NetEx HyperIP Privilege Escalation Vulnerability

Vulnerability Details Affected Vendor: NetEx Affected Product: HyperIP Affected Version: 6.1.0 Platform: Embedded Linux CWE Classification: CWE-592: Authentication Bypass Issues Impact: Privilege Escalation Attack vector: HTTPS 2. Vulnerability Description Privileges can be escalated by abusing...

Design/Logic Flaw

Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...

CVE-2018-6289

Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...

CVE-2018-6289

Kaspersky Secure Mail Gateway 1.1.0.379 has a Web Management Console vulnerability (CVE-2018-6289) that allows configuration-file injection into /etc/postfix/main.cf, enabling arbitrary commands to execute as root. The Core Security advisory CORE-2017-0010 details that adding a crafted BCC addres...

CVE-2018-6289

Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...

mysql: unrestricted mysqld_safe's ledir (CPU Jan 2017)

It was discovered that the mysqldsafe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root...

MGASA-2018-0108 Updated pure-ftpd packages fix security vulnerability

Fixes loading the configuration file...

Design/Logic Flaw

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service ConfigurationService on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the...

CVE-2016-6599

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service ConfigurationService on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the...

CVE-2016-6599

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service ConfigurationService on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the...

lynx doesn't properly sanitize user input and exposes database password to unauthorized users

The lynx gem prior to 1.0.0 for Ruby places the configured password on command lines, which allows local users to obtain sensitive information by listing processes. As of version 1.0.0, lynx no longer supports a --password option. Passwords are only configured in a configuration file, so it's no...

NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download

NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration Download Vendor: NEC Corporation Product web page: http://www.nec.com Affected version: WebPro =10.00 DSP Firmware Version: 12.11.00.02 Summary: NEC's UNIVERGE® SV9100 is the unified communications UC solution of choice for small and...

Master IP CAM 01 Vulnerabilities

Some time ago I analized this ipcam with my friend Dzonerzy: var serialNum="VVVIPCSBC150617Z-06929VjmJH54vkK"; var model="RTIPC"; var hardVersion="5900-gc1004"; var softVersion="V3.3.4.2103-S50-SBC-B20150721E"; var ipcname="WIFICAM"; var startdate="2017-8-5 0:0:2"; var runtimes="0 day, 0:54"; var...

Information Disclosure

hadoop-common is vulnerable to information disclosure. Malicious users can use XML directives in a configuration file to discover the job history on the server and to discover private files...

Design/Logic Flaw

Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before 2.8.3, and 3.0.0-alpha through 3.0.0-beta1 allows a cluster user to expose private files owned by the user running the MapReduce job history server process. The malicious user can construct a configuration file containing XML...

Description of the Security and Quality Rollup for the .NET Framework 4.5.2 for Windows Server 2012 (KB 4054994)

Description of the Security and Quality Rollup for the .NET Framework 4.5.2 for Windows Server 2012 KB 4054994 View products that this article applies to. Summary This security update resolves a security feature bypass vulnerability that exists when Microsoft .NET Framework and .NET Core...

Description of the Security Only update for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB 4054176)

Description of the Security Only update for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 KB 4054176 View products that this article applies to. Summary This security update resolves a security feature bypass vulnerability that exists when Microsoft .NET Framework and...

CVE-2014-10069

Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a backup configuration file, as demonstrated by a password hash in the umauthaccountpassword field...

CVE-2014-10069

CVE-2014-10069 (Hitron CVE-30360) affects Hitron CVE-30360 devices. The vulnerability arises from a DES key 578A958E3DD933FC shared across installations, allowing attackers to decrypt a backup configuration file (evidenced by a password hash in um_auth_account_password). CVSS metrics: CVSS2 base ...

VMware Workstation ALSA Config File Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workstation ALSA Config File Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in VMware Workstation Pr...