Red Hat Security Advisory 2023-4462-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.
ac334472e16a49a84869d79eb012501d1c1db4b461779a5531bafd208158eebcWeb Portal People CMS version 2.8 suffers from an open redirection vulnerability.
1971cc79cb4a96c14231d405a56a487f0be8ca6ac748769e19bd2151a646a357Web Stock version 3.0 suffers from an insecure direct object reference vulnerability.
fe534c5cb095a1e11d6b03821c2f179940b8b7ba19cf91ab76fe3a287026cc15Web Wiz Forums version 12.06 suffers from a remote SQL injection vulnerability.
053c243d73a6cbe5f88956bbe83d1d265e7e0e99d7551cc2519670faf778cb43Savant Web Server version 3.1 remote buffer overflow exploit with egghunter shellcode.
55105bce6fa65050219f56386fd46c40c00c4c48c7e09a9b26fcab79d90e4458This archive holds a whitepaper called Introduction to Web Pentesting. It provides basic configuration for Burpsuite Proxy along with basic exploitation cross site scripting, SQL injection, cross site request forgery, and open redirects. Two copies of the whitepaper are included. One is in English and one is in Bulgarian.
1f0745a5f6bf458420ce54f01247d5149ab58cb8886e6f6c015a8dbfc0d9a6deRed Hat Security Advisory 2023-4429-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
84e4fa4c9b723f028eda570601609ad7ebfc7fe269bbe166be52f190e0c0e177Courier Deprixa Pro Integrated Web System version 3.2.5 suffers from a cross site request forgery vulnerability.
d3ca5c957b21b9139d4932d307ce8dc7bb8d451ac2c9a2f3d0f1281ea4c0c0e4Red Hat Security Advisory 2023-4418-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
0a1d5bf1e533e63b02c6e841cbe1f36306457fe7553ff9cafa89fb500b756835Red Hat Security Advisory 2023-4410-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
962a03700cdaf2b77f70083e13671a7f51883c7dd8caf31e5fcb70c908ba55caRed Hat Security Advisory 2023-4409-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
40ffbac1f3fe480270dd9f44f9d7529da5cc4f57c4e56941745de21f93adbf30Red Hat Security Advisory 2023-4408-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
1efff2ead8b420c3c676224349d5410ab7d79630c905f83d260e8b9095357348Ubuntu Security Notice 6264-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
82871fa1fba43d05238c779b70fe1fa4ce8d4ecb76d357fcdd3cc95b927e2b1fRed Hat Security Advisory 2023-4354-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
678caf3e66249a1a4fe481296e802717677af7b21664f828ece96b591563c218Red Hat Security Advisory 2023-4350-01 - The python-requests package contains a library designed to make HTTP requests easy for developers.
7ce56fea56931578e58c9e57378b143719c421d55b7dd3187c56f8fc8e8f3d1aRed Hat Security Advisory 2023-4330-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and bypass vulnerabilities.
e350366281586d2cef04c6d228a4b1688a999c2161b5a64f4df03fc2dc126fb6Red Hat Security Advisory 2023-4331-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and bypass vulnerabilities.
f16ee90126b9893b5e5bba06fb24bfec93e3b2b99379a10616a486da89a60aedAn issue was discovered in Keeper Password Manager for Desktop version 16.10.2, and the KeeperFill Browser Extensions version 16.5.4, that allows local attackers to gain sensitive information via plaintext password storage in memory after the user is already logged in, and may persist after logout. Note that the vendor disputes this for two reasons - the information is inherently available during a logged-in session when the attacker can read from arbitrary memory locations, and information only remains available after logout because of memory-management limitations of web browsers (not because the Keeper technology itself is retaining the information).
8228457f02b7ab0fd7e392ec8e339789b9e311c048473f4d48761d9c915a58c0This Metasploit module exploits authentication bypass (CVE-2018-17153) and command injection (CVE-2016-10108) vulnerabilities in Western Digital MyCloud before 2.30.196 in order to achieve unauthenticated remote code execution as the root user. The module first performs a check to see if the target is WD MyCloud. If so, it attempts to trigger an authentication bypass (CVE-2018-17153) via a crafted GET request to /cgi-bin/network_mgr.cgi. If the server responds as expected, the module assesses the vulnerability status by attempting to exploit a commend injection vulnerability (CVE-2016-10108) in order to print a random string via the echo command. This is done via a crafted POST request to /web/google_analytics.php. If the server is vulnerable, the same command injection vector is leveraged to execute the payload. This module has been successfully tested against Western Digital MyCloud version 2.30.183.
0ce2f1497429d5e02113422d33a5d38d119e0b68b4af0aa04d5b4189b6ef07f8Ubuntu Security Notice 6243-1 - It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform server-side request forgery and obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform cross site scripting and obtain sensitive information.
1d0995a05bfb6ad2fa8ac23ac764746cf96df2b01811ed35e84375f6e0de6041WordPress File Manager Advanced Shortcode plugin does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to remote code execution in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users, but it also works in an authenticated configuration. Versions 2.3.2 and below are affected. To install the Shortcode plugin File Manager Advanced version 5.0.5 or lower is required to keep the configuration vulnerable. Any user privileges can exploit this vulnerability which results in access to the underlying operating system with the same privileges under which the Wordpress web services run.
70276f13c7da05f57a272fbb51cb03ce6c129189c7bb524b4612cc20be063403Debian Linux Security Advisory 5457-1 - An anonymous researcher discovered that processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
768c9726e6559c2301f24f72f74051557b2af3251d6e9e664ff8b83cb0cbb924Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. This permitted an unauthenticated user to use the unauthenticated Openfire Setup Environment in an already configured Openfire environment to access restricted pages in the Openfire Admin Console reserved for administrative users. This Metasploit module will use the vulnerability to create a new admin user that will be used to upload a Openfire management plugin weaponized with a java native payload that triggers remote code execution. This vulnerability affects all versions of Openfire that have been released since April 2015, starting with version 3.10.0. The problem has been patched in Openfire release 4.7.5 and 4.6.8, and further improvements will be included in the first version on the 4.8 branch, which is version 4.8.0.
88a0702601cff01264e02916f842525d503acf8b450db38e6b24d4a2d9099b89Red Hat Security Advisory 2023-4201-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.
a7d7554b6d74914a196337b5c2553010ed7ed00bbfd369756b272b6f2aa01588Red Hat Security Advisory 2023-4202-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.
f83c9132ee29579547e8f9c92f9007ae3c552152caee5d0e4d8338bfb5ae1760
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed