561 matches found
postgresql: loss of frontend/backend protocol synchronization after an error
A flaw was found in the way PostgreSQL handled certain errors that were generated during protocol synchronization. An authenticated database user could use this flaw to inject queries into an existing connection...
Updated setup package fixes security vulnerability
An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes this issue by enforcing that those files are owned by the root user and...
CVE-2015-2301
Use-after-free vulnerability in the pharrenamearchive function in pharobject.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of...
JVN#88862608: Joyful Note vulnerability in handling files
Joyful Note from KENT-WEB is a bulletin board software that allows users to upload binary files such as image files. Joyful Note contains a vulnerability in handling files. Impact A remote attacker may create arbitrary files or delete existing files on the server. As a result, arbitrary code may ...
JVN#16485017: SLFileManager for Android vulnerable to directory traversal
SLFileManager provided by S-Link, Inc. contains a flaw in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has privileges ...
File Explorer vulnerable to directory traversal
Overview File Explorer provided by NextApp, Inc. contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
SD Card Manager vulnerable to directory traversal
Overview SD Card Manager provided by apps4u@android contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
SuSE 11.3 Security Update : puppet (SAT Patch Number 9033)
The deployment framework puppet received an update for a security issue in January. The backport of this security issue was however incomplete and broke existing setups. As the scope of the problem is limited to local scenarios where an attacker likely has access already, and backporting is not...
JVN#38227002: Unzipper vulnerable to directory traversal
Unzipper provided by R-Company contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has privileges to...
JVN#49384502: SimZip (Simple Zip Viewer) vulnerable to directory traversal
SimZip Simple Zip Viewer provided by Gapless Player contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application...
CVE-2013-5973
VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a 1 -flat, 2 -rdm, or 3 -rdmp filename...
[ModSecurity v2.7] Open Source Web Application Firewall
ModSecurity is an embeddable web application firewall, which means it can be deployed as part of your existing web server infrastructure Apache, IIS7 and Nginx. This deployment method has certain advantages: 1. No changes to existing network. It only takes a few minutes to add ModSecurity to your...
How Dark Mail Plans to Build an Open, Secure Email Platform
The new Dark Mail Alliance formed this week by Lavabit and Silent Circle will offer an open platform for secure email that will use existing protocols and cloud storage as a way to evade surveillance. The new system, which should be available next year, is in some ways a throwback to the...
[SECURITY] Fedora 18 Update: eucalyptus-3.2.1-2.fc18
Eucalyptus is a service overlay that implements elastic computing using existing resources. The goal of Eucalyptus is to allow sites with existing clusters and server infrastructure to co-host an elastic computing service that is interface-compatible with Amazon AWS. This package contains the...
Ubuntu 12.04 LTS : keystone vulnerability (USN-1564-1)
Dolph Mathews discovered that when roles are granted and revoked to users in Keystone, pre-existing tokens were not updated or invalidated to take the new roles into account. An attacker could use this to continue to access resources that have been revoked. Note that Tenable Network Security has...
Screen Capture
Added: 04/18/2012 Background This tool captures the screen of a remote target. Limitations An existing connection to the remote target is required. For Unix and Linux systems, the xwd utility must be present on the remote target. Platforms Windows Linux Unix...
Screen Capture
Added: 04/18/2012 Background This tool captures the screen of a remote target. Limitations An existing connection to the remote target is required. For Unix and Linux systems, the xwd utility must be present on the remote target. Platforms Windows Linux Unix...
Simple Php Agenda <= 2.2.8 CSRF (Add Admin/Add New Event)
Exploit for php platform in category web applications +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Simple Php Agenda = 2.2.8 CSRF Add Admin/Add New Event Date : 29-03-2012 Author : Ivano Binetti...
Tivoli Provisioning Manager Express for Software Distribution Multiple SQL Injections
The remote web application fails to properly sanitize user-supplied input to the following servlets : - Printer.getPrinterAgentKey in the SoapServlet servlet - User.updateUserValue in the register.do servlet - User.isExistingUser in the logon.do servlet - Asset.getHWKey in the CallHomeExec servle...
Fedora 14 : puppet-2.6.12-1.fc14 (2011-15000)
A bug in puppet's SSL certificate handling could allow nodes with a valid certificate to impersonate the puppet master. To be vulnerable, a user would have had to set the certdnsnames variable and generated certificates. This setting is not set by default in the Fedora/EPEL packages. This update...