Threat Outbreak Alert RuleID10277: Email Messages Distributing Malicious Software on May 27, 2016

Medium Alert ID: 34577 First Published: 2014 June 10 12:51 GMT Last Updated: 2016 June 2 11:57 GMT Version: 87 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID10277 and...

CVE-2013-2090

The setmetadata function in lib/cremefraiche.rb in the Creme Fraiche gem before 0.6.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the file name of an email attachment. NOTE: some of these details are obtained from third party information...

Improper authorization checks in core - ownCloud

Due to an improper authorization check in core an attacker with access to at least two user account is able to access the file names of other users. Our post-mortem audit showed that this vulnerability does not leak any content of the file or the directory structure except the filename. Affected...

Server: Improper authorization checks in core

Due to an improper authorization check in core an attacker with access to at least two user account is able to access the file names of other users. Our post-mortem audit showed that this vulnerability does not leak any content of the file or the directory structure except the filename. For more...

DEBIAN-CVE-2014-1933

The 1 JpegImagePlugin.py and 2 EpsImagePlugin.py scripts in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes...

PYSEC-2014-23

The 1 JpegImagePlugin.py and 2 EpsImagePlugin.py scripts in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

Kemana Directory 1.5.6 - Database Backup Disclosure

$total return; ifempty$starttime $starttime=time; $now...

Kemana Directory 1.5.6 Database Backup Disclosure Exploit

Summary Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features including: CMS engine based on our qEngine, multiple directories support, user friendly administration control panel, easy to use custom fields,...

Kemana Directory 1.5.6 Database Backup Disclosure

$total return; ifempty$starttime $starttime=time; $n...

Agent.btz Malware May Have Served as Starting Point for Red October, Turla

Researchers looking into the recently uncovered Turla, or Snake, cyber espionage campaign have discovered some similarities connecting it to older pieces of malware such as Agent.btz, the worm that several years ago infected U.S. military networks and eventually caused the Department of Defense t...

JVN#49384502: SimZip (Simple Zip Viewer) vulnerable to directory traversal

SimZip Simple Zip Viewer provided by Gapless Player contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application...

JVN#85716574: NeoFiler vulnerable to directory traversal

NeoFiler provided by SkyArts.com contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has privileges to...

SuSE 11.2 Security Update : glibc (SAT Patch Number 8335)

This update for glibc contains the following fixes : - Fix integer overflows in malloc. CVE-2013-4332, bnc839870 - Fix buffer overflow in glob. bnc691365 - Fix buffer overflow in strcoll. CVE-2012-4412, bnc779320 - Update mount flags in . bnc791928 - Fix buffer overrun in regexp matcher...

HackerOne: Flawed account creation process allows registration of usernames corresponding to existing file names

As requested by Alex: "You mentioned in the report to contact you on this account instead. Is this the email address you prefer to use for payment? If so, would you mind resubmitting the issue from this account so we can issue a payout to the proper account?" ---------- The account creation proce...

HackerOne: RTL override symbol not stripped from file names

Any U+202E RIGHT-TO-LEFT OVERRIDE and similar symbols in file names of uploaded files are not stripped from the file name, causing potentially malicious executables to look like harmless images, for example. This might trick HackerOne panel members into accidentally opening evil h4x0r filez. I’ve...

Supermicro Onboard IPMI url_redirect.cgi Authenticated Directory Traversal

This module abuses a directory traversal vulnerability in the urlredirect.cgi application accessible through the web interface of Supermicro Onboard IPMI controllers. The vulnerability is present due to a lack of sanitization of the urlname parameter. This allows an attacker with a valid, but not...

http-iis-short-name-brute NSE Script

Attempts to brute force the 8.3 filenames commonly known as short names of files and directories in the root folder of vulnerable IIS servers. This script is an implementation of the PoC "iis shortname scanner". The script uses ,? and to bruteforce the short name of files present in the IIS...

Sounder Gem for Ruby File Name Handling Arbitrary Command Execution

Sounder Gem for Ruby contains a flaw that is triggered during the handling of file names. This may allow a context-dependent attacker to execute arbitrary commands...

Download Lite 4.3 Cross Site Scripting

Title: ====== Download Lite v4.3 iOS - Persistent File Web Vulnerability Date: ===== 2013-07-19 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1023 VL-ID: ===== 1023 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ===========...