HP Security Bulletin HPESBHF03812 1 - Security vulnerabilities have been identified in HPE Intelligent Management Center (iMC) PLAT with Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled. The vulnerabilities could be remotely exploited to allow unauthorized disclosure of information, unauthorized modification, and disruption of service. Revision 1 of this advisory.
5af8824c4fd123a46515b3846cddaab5PACSOne Server version 6.6.2 DICOM Web Viewer suffers from a directory traversal vulnerability.
aab54ae9c1c72eafc7ac0fa76de6103cPACSOne Server version 6.6.2 DICOM Web Viewer suffers from a remote SQL injection vulnerability.
a723260c11419cbbff27fef292923863Sophos Web Gateway version 4.4.1 suffers from a persistent cross site scripting vulnerability.
45f65498ed379818369f240076c5d2c3Debian Linux Security Advisory 4096-1 - Several security issues have been found in the Mozilla Firefox web overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or URL spoofing.
0fb0ce092bc36cd7a01a1481351466efUbuntu Security Notice 3544-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP credentials for another origin, spoof the addressbar contents, or execute arbitrary code. Various other issues were also addressed.
3512dddb5483e5d2d278b7c8faf4c5d7Red Hat Security Advisory 2018-0122-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.6.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
5035d13797b2d7eed962a6629407db7dThis Metasploit module exploits an Object Injection vulnerability in Kaltura. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the context of the web server user. Kaltura makes use of a hard-coded cookie secret which allows to sign arbitrary cookie data. After passing this signature check, the base64- decoded data is passed to PHPs unserialize() function which allows for code execution. The constructed object is again based on the SektionEins Zend code execution POP chain PoC. Kaltura versions prior to 13.1.0 are affected by this issue. A valid entry_id (which is required for this exploit) can be obtained from any media resource published on the kaltura installation. This Metasploit module was tested against Kaltura 13.1.0-2 installed on Ubuntu 14.04.
378cc7a64ba0d3b9625bf7d0daeb9bd6This Metasploit module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled.
b52da760a508f605f6ac4e9e7f6f0ffeCentOS Web Panel version 0.9.8.12 suffers from a remote SQL injection vulnerability.
33493d1a1a25a4ec93631c76f1de235fCentOS Web Panel version 0.9.8.12 suffers from multiple cross site scripting vulnerabilities.
d4e1642698943201c71ed84ba0b37e4eCentOS Web Panel version 0.9.8.12 suffers from multiple cross site scripting vulnerabilities.
429a78b20422fdffc9614f2158726d5dDebian Linux Security Advisory 4090-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injections and various Cross-Side Scripting (XSS) and Server-Side Request Forgery (SSRF) attacks, as well as bypass some access restrictions.
2beda7d50eee1ab5df6eabf161548fbaUbuntu Security Notice 3530-1 - It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from other domains, bypassing same-origin restrictions.
3bf2820a2ba39d395b37c51cb752e3d9This Metasploit module exploits an unrestricted file upload vulnerability in Web Viewer 1.0.0.193 on Samsung SRN-1670D devices. The network_ssl_upload.php file allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing local file read vulnerability referenced by CVE-2015-8279, which allows remote attackers to read the web interface credentials by sending a request to: cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.
a040c104d632cd4ba7549225102c8f38This Metasploit module exploits a file upload vulnerability in phpCollab version 2.5.1 which could be abused to allow unauthenticated users to execute arbitrary code under the context of the web server user. The exploit has been tested on Ubuntu 16.04.3 64-bit
49412c9229ada92b55b3cbcd05d8eb54Red Hat Security Advisory 2018-0081-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 28.0.0.137. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletins listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to disclose sensitive information or modify its settings when the victim loaded a page containing the malicious SWF content.
9a6c4db77e3ce332ec06e707d527c1b0Sangoma NetBorder / Vega Session Controller versions prior to 2.3.12-80-GA allows remote unauthenticated attackers to execute arbitrary commands via the web interface.
36a49fe20eb6acbd86755f5f716ec2c1Red Hat Security Advisory 2018-0061-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.2. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
57ab4436794ccc7f5375e140dae03e15SonicWall SonicOS NSA Web Firewall is susceptible to cross site scripting attacks due to a filter bypass vulnerability.
e60fdb119e38a2aa6639b763600c6a00Ubuntu Security Notice 3516-1 - It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from other domains, bypassing same-origin restrictions.
7515f6660d050f517b1107818beb00d4The Linksys WVBR0-25 Wireless Video Bridge, used by DirecTV to connect wireless Genie cable boxes to the Genie DVR, is vulnerable to OS command injection in versions prior to 1.0.41 of the web management portal via the User-Agent header. Authentication is not required to exploit this vulnerability.
296355d38705b5b2409004259a8e5624Ubuntu Security Notice 3514-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
485f3d664c8d9b91f9a34e0bb3715a85Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
011ea6c1e9be485704224f719397d198Red Hat Security Advisory 2018-0005-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.9.
aac8a37c771d15022754d85ed843305a
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed