jenkins: Arbitrary build parameters are passed to build scripts as environment variables (SECURITY-170)

Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables...

Internet Bug Bounty: use of uninitialized variables in operator.methodcaller

I described this vulnerability in detail in a mail to the PSRT. A copy of my email, plus the fix for this issue, can be found here: https://bugs.python.org/issue27783...

CGIHandler: sets environmental variable based on user supplied Proxy request header

It was discovered that the Python CGIHandler class did not properly protect against the HTTPPROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP...

Cybozu Mailwise vulnerable to information disclosure

Overview Cybozu Mailwise contains an information disclosure vulnerability in the page where CGI environment variables are displayed. Cookie that contains session information has httponly attribute, and the Cookie value cannot be obtained by JavaScript code. However, Cookie values can be obtained ...

JVN#03052683: Cybozu Mailwise vulnerable to information disclosure

Cybozu Mailwise contains an information disclosure vulnerability in the page where CGI environment variables are displayed. Cookie that contains session information has httponly attribute, and the Cookie value cannot be obtained by JavaScript code. However, Cookie values can be obtained in the pa...

Silver Stripe CMS: source code security analysis report

Several vulnerabilities were discovered in SilverStripe Limited 'Silver Stripe CMS' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Incorrect Newlin...

IBM Spectrum Scale and GPFS Command Execution Vulnerabilities (CNVD-2016-06346)

IBM Spectrum Scale and IBM GPFS General Parallel File System are both products of IBM Corporation in the U.S. IBM GPFS is a set of enterprise file management systems optimized for petabyte-scale storage management.IBM Spectrum Scale is a set of IBM GPFS-based data and IBM Spectrum Scale is a data...

Phoenix Contact ILC PLC Authentication Vulnerabilities

OVERVIEW Matthias Niedermaier and Michael Kapfer of HSASec Hochschule Augsburg have identified authentication vulnerabilities in Phoenix Contact’s ILC inline controller PLCs. Phoenix Contact GmbH & Co. KG has produced a mitigation plan that includes an update and recommended security practices to...

OpenSSH 7.x < 7.3 Multiple Vulnerabilities

Binary data 9507.prm...

Knight CMS suffers from SQL injection vulnerability

Knight CMS Talent System is a professional talent system based on PHP+MYSQL. Knight CMS Talent System version 3.7 suffers from a SQL injection vulnerability, which is exploited by attackers to obtain sensitive information due to unfiltered variable names...

openssh -- sshd -- remote valid user discovery and PAM /bin/login attack

The OpenSSH project reports: sshd8: Mitigate timing differences in password authentication that could be used to discern valid from invalid account names when long passwords were sent and particular password hashing algorithms are in use on the server. CVE-2016-6210, reported by EddieEzra.Harari ...

Unauthorized Modification of UEFI Variables in UEFI Systems

Lenovo Security Advisory: LEN-2014-002 Potential Impact: Modifications of UEFI variables Severity: Medium Summary: Certain firmware implementations may not correctly protect and validate information contained in certain UEFI variables. Exploitation of such vulnerabilities could potentially lead t...

Unauthorized Modification of UEFI Variables in UEFI Systems - Lenovo Support US

No description provided...

AZL-78994 CVE-2016-5386 affecting package golang 1.25.7-1

The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI...

Microsoft Windows Environment Variables

Nessus was able to collect system and active account environment variables on the remote Windows host and generate a report as a CSV attachment. C Tenable, Inc. include"compat.inc"; if description scriptid92364; scriptversion"1.14"; scriptsetattributeattribute:"pluginmodificationdate",...

The vulnerability of the Business Process Manager system allows a perpetrator to circumvent existing access restrictions and update dynamic processes.

The vulnerability of the Business Process Manager system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and update process variables through calls to the REST API...

PT-2016-3448 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue was found in the netlink dump function. This occurs when the Netlink socket receives a message of type XFRM MSG GETSA or XFRM MSG GETPOLICY with the DU...

CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables

Overview Web servers running in a CGI or CGI-like context may assign client request Proxy header values to internal HTTPPROXY environment variables. This vulnerability can be leveraged to conduct man-in-the-middle MITM attacks on internal subrequests or to direct the server to initiate connection...

Vulnerabilities of the Alt Linux SPT operating system, which allow a malicious attacker to disable the device’s functionality

Multiple vulnerabilities in the bash command-line interpreter of the Altron Linux SPT operating system are caused by errors in processing input data during syntax analysis of code. Exploiting these vulnerabilities allows a malicious individual to execute arbitrary commands with the privileges of...

The vulnerability of Cisco IPS software allows a malicious individual to gain access to confidential information.

The GNU Bash command shell, as of version 4.3 bash43-025, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other unconfirmed actions. Security...