SAP NetWeaver Enqueue Server - Denial of Service

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability 1. Advisory Information Title: SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability Advisory ID: CORE-2014-0007 Advisory URL:...

Mozilla Releases Security Updates for Firefox and Thunderbird

The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox and Thunderbird. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, bypass same-origin policy and key pinning, cause an exploitable crash, conduct a...

CSNC-2014-004 neuroML - Multiple Vulnerabilities

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: neuroML Version: =v1.8.1 Confirmed: v1.8.1 Vendor: neuroML.org CSNC ID: CSNC-2014-004 CVD ID: none Subject: Multiple Vulnerabilities Risk: High Effect: Remotely exploitable Author: Philipp Promeuschel...

[Onapsis Security Advisory 2014-028] SAP HANA Web-based Development Workbench Code Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2014-028: SAP HANA Web-based Development Workbench Code Injection 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to completely compromise the SAP...

Buffer overflow during CSS manipulation — Mozilla

Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered a buffer overflow when making capitalization style changes during CSS parsing. This can cause a crash that is potentially exploitable...

libvpx -- out-of-bounds write

The Mozilla Project reports: Using the Address Sanitizer tool, security researcher Abhishek Arya Inferno of the Google Chrome Security Team found an out-of-bounds write when buffering WebM format video containing frames with invalid tile sizes. This can lead to a potentially exploitable crash...

Out-of-bounds write with WebM video — Mozilla

Using the Address Sanitizer tool, security researcher Abhishek Arya Inferno of the Google Chrome Security Team found an out-of-bounds write when buffering WebM format video containing frames with invalid tile sizes. This can lead to a potentially exploitable crash during WebM video playback...

vBulletin 5.x / 4.x Persistent Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API post-auth ============================================================================ ==================== Overview - -------- date : 10/12/2014 cvss : 4.6...

neuroML 1.8.1 XSS / LFI / XXE Injection / Disclosure Vulnerabilities

neuroML version 1.8.1 suffers from cross site scripting, local file inclusion, XXE injection, and path disclosure vulnerabilities. Product: neuroML Version: Subject: Multiple Vulnerabilities Risk: High Effect: Remotely exploitable Author: Philipp Promeuschel Date: 10.10.2014 Abstract: -----------...

Bash Me Some More

Good morning! This is kinda long. == Background == If you are not familiar with the original bash function export vulnerability CVE-2014-6271, you may want to have a look at this article: http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html Well, long story short: the...

Patching Bash Vulnerability a Challenge for ICS, SCADA

While the most urgent focus where the Bash vulnerability is concerned is around Internet-facing web servers, embedded systems and industrial control systems are not exempt from worry. Experts are concerned about Linux-based industrial control systems and SCADA equipment, in particular, that may b...

Home Hacking Made Simple

SEATTLE–Like most security researchers, David Jacoby is naturally curious about how things work, and whether they can be made to do things they weren’t meant to do. Sitting at home in Sweden a few months ago, he looked at all of the Web-enabled devices in his house–TV, game console, network stora...

Re: [oss-security] CVE-2014-6271: remote code execution through bash

On Wed, Sep 24, 2014 at 04:05:51PM +0200, Florian Weimer wrote: Stephane Chazelas discovered a vulnerability in bash, related to how environment variables are processed: trailing code in function definitions was executed, independent of the variable name. In many common configurations, this...

Debian DSA-3032-1 : bash - security update

Stephane Chazelas discovered a vulnerability in bash, the GNU Bourne-Again Shell, related to how environment variables are processed. In many common configurations, this vulnerability is exploitable over the network, especially if bash has been configured as the system shell. %NASLMINLEVEL 70300 ...

GNU Bash shell executes commands in exported functions in environment variables

Overview GNU Bash 4.3 and earlier contains a command injection vulnerability that may allow remote code execution. Description UPDATE: New CVE-IDs added for incomplete patches. Additional resources added and vendor patch information updated.CWE-78: OS Command Injection Bash supports exporting of...

krfb -- Multiple security issues in bundled libvncserver

Martin Sandsmark reports: krfb 4.14 and earlier embeds libvncserver which has had several security issues. Several remotely exploitable security issues have been uncovered in libvncserver, some of which might allow a remote authenticated user code execution or application crashes...

Four Vulnerabilities Patched in SCADA Server

Four different remotely exploitable vulnerabilities were recently discovered and patched in a popular SCADA server. The vulnerabilities exist in some versions of IntegraXor, a SCADA server manufactured by Ecava Sdn Bhd, a Malaysian-based software company. The Industrial Control Systems Cyber...

Use-after-free during DOM interactions with SVG — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover a use-after-free during cycle collection. This was found in interactions with the SVG content through the document object model DOM with animating SVG content. This leads to a...

Granding MA300 - Weak Pin Encryption Brute Force

source: https://www.securityfocus.com/bid/69390/info Grand MA 300 is prone to multiple security weaknesses. Attackers can exploit these issues to disclose the access pin by sniffing network traffic or perform brute-force attacks on pin to gain unauthorized access. This may aid in other attacks...

SeaMonkey < 2.26.1 Multiple Vulnerabilities

The installed version of SeaMonkey is a version prior to 2.26.1. It is, therefore, affected by the following vulnerabilities : - There are multiple memory safety bugs in the browser engine. Several of these bugs show evidence of memory corruption, which may allow an attacker to execute arbitrary...