[Onapsis Security Advisory 2014-028] SAP HANA Web-based Development Workbench Code Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2014-028: SAP HANA Web-based Development Workbench Code Injection 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to completely compromise the SAP...

Buffer overflow during CSS manipulation — Mozilla

Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered a buffer overflow when making capitalization style changes during CSS parsing. This can cause a crash that is potentially exploitable...

vBulletin 5.x / 4.x Persistent Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API post-auth ============================================================================ ==================== Overview - -------- date : 10/12/2014 cvss : 4.6...

neuroML 1.8.1 XSS / LFI / XXE Injection / Disclosure Vulnerabilities

neuroML version 1.8.1 suffers from cross site scripting, local file inclusion, XXE injection, and path disclosure vulnerabilities. Product: neuroML Version: Subject: Multiple Vulnerabilities Risk: High Effect: Remotely exploitable Author: Philipp Promeuschel Date: 10.10.2014 Abstract: -----------...

Bash Me Some More

Good morning! This is kinda long. == Background == If you are not familiar with the original bash function export vulnerability CVE-2014-6271, you may want to have a look at this article: http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html Well, long story short: the...

Patching Bash Vulnerability a Challenge for ICS, SCADA

While the most urgent focus where the Bash vulnerability is concerned is around Internet-facing web servers, embedded systems and industrial control systems are not exempt from worry. Experts are concerned about Linux-based industrial control systems and SCADA equipment, in particular, that may b...

Home Hacking Made Simple

SEATTLE–Like most security researchers, David Jacoby is naturally curious about how things work, and whether they can be made to do things they weren’t meant to do. Sitting at home in Sweden a few months ago, he looked at all of the Web-enabled devices in his house–TV, game console, network stora...

Re: [oss-security] CVE-2014-6271: remote code execution through bash

On Wed, Sep 24, 2014 at 04:05:51PM +0200, Florian Weimer wrote: Stephane Chazelas discovered a vulnerability in bash, related to how environment variables are processed: trailing code in function definitions was executed, independent of the variable name. In many common configurations, this...

GNU Bash shell executes commands in exported functions in environment variables

Overview GNU Bash 4.3 and earlier contains a command injection vulnerability that may allow remote code execution. Description UPDATE: New CVE-IDs added for incomplete patches. Additional resources added and vendor patch information updated.CWE-78: OS Command Injection Bash supports exporting of...

Debian DSA-3032-1 : bash - security update

Stephane Chazelas discovered a vulnerability in bash, the GNU Bourne-Again Shell, related to how environment variables are processed. In many common configurations, this vulnerability is exploitable over the network, especially if bash has been configured as the system shell. %NASLMINLEVEL 70300 ...

krfb -- Multiple security issues in bundled libvncserver

Martin Sandsmark reports: krfb 4.14 and earlier embeds libvncserver which has had several security issues. Several remotely exploitable security issues have been uncovered in libvncserver, some of which might allow a remote authenticated user code execution or application crashes...

Four Vulnerabilities Patched in SCADA Server

Four different remotely exploitable vulnerabilities were recently discovered and patched in a popular SCADA server. The vulnerabilities exist in some versions of IntegraXor, a SCADA server manufactured by Ecava Sdn Bhd, a Malaysian-based software company. The Industrial Control Systems Cyber...

Use-after-free during DOM interactions with SVG — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover a use-after-free during cycle collection. This was found in interactions with the SVG content through the document object model DOM with animating SVG content. This leads to a...

Granding MA300 - Weak Pin Encryption Brute Force

source: https://www.securityfocus.com/bid/69390/info Grand MA 300 is prone to multiple security weaknesses. Attackers can exploit these issues to disclose the access pin by sniffing network traffic or perform brute-force attacks on pin to gain unauthorized access. This may aid in other attacks...

SeaMonkey < 2.26.1 Multiple Vulnerabilities

The installed version of SeaMonkey is a version prior to 2.26.1. It is, therefore, affected by the following vulnerabilities : - There are multiple memory safety bugs in the browser engine. Several of these bugs show evidence of memory corruption, which may allow an attacker to execute arbitrary...

BlackBerry Z10 Authentication Bypass Vulnerability

BlackBerry Z10 suffers from a storage and access file-exchange authentication bypass vulnerability. BlackBerry Z10 Authentication Bypass Vulnerability --------------------------------------------------------------------- --------------------------------------------------------------------- 1...

BlackBerry Z10 Authentication Bypass

--------------------------------------------------------------------- modzero Security Advisory: BlackBerry Z 10 - Storage and Access File-Exchange Authentication By-Pass MZ-13-04 ---------------------------------------------------------------------...

Researcher Uncovers Vulnerability Oracle Data Redaction Security Feature

Oracle’s newly launched Data Redaction security feature in Oracle Database 12c can be easily disrupted by an attacker without any need to use exploit code, a security researcher long known as a thorn in Oracle's side said at Defcon. Data Redaction is one of the new Advanced Security features...

Mobile Carrier Controls Exploitable on a Massive Scale

LAS VEGAS – Device manufacturers and service providers quietly maintain a pervasive level of remote control over the devices they sell to consumers so they can push over-the-air OTA updates for a variety of reasons, but problematically one popular product that enables this type of control is poor...

SuSE 11.3 Security Update : openjdk (SAT Patch Number 9543)

This Critical Patch Update contains 20 new security fixes for Oracle Java SE. All of these vulnerabilities could have been remotely exploitable without authentication, i.e., could be exploited over a network without the need for a username and password. %NASLMINLEVEL 70300 C Tenable Network...