ccfcb3e7fcbbcf56798Debian Linux Security Advisory 4276-1 - Fariskhi Vidyan and Thomas Jarosch discovered several vulnerabilities in php-horde-image, the image processing library for the Horde groupware suite. They would allow an attacker to cause a denial-of-service or execute arbitrary code.
84275deef406d84c7f82d6c07a2ae031Ubuntu Security Notice 3743-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
40cbebca101b1768a0afa00205ce7873Ubuntu Security Notice 3744-1 - Andrew Krasichkov discovered that the PostgreSQL client library incorrectly reset its internal state between connections. A remote attacker could possibly use this issue to bypass certain client-side connection security features. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that PostgreSQL incorrectly checked authorization on certain statements. A remote attacker could possibly use this issue to read arbitrary server memory or alter certain data. Various other issues were also addressed.
af16db35ec128995a527666b5424b03eWordPress Dreamsmiths Themes version 0.0.1 suffers from an arbitrary file download vulnerability.
6e4265ce06a07de135930fa49f47a643OpenEMR version 5.0.1.3 suffers from arbitrary file read, write, and delete vulnerabilities.
8c5ed52e9a7bf67bc17c83f353a1e80fRed Hat Security Advisory 2018-2405-01 - Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift. Security fix: undertow: Client can use bogus uri in Digest authentication spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code Issues addressed include bypass, deserialization, and file disclosure vulnerabilities.
fcabf1b9ef2071fef346c21156d2e61cUbuntu Security Notice 3738-1 - Svyatoslav Phirsov discovered that the Samba libsmbclient library incorrectly handled extra long filenames. A malicious server could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. Volker Mauel discovered that Samba incorrectly handled database output. When used as an Active Directory Domain Controller, a remote authenticated attacker could use this issue to cause Samba to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.
f91f296f4171ef9db9a3a6c30a32bca1Ubuntu Security Notice 3737-1 - A use-after-free was discovered in GDM. A local user could exploit this to cause a denial of service, or potentially execute arbitrary code as the administrator.
38080a9134a5f410aa307c4b5cf0dad7The Microsoft DirectX SDK "Xact3.exe" cross-platform tool allows for arbitrary code execution via a trojan horse file "xbdm.dll" in the current working directory, upon opening a ".xap" project file from the same location.
d7f1056ce3aa140ad0e115c7bf50b3c0Linux Kernel version 4.14.7 (Ubuntu 16.04 / CentOS 7) arbitrary file read exploit with KASLR and SMEP bypass.
3979f56d7a233c067dd58ea0b8242822Debian Linux Security Advisory 4267-1 - Henning Westerholt discovered a flaw related to the To header processing in kamailio, a very fast, dynamic and configurable SIP server. Missing input validation in the build_res_buf_from_sip_req function could result in denial of service and potentially the execution of arbitrary code.
dd023e0140e5b7a2241e9f57d8e6b8f7Ubuntu Security Notice 3730-1 - Matthias Gerstner discovered that LXC incorrectly handled the lxc-user-nic utility. A local attacker could possibly use this issue to open arbitrary files.
2d49f90b6beba33820201e89a4784c25Debian Linux Security Advisory 4260-1 - Several vulnerabilities were discovered in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious CAB, CHM or KWAJ files and use these flaws to cause a denial of service via application crash, or potentially execute arbitrary code.
d755de94a97a35ef3445c6980f25e25cTI Online Examination System version 2 suffers from an arbitrary file download vulnerability.
81e456c42aabfcaaa43e495b8e5dbd5bUbuntu Security Notice 3728-1 - Hanno Boeck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service. Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue to execute arbitrary code. Dmitry Glavatskikh discovered that libmspack incorrectly certain CHM files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
5ec726335cc48f2ac03e2723b19bd374
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed