CVE-2013-6026

The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlsetroodkcableoj28840ybtide...

CVE-2013-6129

The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid, htmldatapassword, htmldataconfirmpassword, and htmldataemail parameters, as exploited in the wild in October 2013...

Oracle Siebel CRM 8.1.1.x < 8.1.1.11 / 8.2.2.x < 8.2.2.4 (October 2013 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2013 CPU advisory. - Vulnerability in the Siebel Core - Server Infrastructure component of Oracle Siebel CRM subcomponent: SISNAPI & Network Infrastructu. Supported...

Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition

Abstract Issues disclosed in the Oracle October 2013 Java SE Critical Patch Update, plus 6 additional vulnerabilities Content VULNERABILITY DETAILS: CVE IDs: CVE-2013-5456 CVE-2013-5457 CVE-2013-5458 CVE-2013-4041 CVE-2013-5375 CVE-2013-5372 CVE-2013-5843 CVE-2013-5789 CVE-2013-5830 CVE-2013-5829...

Security Bulletin: Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013

Summary Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and included in the products that are listed in this document. Vulnerability Details The products that are listed in the Affected product section are shipped with a versio...

Security Bulletin: Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013

Summary Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and is included in the products that are listed in this document. Vulnerability Details The products that are listed in the Affected products section are shipped with a...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - October 2013

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, IBM SDK Java Technology Edition, Version 6, and IBM SDK Java 2 Technology Edition, Version 5 that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updat...

Security Bulletin: Rational Insight - Oracle CPU October 2013 (CVE-2013-5802, CVE-2013-5825)

Summary Multiple security vulnerabilities exist in the IBM JRE that is shipped with Rational Insight. The same security vulnerabilities also exist in the IBM Java SDK that is shipped with the IBM WebSphere Application Server WAS. Vulnerability Details | Subscribe to My Notifications to be notifie...

Security Bulletin: Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013

Summary Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and is included in the products that are listed in this document. Vulnerability Details WebSphere Lombardi Edition shipped with a version of IBM WebSphere Application...

A hotfix is available to update the Daylight Saving Time for the “(UTC+12:00) Fiji” time zone for Windows Operating Systems

A hotfix is available to update the Daylight Saving Time for the “UTC+12:00 Fiji” time zone for Windows Operating Systems Introduction Fiji has announced changes to its daylight saving time DST schedule. This hotfix updates the DST start and end dates for the “UTC+12:00 Fiji” time zone. More...

Oracle GlassFish Server 2.1.1 / 3.0.1 / 3.1.2 Multiple Vulnerabilities (October 2013 CPU)

Binary data 9000.prm...

IBM Domino 9.x < 9.0.1 Fix Pack 1 Multiple Vulnerabilities (uncredentialed check)

According to its version, the IBM Domino formerly IBM Lotus Domino on the remote host is 9.x prior to 9.0.1 Fix Pack 1 FP1. It is, therefore, affected by the following vulnerabilities : - A stack overflow issue exists due to the insecure '-z execstack' flag being used during compilation, which...

IBM Domino 8.0.x / 8.5.x / 9.0.x with IBM Java < 1.6 SR15 FP1 Multiple Vulnerabilities (credentialed check)

The remote host has a version of IBM Domino formerly Lotus Domino 8.0.x / 8.5.x / 9.0.x that is bundled with an IBM Java version prior to 1.6 SR15 FP1. It is, therefore, affected by the vulnerabilities mentioned in the Oracle Java Critical Patch Update advisories for October 2013 and January 2014...

Oracle Access Manager (October 2013 CPU)

The version of Oracle Access Manager installed on the remote host is affected by an unspecified flaw in the Authentication Engine subcomponent. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid72214;...

ASUS RT-N56U Remote Root

!/usr/bin/env python from time import sleep from sys import exit import urllib2, signal, struct, base64, socket, ssl Title: ASUS RT-N56U Remote Root Shell Exploit - appsname Discovered and Reported: October 2013 Discovered/Exploited By: Jacob Holcomb/Gimppy - Security Analyst @ ISE Contact: Twitt...

Oracle WebCenter Content Server Subcomponent Remote Issue (October 2013 CPU)

The version of Oracle WebCenter Content installed on the remote host is potentially affected by an unspecified remote security vulnerability in the Content Server component. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

mysql: unspecified DoS related to Optimizer (CPU October 2013)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer...

Mozilla Suite: Update to October 2013 release (important)

MozillaFirefox was updated to Firefox 25.0. MozillaThunderbird was updated to Thunderbird 24.1.0. Mozilla XULRunner was updated to 17.0.10esr. Mozilla NSPR was updated to 4.10.1. Changes in MozillaFirefox: requires NSS 3.15.2 or above MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592...

Design/Logic Flaw

The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid, htmldatapassword, htmldataconfirmpassword, and htmldataemail parameters, as exploited in the wild in October 2013...

Oracle Java SE Multiple Vulnerabilities (October 2013 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is earlier than 7 Update 45, 6 Update 65, or 5 Update 55. It is, therefore, potentially affected by security issues in the following components : - 2D - AWT - BEANS - CORBA - Deployment - JAX-WS - JAXP -...