Mozilla Firefox/Thunderbird/SeaMonkey代码注入漏洞

BUGTRAQ ID: 64212 CVECAN ID: CVE-2013-6671 Mozilla Firefox/SeaMonkey/Thunderbird是Mozilla所发布的WEB浏览器/新闻组客户端/邮件客户端。 Firefox 26、Firefox ESR 24.2、Thunderbird 24.2、Seamonkey 2.23之前版本在libxul.so!nsGfxScrollFrameInner::IsLTR 的实现上存在段错误，成功利用后可使攻击者造成受影响应用崩溃。 0 Mozilla Firefox 26 Mozilla Thunderbird 24.2...

Eaton Network Shutdown Module 3.21 PHP Code Injection

Eaton Network Shutdown module versions 3.21 and below suffer from a remote PHP code injection vulnerability. This is a python exploit for a previously disclosed finding. !/usr/bin/env python Quick 'n' Dirty - Metasploit module didn't do it for me 2013 - Filip Waeytens - http://www.wsec.be Usage...

Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection

Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection !/usr/bin/env python Quick 'n' Dirty - Metasploit module didn't do it for me 2013 - Filip Waeytens - http://www.wsec.be Usage Example: $ python eaton.py 192.168.1.9 "net user" User accounts for \...

Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection

!/usr/bin/env python Quick 'n' Dirty - Metasploit module didn't do it for me 2013 - Filip Waeytens - http://www.wsec.be Usage Example: $ python eaton.py 192.168.1.9 "net user" User accounts for \ ------------------------------------------------------------------------------- Guest LocalAdmin The...

Fedora 20 : kernel-3.11.10-300.fc20 (2013-22531)

Update to last upstream 3.11 stable release, 3.11.10. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 19 : python-keyring-3.3-1.fc19 (2013-22694)

======= CHANGES ======= Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

Fedora 20 : kernel-3.11.9-300.fc20 (2013-21967)

The stable 3.11.9 update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 19 : kernel-3.11.9-200.fc19 (2013-21807)

The stable 3.11.9 update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 20 : roundcubemail-0.9.5-1.fc20 (2013-19699)

Roundcubemail just released new 0.9.5 version with fixes for VCE2013-6172will be available soon. Hotfix: https://github.com/roundcube/roundcubemail/commit/4109bb26ce.diff Full announcement : Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Fedora 19 : wireshark-1.10.3-2.fc19 (2013-20829)

Harden dumpcap capabilities - Ver. 1.10.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

MS KB2896666: Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution (deprecated)

The remote host is missing one of the workarounds referenced in KB 2896666. The remote host has a version of the Microsoft Graphics Component installed that is potentially affected by a code execution vulnerability due to the way the application handles specially crafted TIFF images. %NASLMINLEVE...

Fedora 18 : GraphicsMagick-1.3.18-2.fc18 (2013-19307)

Update to the latest GraphicsMagick release, includes an important security-related fix for exporting some 8-bit images. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

Fedora 19 : dropbear-2013.59-1.fc19 (2013-18593)

New version/Unbundle libtom/harden build/AArch64 support. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 19 : kernel-3.11.4-201.fc19 (2013-18820)

The 3.11.4 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 20 : kernel-3.11.4-301.fc20 (2013-18867)

The 3.11.4 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 18 : kernel-3.10.14-100.fc18 (2013-18364)

The 3.10.14 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 20 : kernel-3.11.2-301.fc20 (2013-17982)

The 3.11.2 update contains a large number of fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 20 : systemd-207-4.fc20 (2013-17176)

Fixes polkit authentication issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

Fedora 20 : python-pyrad-2.0-3.fc20 (2013-15838)

Better random number genetator Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

IBM DB2 Content Manager eClient < 8.4.1.1 Unspecified Security Vulnerability

According to its version number, the IBM DB2 Content Manager eClient install hosted on the remote web server is a version prior to 8.4.1.1, and is, therefore, potentially affected by an unspecified security vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...