This Metasploit module exploits a default credential vulnerability in ManageEngine OpManager, where a default hidden account "IntegrationUser" with administrator privileges exists. The account has a default password of "plugin" which can not be reset through the user interface. By log-in and abusing the default administrator's SQL query functionality, it's possible to write a WAR payload to disk and trigger an automatic deployment of this payload. This Metasploit module has been tested successfully on OpManager v11.5 and v11.6 for Windows.
a79de46e68665e018fab0af3d172ef7ef23237f7ecabbe88fc9626f647f5e3fbThis Metasploit module exploits a pool based buffer overflow in the atmfd.dll driver when parsing a malformed font. The vulnerability was exploited by the hacking team and disclosed on the july data leak. This Metasploit module has been tested successfully on vulnerable builds of Windows 8.1 x64.
77f570082717ca7a50c0ff94d4b86df4d4f4ce8665ab76605a5070e55c1c8de3Red Hat Security Advisory 2015-1808-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. A command injection flaw was found in the rubygem-openshift-origin- console. A remote, authenticated user permitted to send requests to the Broker could execute arbitrary commands with elevated privileges on the Red Hat OpenShift server. All rubygem-openshift-origin-console users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
f0b9a48166303ff75b1891b35399b39a3d7149e4e20088ae35f13479021807e4Ubuntu Security Notice 2741-1 - It was discovered that the Unity Settings Daemon incorrectly allowed removable media to be mounted when the screen is locked. If a vulnerability were discovered in some other desktop component, such as an image library, a local attacker could possibly use this issue to gain access to the session.
2f97d1e5a13a3e486c03923183ff4afc1da1bb5e37d852222980d141e6c049edUbuntu Security Notice 2742-1 - Denis Andzakovic discovered that OpenLDAP incorrectly handled certain BER data. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. Dietrich Clauss discovered that the OpenLDAP package incorrectly shipped with a potentially unsafe default access control configuration. Depending on how the database is configure, this may allow users to impersonate others by modifying attributes such as their Unix user and group numbers. Various other issues were also addressed.
9b6a8ed19fb6f7e3f64b01c4aa1fe8b45478ce1971f92272242e7566e492728cUbuntu Security Notice 2740-1 - Atte Kettunen discovered that ICU incorrectly handled certain converter names. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash. It was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
5b1f2476f7d96386a0e049410bd7ee7fa6c1fb9fe8f352f7db36cdd24e4825a8Cisco Security Advisory - Cisco TelePresence Server contains a buffer overflow vulnerability in the Conference Control Protocol API that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. No workarounds that mitigate this vulnerability are available.
bac9daba4b8d9bd57593f1f8a8f4bfc66fd04b0a66b8c836ece70d3f7b0d32c2Cisco Security Advisory - A vulnerability in the web framework of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to access higher-privileged functions. An exploit could allow the attacker to access functions some of which should be accessible only to users who have administrative privileges. This includes creating an administrative user.
1d1dbc012d8430484519427c0ddc88f33f0a15c34a13848704a6941fe740c798Cisco Security Advisory - Cisco Prime Collaboration Assurance Software contains access bypass, information disclosure, and privilege escalation vulnerabilities.
b531432647ab2690ba36458cf4972a611863a08fb56b5a1606bcba27d87c28fbHP Security Bulletin HPSBGN03393 2 - A potential security vulnerability has been identified with HP Operations Manager i (OMi) running on Linux and Windows. The vulnerability could be exploited remotely to execute code. Revision 2 of this advisory.
3bc5a0be2c31ee31bbfa01e93eed43ef63948ec86558cc789102b39977887c71Red Hat Security Advisory 2015-1788-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the kernel's implementation of the Berkeley Packet Filter. A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.
25d0c7614c07675f849c3b6d3284745ade70ce6f99faadcd640f7598d955b66cRed Hat Security Advisory 2015-1793-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory.
23f5662e8c68f25e52a00f8571a08ea77f3d89480a7c38085c4fe015a42ea14aRed Hat Security Advisory 2015-1778-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the kernel's implementation of the Berkeley Packet Filter. A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.
6931087e4966ef5af97d58d33a14d67431f59be2eca9c49d74bab95c4b9e66aeRed Hat Security Advisory 2015-1787-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. A flaw was found in the way the Linux kernel's ext4 file system handled the "page size > block size" condition when the fallocate zero range functionality was used. A local attacker could use this flaw to crash the system.
f0b5d577a1722a4499ab101e9890afb3978e9fdaacc73e56678021c7283bdb72Debian Linux Security Advisory 3360-1 - It was discovered that the International Components for Unicode (ICU) library mishandles converter names starting with x- , which allows remote attackers to cause a denial of service (read of uninitialized memory) or possibly have unspecified other impact via a crafted file.
103abcee976e68dc4bc87a60c3cd4a6c9d40f8fc87ea73f56e263122853840ffHP Security Bulletin HPSBHF03509 1 - HP has released updates to the HP ThinPro and HP Smart Zero Core operating systems to address two vulnerabilities found in Adobe Flash Player versions v11.x through v11.2.202.481 on Linux. These vulnerabilities allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that either leverages improper handling of the opaqueBackground property or overrides a ValueOf function, as exploited in the wild in July 2015. Revision 1 of this advisory.
e6bb7bc9c737d98fc3a4dca51f25b28ad5851e17a20b20cf3f300bd1ed5f397c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed