144 matches found
Google Chrome Inbuilt Flash player allows Webcam Hacking
No longer limited to Hollywood movies about cybercrime, webcam hacking has stealthily and aggressively broken into average households "I've heard a hacker could access my webcam and watch me in front of my computer. Could this really happen?" YES, other than using a Remote administration tools, i...
CVE-2012-5660
Summary: CVE-2012-5660 affects ABRT (Automatic Bug Reporting Tool) components, notably abrt-action-install-debuginfo, in ABRT 2.0.9 and earlier. The vulnerability allows a local attacker to set world-writable permissions on arbitrary files and potentially gain privileges via a symlink attack in t...
CentOS Update for libreport CESA-2013:0215 centos6
Check for the Version of libreport OpenVAS Vulnerability Test CentOS Update for libreport CESA-2013:0215 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
RedHat Update for abrt and libreport RHSA-2013:0215-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
abrt, libreport security update
CentOS Errata and Security Advisory CESA-2013:0215 Updated abrt and libreport packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...
CentOS 6 : abrt / libreport (CESA-2013:0215)
Updated abrt and libreport packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
abrt: Arbitrary Python code execution due improper sanitization of the PYTHONPATH environment variable by installing debuginfo packages into cache
Untrusted search path vulnerability in plugins/abrt-action-install-debuginfo-to-abrt-cache.c in Automatic Bug Reporting Tool ABRT 2.0.9 and earlier allows local users to load and execute arbitrary Python modules by modifying the PYTHONPATH environment variable to reference a malicious Python modu...
PT-2013-1146 · Red Hat +1 · Libreport-Plugin-Bugzilla +27
Name of the Vulnerable Software and Affected Versions: abrt versions 2.0.8 and earlier abrt-addon-ccpp versions 2.0.8 and earlier abrt-addon-kerneloops versions 2.0.8 and earlier abrt-addon-python versions 2.0.8 and earlier abrt-addon-vmcore versions 2.0.8 and earlier abrt-cli versions 2.0.8 and...
Scientific Linux Security Update : abrt, libreport, btparser, and python-meh on SL6.x i386/x86_64 (20120620)
ABRT Automatic Bug Reporting Tool is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in...
CentOS 6 : abrt (CESA-2012:0841)
Updated abrt, libreport, btparser, and python-meh packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores,...
abrt, btparser, libreport security update
CentOS Errata and Security Advisory CESA-2012:0841 Updated abrt, libreport, btparser, and python-meh packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact...
CVE-2012-2691
The mcissuenoteupdate function in the SOAP API in MantisBT before 1.2.11 does not properly check privileges, which allows remote attackers with bug reporting privileges to edit arbitrary bugnotes via a SOAP request...
CVE-2012-2691
CVE-2012-2691 affects MantisBT (SOAP API) where the mc_issue_note_update function does not properly enforce privileges. As a result, remote attackers with bug reporting privileges could edit arbitrary bugnotes via SOAP requests. The vulnerability is described as code-level privilege check bypass ...
w3af v.1.1 - Web Application Attack and Audit Framework Released
w3af v.1.1 - Web Application Attack and Audit Framework Released w3af is a Web Application Attack and Audit Framework. The project's goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. To read our short and long term objectives. w3af i...
Mageia 1 Beta 2 released [ Testing Edition ]
Mageia 1 Beta 2 released Testing Edition Three weeks after the first beta arrived, the Mageia development team has announced the release of the second beta for version 1.0 of its Mandriva Linux fork. According to the project roadmap, Mageia 1 Beta 2 will be followed by a release candidate on 17 M...
PPS 4.0 perl-cgi web shell
PPS 4.0 perl-cgi web shell Данная утилита предназначенна для системных администраторов для удаленного управления своим сервером. Любое незаконное использование скрипта преследуется по закону. SIZE: 55.88 KB last update - 12.07.2013 09:45 Авторизация на cookies SystemInfo - информация о сервере Fi...
Mozilla Expands Bug Bounty to Web Apps
Mozilla has decided to follow the lead of Google and expand its bug-bounty program to pay for vulnerabilities found on certain of its Web sites, including the site for Firefox and the main Mozilla site. The group said that bounties for bugs found on the eligible sites will start at $500 and could...
Geany .18 - Local File Overwrite
Geany .18 - Local File Overwrite !/bin/sh redbull.sh AKA Geany 0.18 Local File Overwrite Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 10.06.2009 I was checking out some IDEs and decided on Geany. Nice interface, good features, but it doesn't defend against...
report bug bug reporting application weak permissions
Per-user configuration file is world readable and may contain sensitive information, such as SMTP server password...
Debian DSA-477-1 : xine-ui - insecure temporary file creation
Shaun Colley discovered a problem in xine-ui, the xine video player user interface. A script contained in the package to possibly remedy a problem or report a bug does not create temporary files in a secure fashion. This could allow a local attacker to overwrite files with the privileges of the...