16 matches found
dirk-gerlach.de Improper Access Control vulnerability OBB-3768198
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
vakantieverhuur.dirkwillemyns.be Cross Site Scripting vulnerability OBB-1262760
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
FreeBSD-SA-19:02.fd - Privilege Escalation
FreeBSD-SA-19:02.fd - Privilege Escalation Exploit: FreeBSD-SA-19:02.fd - Privilege Escalation Date: 2019-12-30 Author: Karsten König of Secfault Security Twitter: @gr4yf0x Kudos: Maik, greg and Dirk for discussion and inspiration CVE: CVE-2019-5596 libmap.conf primitive inspired by kcope's 2005...
Rockstar Games: SMB SSRF in emblem editor exposes taketwo domain credentials, may lead to RCE
In this report, the researcher found that by submitting crafted SVG files, he was able to establish a listener on our server that enabled SSRF attacks. This potentially could have been pivoted to carry out more damaging attacks as well. We improved our validation of user-submitted SVG files to...
DNS Reverse Lookup Shellshock Exploit
DNS reverse lookups can be used as a vector of attack for the bash shellshock vulnerability. DNS Reverse Lookup as a vector for the Bash vulnerability CVE-2014-6271 et.al. CVE-2014-3671 references: CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278 CVE-2014-7186 and, CVE-2014-7187 Summary...
DNS Reverse Lookup Shellshock
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory DNS Reverse Lookup as a vector for the Bash vulnerability CVE-2014-6271 et.al. CVE-2014-3671 references: CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278 CVE-2014-7186 and, CVE-2014-7187 Summary: Above CVEs detail a number ...
CentOS 3 / 4 / 5 : qt (CESA-2007:0721)
Updated qt packages that correct an integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Qt is a software toolkit that simplifies the task of writing and maintaining GUI Graphical User Interface applications...
RHEL 3 / 4 / 5 : qt (RHSA-2007:0721)
Updated qt packages that correct an integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Qt is a software toolkit that simplifies the task of writing and maintaining GUI Graphical User Interface applications...
qt security update
CentOS Errata and Security Advisory CESA-2007:0721 Updated qt packages that correct an integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Qt is a software toolkit that simplifies the task of writing and...
Moderate: Red Hat Security Advisory: qt security update
Updated qt packages that correct an integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Qt is a software toolkit that simplifies the task of writing and maintaining GUI Graphical User Interface applications...
CentOS 3 / 4 / 5 : kdebase (CESA-2007:0494)
Updated kdebase packages that resolve an interaction security issue with Adobe Flash Player are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environmen...
Important: Red Hat Security Advisory: kdebase security update
Updated kdebase packages that resolve an interaction security issue with Adobe Flash Player are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environmen...
Important: Red Hat Security Advisory: xpdf security update
An updated xpdf package that fixes a buffer overflow security issue is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The xpdf package is an X Window System-based viewer for Portable Document Format PDF files. A heap based buff...
[SA18677] Xpdf PDF Splash Image Handling Vulnerability
TITLE: Xpdf PDF Splash Image Handling Vulnerability SECUNIA ADVISORY ID: SA18677 VERIFY ADVISORY: http://secunia.com/advisories/18677/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: From remote SOFTWARE: Xpdf 3.x http://secunia.com/product/4128/ DESCRIPTION: Dirk Mueller has...
Important: Red Hat Security Advisory: : Updated mailman packages close cross-site scripting vulnerabilities
Updated mailman packages that close various cross-site scripting vulnerabilities are now available. Mailman is a mailing list manager. Dirk Mueller discovered a cross-site scripting bug in the admin interface in versions of Mailman 2.1 before 2.1.4. The Common Vulnerabilities and Exposures projec...
mailman XSS in admin script
Dirk Mueller reports: I've found a cross-site scripting vulnerability in the admin interface of mailman 2.1.3 that allows, under certain circumstances, for anyone to retrieve the valid session cookie...