openSUSE Security Update : gummi (openSUSE-2015-956)

This update for gummi fixes the following issues : - CVE-2015-7758: Fix an exploitable issue caused by gummi setting predictable file names in /tmp; patch taken from debian patch tracker and submitted upstream bnc949682. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

Amazon Linux AMI : perl-IPTables-Parse (ALAS-2015-627)

A vulnerability in perl-IPTables-Parse was found, when using predictable file names for its temporary files. This vulnerability allows attacker on a multi-user system to set up symlinks to overwrite any file the current user has write access to. C Tenable Network Security, Inc. The descriptive te...

Threat Outbreak Alert RuleID4626: Email Messages Distributing Malicious Software on June 16, 2016

Medium Alert ID: 42662 First Published: 2015 December 14 14:06 GMT Last Updated: 2016 July 11 13:44 GMT Version: 61 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID4626 an...

The vulnerability of the web application for data synchronization with ownCloud allows a hacker to inject arbitrary web or HTML code.

The vulnerability of the web application for data synchronization with ownCloud exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code using special symbols within the file name...

CVE-1999-0997

wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress...

CVE-2015-4717

The filename sanitization component in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 does not properly handle $GET parameters cast by PHP to an array, which allows remote attackers to cause a denial of service infinite loop and log file consumption via crafted endpoint...

The vulnerability of the Allied Telesyn TFTP Server allows a intruder to cause a service failure or execute arbitrary code.

The vulnerability of the Allied Telesyn TFTP Server arises due to an overflow in the buffer on the stack. Exploiting this vulnerability allows a malicious actor to cause service failures or execute arbitrary code when processing requests containing long file names in the Allied Telesyn TFTP Serve...

GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution

Exploit Title: GLPI 0.85.5 RCE through file upload filter bypass Date: September 7th, 2015 Exploit Author: Raffaele Forte Vendor Homepage: http://www.glpi-project.org/ Software Link: https://forge.glpi-project.org/attachments/download/2093/glpi-0.85.5.tar.gz Version: GLPI 0.85.5 Tested on: CentOS...

GLPI 0.85.5 - Arbitrary File Upload Filter Bypass Remote Code Execution

GLPI 0.85.5 - Arbitrary File Upload Filter Bypass Remote Code Execution Exploit Title: GLPI 0.85.5 RCE through file upload filter bypass Date: September 7th, 2015 Exploit Author: Raffaele Forte Vendor Homepage: http://www.glpi-project.org/ Software Link:...

Multiple McAfee Products OS Command Injection Vulnerabilities

McAfee ESM is a security management product that performs real-time baseline activity calculations on all information collected and provides prioritized alerts before potential threats occur; McAfee ESMLM is a log collection, storage, and management product.McAfee ESMREC is an event receiver...

kernel: buffer overflow in eCryptfs

A buffer overflow flaw was found in the way the Linux kernel's eCryptfs implementation decoded encrypted file names. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system...

WordPress Plugin Download Manager Free 2.7.94 & Pro 4 - (Authenticated) Persistent Cross-Site Scripting

WordPress Download Manager Free 2.7.94 & Pro 4 Authenticated Stored XSS Vendor Homepage: http://www.wpdownloadmanager.com Software Link: https://wordpress.org/plugins/download-manager Affected Versions: Free 2.7.94 & Pro 4 Tested on: WordPress 4.2.2 Discovered by Filippos Mastrogiannis Twitter:...

php: regressions in 5.4+

It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions...

php: pcntl_exec() accepts paths with NUL character

It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions...

Important: Red Hat Security Advisory: rh-php56-php security update

Updated rh-php56-php packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

php: pcntl_exec() accepts paths with NUL character

It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions...

php: regressions in 5.4+

It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions...

ThisData: Xss via Dropbox

ThisData formerly Revert provides the ability to backup Dropbox files. File names were rendered within the app in an unescaped manner, meaning if you could get Dropbox to accept a file with a name like ".png you could XSS Revert's backup rendering screen...

Resource Exthaustion when sanitizing filenames - ownCloud

The sanitization component for filenames was vulnerable to DoS when parsing specially crafted file names passed via specific endpoints. Effectively this lead to a endless loop filling the log file until the system is not anymore responsive. Affected Software ownCloud Server 6.0.8 CVE-2015-4717...

php: regressions in 5.4+

It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions...