java-1_7_0-openjdk: update to icedtea-2.3.4 (critical)

java-170-openjdk was updated to icedtea-2.3.4 fixing bugs and also severe security issues: Security fixes - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries - S8006017, CVE-2013-0422: Improve lookup resolutions - S8006125: Update MethodHandles library interactions Bug fixe...

JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...

Nagios XI Graph Explorer Component OS Command Injection Vulnerability

Added: 01/23/2013 BID: 54263 OSVDB: 83552 Background Nagios XI is a network host and service monitoring and management system. Problem Nagios XI Graph Explorer Component is vulnerable to arbitrary command execution by authenticated users. The vulnerability is due to the visApi.php script not...

httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled

Cross-site scripting XSS vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by...

httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled

Multiple cross-site scripting XSS vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted...

Cisco VoIP Phone Hacked, Turned into Listening Device

Network-enabled devices such as routers and printers are notoriously insecure and fully exploitable gateways leading attackers toward network resources. A researcher and PhD student at Columbia University recently added VoIP phones to the list of pressing concerns. Ang Cui demonstrated an attack...

puppet: authenticated clients allowed to delete arbitrary files on the puppet master

Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. dot dot in a...

Digi RealPort Serial Server Port Scanner

Identify active ports on RealPort-enabled serial servers. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi RealPort Serial Server Port Scanner', 'Description' = 'Identify active ports on...

Simple Web Server 2.2-rc2 - ASLR Bypass

Simple Web Server 2.2-rc2 - ASLR Bypass use IO::Socket; Exploit Title: SWS 2.2-rc2 - Remote code execution Egghunting + ASLR bypass Date: 28/8/2012 Special Regards to Mr.pr0n ,Corelan team , immunity u guys are first !!! based on a POC by MR. Pr0n Author: pole Tested on Windows 7 32bit NOTE : If...

Scientific Linux Security Update : fence on SL4.x i386/x86_64

Insecure temporary file use flaws were found in fenceegenera, fenceapc, and fenceapcsnmp. A local attacker could use these flaws to overwrite an arbitrary file writable by the victim running those utilities via a symbolic link attack. CVE-2008-4192, CVE-2008-4579 This update also fixes the...

Charlie Miller Takes on NFC, Charlie Miller Wins

LAS VEGAS–Do not stand near Charlie Miller. Actually, you might not even want to let him walk past you. It’s not that Miller is a bad person, you understand. The problem is that Miller has figured out a couple of methods that enable him–or an attacker–to use the NFC chip in some phones to exploit...

Hacker going to demonstrate open source tool to crack Hashes with speed of 154 Billion/sec

Bitweasil lead developer going to Demonstrate an open source Tool called "Cryptohaze" at DEF CON 20. The Cryptohaze Multiforcer supports CUDA, OpenCL, and CPU code SSE, AVX, etc. All of this is aimed at either the pentester who can't spray hashes to the internet, or the hacker who would rather no...

SA-CONTRIB-2012-102 - Ubercart AJAX Cart - Potential Disclosure of user Session ID

This module enables you to replace the default Ubercart shopping cart block with an AJAX-enabled one. The module includes the user's current session ID in one of its JavaScript settings keys on every page load which could be intercepted if the user's connection is not over SSL. This vulnerability...

Facebook Issues Security Updates for Mobile App

The Facebook security team is adding some new security features to the social network’s mobile applications, including upgrades to the login mechanism and account recovery options. The first addition is an update to Facebook’s existing login approval mechanism, which they are calling ‘code...

tomcat: security manager restrictions bypass

Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service infinite lo...

DEBIAN-CVE-2012-2416

chansip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service daemon crash by sending a SIP UPDATE...

Security Concern : Internet Enabled TV can be hacked !

Security Concern : Internet Enabled TV can be hacked ! Is your Internet TV vulnerable to hackers? Internet TVs could be the newest avenue for cybercriminals to infiltrate your home or business. Last year, Researchers at Mocana, a security technology company in San Francisco, recently discovered...

Fedora Update for WebCalendar FEDORA-2012-1934

Check for the Version of WebCalendar OpenVAS Vulnerability Test Fedora Update for WebCalendar FEDORA-2012-1934 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Fedora Update for nss FEDORA-2012-3996

Check for the Version of nss OpenVAS Vulnerability Test Fedora Update for nss FEDORA-2012-3996 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

Code injection

Cisco Wireless LAN Controller WLC devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service device reload via a sequence of 1 HTTP or 2 HTTPS packets, aka Bug ID CSCtt47435...