Synology DSM versions 4.3-3827 and below suffer from a remote blind SQL injection vulnerability.
bac3d28f8c2130affcf2e2e800679a6e686cb21f15e1617359000c1ec96d3327Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.
8af3c0a0f439d516277f308938935003d072f34a34fcf2e8dcf07dd415b1ca65PowerArchiver version 14.02.03 creates files with an insecure encryption method even if the user selects a (secure) AES encryption in the GUI. If a user clicks on the "Encrypt Files" and selects "AES 256-bit" for encryption, the outcoming file will not be AES-encrypted. It will instead use the legacy PKZIP encryption, which uses a broken encryption algorithm.
a48e078a1bd32e704a5fbf11c4d4b61c8d037f81b323e1195c53539b587ab28bMandriva Linux Security Advisory 2014-055 - Owncloud versions 5.0.15 and 6.0.2 fix several unspecified security vulnerabilities, as well as many other bugs. See the upstream Changelog for more information.
a9374eda146b1f80a69f3b2e5eb37ffa6b8eccdab53a92eeeb22ce221025494bMandriva Linux Security Advisory 2014-054 - An attacker could send a specially prepared HTML email to OTRS. If he can then trick an agent into following a special link to display this email, JavaScript code would be executed.
f38f3c4f647137a682ee49e87b9dc2300c3024b6fee14b54fa964b479ebcf01dMandriva Linux Security Advisory 2014-053 - When using libssh before 0.6.3, a libssh-based server, when accepting a new connection, forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset its state after the fork, but simply adds the current process id to the PRNG state, which is not guaranteed to be unique. The most important consequence is that servers using EC or DSA certificates may under certain conditions leak their private key.
e6dd6236b789502029d7c8ea18bc510ccd49917a0dfe6d3408d4f49046a1ed7fMandriva Linux Security Advisory 2014-052 - Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects. Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled.
5321b6a85466163f258effee601462d0d873c80a7e36fa1ba6faaf05959c81dcMandriva Linux Security Advisory 2014-051 - It was discovered that file before 5.17 contains a flaw in the handling of indirect magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files. Additionally, other well-crafted files might result in long computation times and overlong results. A flaw was found in the way the file utility determined the type of Portable Executable format files, the executable format used on Windows. A malicious PE file could cause the file utility to crash or, potentially, execute arbitrary code. A memory leak in file has also been fixed. The affected packages have been upgraded to the 5.12 version and patched to correct these flaws.
279824ee2cc767c988c6f20272e49c97a4ed11a71b33721f4a621432894306b0Debian Linux Security Advisory 2878-1 - Matthew Daley discovered multiple vulnerabilities in VirtualBox, a x86 virtualisation solution, resulting in denial of service, privilege escalation and an information leak.
3430eb38fed7806d02ed096d88cf8bfeb3d56c7df7fe56b8e7b402feeda30c40Debian Linux Security Advisory 2877-1 - Several vulnerabilities were discovered in the lighttpd web server.
1b636c5aece6a80bb396c37c59b82d4c2b12f55fc71f7bada298470800c1290fUbuntu Security Notice 2146-1 - Sebastien Macke discovered that Sudo incorrectly handled blacklisted environment variables when the env_reset option was disabled. A local attacker could use this issue to possibly run unintended commands by using blacklisted environment variables. In a default Ubuntu installation, the env_reset option is enabled by default. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. It was discovered that the Sudo init script set a date in the past on existing timestamp files instead of using epoch to invalidate them completely. A local attacker could possibly modify the system time to attempt to reuse timestamp files. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. Various other issues were also addressed.
f4ae09f019fdd72e0cba6b61ad62ccd01c25da14dd2aa1176eb434bda38c0d1fMandriva Linux Security Advisory 2014-057 - MediaWiki user Michael M reported that the fix for CVE-2013-4568 allowed insertion of escaped CSS values which could pass the CSS validation checks, resulting in XSS. Chris from RationalWiki reported that SVG files could be uploaded that include external stylesheets, which could lead to XSS when an XSL was used to include JavaScript. During internal review, it was discovered that MediaWiki's SVG sanitization could be bypassed when the XML was considered invalid. During internal review, it was discovered that MediaWiki displayed some information about deleted pages in the log API, enhanced RecentChanges, and user watchlists. Netanel Rubin from Check Point discovered a remote code execution vulnerability in MediaWiki's thumbnail generation for DjVu files. Internal review also discovered similar logic in the PdfHandler extension, which could be exploited in a similar way. MediaWiki before 1.22.3 does not block unsafe namespaces, such as a W3C XHTML namespace, in uploaded SVG files. Some client software may use these namespaces in a way that results in XSS. This was fixed by disallowing uploading SVG files using non-whitelisted namespaces. MediaWiki before 1.22.3 performs token comparison that may be vulnerable to timing attacks. This was fixed by making token comparison use constant time. MediaWiki before 1.22.3 could allow an attacker to perform XSS attacks, due to flaw with link handling in api.php. This was fixed such that it won't find links in the middle of api.php links. MediaWiki has been updated to version 1.22.3, which fixes these issues, as well as several others. Also, the mediawiki-ldapauthentication and mediawiki-math extensions have been updated to newer versions that are compatible with MediaWiki 1.22. Additionally, the mediawiki-graphviz extension has been obsoleted, due to the fact that it is unmaintained upstream and is vulnerable to cross-site scripting attacks. Note: if you were using the instances feature in these packages to support multiple wiki instances, this feature has now been removed. You will need to maintain separate wiki instances manually.
69370204ce4cd8a16085a03afcffcb4b941504c2ffd0f56cd8dde6210167c57bMandriva Linux Security Advisory 2014-056 - It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition. Tomcat 7 includes an embedded copy of the Apache Commons FileUpload package, and was affected as well. Additionally a build problem with maven was discovered, fixed maven packages is also being provided with this advisory.
355d214aa8aa7d687ed7dadbfe5d8fe698ac7a539ac8ac55011a4244d38c3ae9Ubee EVW3200 suffers from a cross site request forgery vulnerability.
e3991b705f4ec260d7e553d14ab17f4630fb8f2cd4dff010ca8fbebd4adcb8e9Ubee EVW3200 suffers from multiple persistent cross site scripting vulnerabilities.
9cd81f9687fbcf20d9e66b8a26971e454bf020fbfa8a43c4dc7eb473cd8e9b57BSides Connecticut is soliciting talks for their event June 14th, 2014 in Hamden, CT, USA.
8f06b1894f657311431a3d81466830f638e93704f48df4c6a3330c3ea945d337QNX Neutrino RTOS version 6.5.0 suffers from multiple privilege escalation vulnerabilities.
e5e6ce35d1fa0f2a45836c06a404535d1ffccdb3b08407a60b96bf363dc0bd0aThis Metasploit module allows execution of native payloads from a privileged Firefox Javascript shell. It puts the specified payload into memory, adds the necessary protection flags, and calls it. Useful for upgrading a Firefox javascript shell to a Meterpreter session without touching the disk.
40ee936bfb600213287236e414efdc58ac1d496e3897d1cdc7107c2457f599b3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed