Atlassian Hipchat is a web service for internal instant messaging. A plugin is available for Jira that allows team collaboration at real time. A message can be used to inject Java code into a Velocity template, and gain code execution as Jira. Authentication is required to exploit this vulnerability, and you must make sure the account you're using isn't protected by captcha. By default, Java payload will be used because it is cross-platform, but you can also specify which native payload you want (Linux or Windows). HipChat for Jira plugin versions between 1.3.2 and 6.30.0 are affected. Jira versions between 6.3.5 and 6.4.10 are also affected by default, because they were bundled with a vulnerable copy of HipChat. When using the check command, if you supply a valid username and password, the module will be able to trigger the bug and check more accurately. If not, it falls back to passive, which can only tell if the target is running on a Jira version that is bundled with a vulnerable copy of Hipchat by default, which is less reliable. This vulnerability was originally discovered internally by Atlassian.
7b0bfc0538bdb0f09109fc89d00b2c3ecc20bb68190a05de1e6406e449f9841aUbuntu Security Notice 2829-2 - It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Various other issues were also addressed.
5e4f710da8e8bbf54975fb1576d44e7ff897febc80e10c3dce85fa2a8b83ab06Linksys EA6100 Wireless Router suffers from an authentication bypass vulnerability.
a8b20e7d7ed604facccbb2ae990af80afdd4329520a1b779fb7446ad55de4272Ubuntu Security Notice 2829-1 - It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Various other issues were also addressed.
e5abdf2008e62ef43b3ae503e90de529e5809783c88d0f8c0761fc3ccbd0f5fdRed Hat Security Advisory 2015-2548-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
5a605930055469bf0a06cb8720c4f0e40b41f82493a8b70826524ffdd3916e98Red Hat Security Advisory 2015-2547-01 - JBoss Operations Network provides an integrated solution for managing JBoss middleware, other network infrastructure, and applications built on Red Hat Enterprise Application Platform. The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
cc8640c4388a4a895f95c581dafe20c6a1ab851a9fe6804f2c0d4d6cc2614a2fDebian Linux Security Advisory 3413-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.
1fec5f6d941764e515b2d41a23ffc157ba418d8fc1b688a8ca21684c204773b6Debian Linux Security Advisory 3412-1 - Luca Bruno discovered an integer overflow flaw leading to a stack-based buffer overflow in redis, a persistent key-value database. A remote attacker can use this flaw to cause a denial of service (application crash).
afd3b6ddf51da79e354679e67130888ebd595567efd5bfcc9f3992f00113e5ceHP Security Bulletin HPSBGN03525 1 - A potential security vulnerability has been identified in HP Performance Center Virtual Table Server (VTS). The vulnerability could be exploited remotely resulting in the execution of code. Revision 1 of this advisory.
20a02934713692b7735e8775e02907376bbec368c1790c6d65337a117d1ab5ddWordPress Sell Download plugin version 1.0.16 suffers from a local file disclosure vulnerability.
6ff16b263dc80eedb9844cca7e1581b90e3a21d7503569de87d0ad55b2ba2797The login.fortinet.com site suffered from a reflective cross site scripting vulnerability.
66571f8144851a8371be1d5f8d2edae17f7278739655c44af22a1cea57e1fcbaLinux execve shellcode that works on both x86 and x86_64.
19e5351ae10bc3f73a21d580af1b7b1a47863f13ef4d0768fd36034f64810e00WordPress TheCartPress plugin version 1.4.7 suffers from code execution and local file disclosure vulnerabilities.
154e643451779441be905f0e36b20623d19f59932732426b2c51832ab87df6dbWordPress Advanced Uploader plugin version 2.10 suffers from a remote shell upload vulnerability.
c84ffbb5a2da901b10a9231b2d47a0cd53878657e2c02246099c1a67a27b4476iTop version 2.2.0 suffers from a remote shell upload vulnerability.
1b276a79cb1e82aff09696466a2f1cb4f6f6e358378c5b28e543f65cbfc8c122
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed