cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage.
7d3e0becf23ca3897a3a89c3f913e3b112adda39792417a659684534063c14b9freeFTPd 1.0.10 and below contains an overflow condition that is triggered as user-supplied input is not properly validated when handling a specially crafted PASS command. This may allow a remote attacker to cause a buffer overflow, resulting in a denial of service or allow the execution of arbitrary code. FreeFTPd must have an account set to authorization anonymous user account.
5e92a9db9ba76a96be5d0f1d040af96bc6431037970882d5778b46dcbc012aadThis Metasploit module exploits a use-after-free vulnerability that targets Internet Explorer 9 on Windows 7. The flaw most likely exists in versions 6/7/8/9/10/11. It was initially found in the wild in Japan, but other regions such as English, Chinese, Korean, etc, were targeted as well. The vulnerability is due to how the mshtml!CDoc::SetMouseCapture function handles a reference during an event. An attacker first can setup two elements, where the second is the child of the first, and then setup a onlosecapture event handler for the parent element. The onlosecapture event seems to require two setCapture() calls to trigger, one for the parent element, one for the child. When the setCapture() call for the child element is called, it finally triggers the event, which allows the attacker to cause an arbitrary memory release using document.write(), which in particular frees up a 0x54-byte memory. The exact size of this memory may differ based on the version of IE. After the free, an invalid reference will still be kept and passed on to more functions, eventually arriving in function MSHTML!CTreeNode::GetInterface, and causing a crash (or arbitrary code execution) when this function attempts to use this reference to call what appears to be a PrivateQueryInterface due to the offset (0x00). To mimic the same exploit found in the wild, this module will try to use the same DLL from Microsoft Office 2007 or 2010 to leverage the attack.
4b3c1a5b80b3b3378373a9f44d0154cd9d83f40fa16e999f61ede1263be952d6SimpleRisk version 20130915-01 suffers from cross site request forgery and cross site scripting vulnerabilities.
51760980e60232bc33ac5af0d661e294a83781b8a81c3971d498ecd804efc0b9Firefox for Android versions prior to 24 suffer from a same-origin bypass vulnerability via symbolic links.
3a942520517c20e308519b9afe21ca2358a820d16f116fa1c7d936f24bb9491bRed Hat Security Advisory 2013-1370-01 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.
2f0f54c9bf0bedc63785e77d98aa09278bdb1703dde38881c983600ac09113c6Red Hat Security Advisory 2013-1369-01 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.
5eae1344af2f036e1eb2cc5d11543dcc94f1bdc9e855ae032c89cbc1225c8e98Red Hat Security Advisory 2013-1375-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for Red Hat JBoss BRMS 5.3.1. It includes various bug fixes. The following security issue is also fixed with this release: A flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially-crafted XML signature block.
68bba849d3bdbb69ea196c5401a2ef2d4d9752eda2e2397b2820f5a265dde698Red Hat Security Advisory 2013-1376-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 5.3 will be retired as of March 31, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 5.3 AMC after that date. In addition, technical support through Red Hat's Global Support Services will no longer be provided after March 31, 2014. Note: This notification applies only to those customers with subscriptions for Advanced Mission Critical Support channels for Red Hat Enterprise Linux 5.3.
73e1be0941bbe841098303dafdb3f0a360f6a6363c3bbfa8e868726c767076d2Red Hat Security Advisory 2013-1371-01 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.
c60ac65bfa45cb3d4be939b34b4835db8d1dbe092a33f15ab0e6681305bd22f0Red Hat Security Advisory 2013-1374-02 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.
3822abe88fd2ebf9b45491a6d40dc1b60480b52dc968deb86d2651b5574eb0b3Red Hat Security Advisory 2013-1373-03 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.
ddea4eefe0ddb69240fa95146916bba81da877d0f75d2b461375422c1266a816Red Hat Security Advisory 2013-1372-01 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.
96619b0ad46c1cfa53e0dd9412fc689817f4d6769a86fcf4b024944eb95418d2Ubuntu Security Notice 1981-1 - It was discovered that HPLIP incorrectly handled temporary files when using the fax capabilities. A local attacker could possibly use this issue to overwrite arbitrary files. This issue only applied to Ubuntu 10.04 LTS. Tim Waugh discovered that HPLIP incorrectly handled temporary files when printing. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu 12.04 LTS and Ubuntu 12.10, this should be prevented by the Yama link restrictions. Various other issues were also addressed.
caed288246bf5bbcc535583ccaac571bc9aa7120e7c761f550150017c7e8dddcUbuntu Security Notice 1977-1 - An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of the Linux kernel. A physically proximate attacker could exploit this flaw to execute arbitrary code or cause a denial of service (heap memory corruption) via a specially crafted device that provides an invalid Report ID. Various other issues were also addressed.
9bcca0bc7a1d69809d8c472f7ee00b8e94a9064a972136ecf68fadf65156fd8eHylaFAX+ versions 5.2.4 through 5.5.3 suffer from a buffer overflow vulnerability. The code path for authenticating users via LDAP allocates a 255-byte buffer (via the C++ "new" operator), and then "strcats" user-supplied data buffered from the inbound FTP control channel. Other code limits the amount of copied data to 506 bytes, and truncates on NULL and "\n". Thus it is possible for an unauthenticated remote attacker to overflow the heap with a limited character set.
4b209ff117ea49481dfc4cb29356200b0bd379cabdada2b4e329aae67a8b0a2aUbuntu Security Notice 1979-1 - Patrick J Cherry discovered that txt2man contained leftover debugging code that incorrectly created a temporary file. A local attacker could possibly use this issue to overwrite arbitrary files. In the default Ubuntu installation, this should be prevented by the Yama link restrictions.
f4d5073ca30139fcdb4c84c26250e6fafe08effaafd26c55c42ece53578c1ab4Ubuntu Security Notice 1980-1 - Jonathan Claudius discovered that Vino incorrectly handled closing invalid connections. A remote attacker could use this issue to cause Vino to consume resources, resulting in a denial of service.
b22d7432e930f96bb7c0251a219c0f000e6805edc6cde35f9a411c55248ef6d8Ubuntu Security Notice 1976-1 - An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of the Linux kernel. A physically proximate attacker could exploit this flaw to execute arbitrary code or cause a denial of service (heap memory corruption) via a specially crafted device that provides an invalid Report ID. Various other issues were also addressed.
9aa1649709dc1c7faa282c3d1189b01172f6c3015e4818589969a25d8f9e046aUbuntu Security Notice 1978-1 - It was discovered that libKDcraw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against libKDcraw could be made to crash, resulting in a denial of service.
6d8a53bf2ff631e9570f57da2208f08293846cf2d28a1b7ca8d15babdb745d58Mandriva Linux Security Advisory 2013-244 - Davfs2, a filesystem client for WebDAV, calls the function system() insecurely while is setuid root. This might allow a privilege escalation. The updated packages have been patched to correct this issue.
af7482beeb30b5336944896057c8df7f6c9b5cb4480241b35162b432c91c28d1Debian Linux Security Advisory 2767-1 - Kingcope discovered that the mod_sftp and mod_sftp_pam modules of proftpd, a powerful modular FTP/SFTP/FTPS server, are not properly validating input, before making pool allocations. An attacker can use this flaw to conduct denial of service attacks against the system running proftpd (resource exhaustion).
c168f2c8db8e3b37fe841ca599eabc5bfb2e009d8d467c911111d28986bd4846Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0 and -current to fix security issues.
1bb62992b4987cf317f491eda1c405c6939d3e15837d103ddd9deb8508150d29Debian Linux Security Advisory 2766-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.
6db36db0cf544b0d71fd346914fc4f771d7d6bf477af2e61c0f394af113ed5dfOpen-Xchange AppSuite versions prior to 7.2.2 suffer from multiple script insertion vulnerabilities.
2aba5dc117224326084b059611da7da81490ea0864a710e358a670e17e8c5326
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed