Ubuntu: Security Advisory (USN-1688-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-1689-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[USN-1683-1] Linux kernel vulnerability

========================================================================== Ubuntu Security Notice USN-1683-1 January 10, 2013 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Ubuntu Update for linux USN-1683-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN16831.nasl 8542 2018-01-26 06:57:28Z teissa $ Ubuntu Update for linux USN-1683-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...

Ubuntu Update for linux-ec2 USN-1684-1

Check for the Version of linux-ec2 OpenVAS Vulnerability Test $Id: gbubuntuUSN16841.nasl 8650 2018-02-03 12:16:59Z teissa $ Ubuntu Update for linux-ec2 USN-1684-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

Ubuntu: Security Advisory (USN-1684-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1684-1: Linux kernel (EC2) vulnerability

A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents...

USN-1683-1: Linux kernel vulnerability

A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents...

Carefully timed redirects can allow cross site scripting – Opera Security Advisories

Scripts on a page are supposed to be restricted so that they can only interact with other pages from the same domain and security context. Carefully timed redirects can cause scripts to execute in the wrong security context in Opera. This allows cross site scripting XSS...

Welcart vulnerable to cross-site scripting

Overview Welcart contains a cross-site scripting vulnerability. Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a cross-site scripting vulnerability. Yoshinori Matsumoto of Kobe Digital Lab., Inc. reported this vulnerability to IPA. JPCERT/CC...

Ruijie Application Control engine of the management server can increase user-vulnerability warning-the black bar safety net

Ruijie Application Control engine of the management server, the RG-ACE series Application Control engine of the management server V3. 1. 3 6. 0 0 1, The Official Website of the connection http://www.ruijie.com.cn/service/down-search.aspx the display is the latest version according to not authorit...

KENT-WEB ACCESS REPORT vulnerable to cross-site scripting

Overview ACCESS REPORT provided by KENT-WEB contains a cross-site scripting vulnerability. ACCESS REPORT provided by KENT-WEB is a software to analyze web access logs. ACCESS REPORT contains a cross-site scripting vulnerability. This is caused by a particular method in which tags are embedded int...

Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Adobe...

Adobe IndesignServer 5.5 - SOAP Server Arbitrary Script Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Adobe...

Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution

This module abuses the "RunScript" procedure provided by the SOAP interface of Adobe InDesign Server, to execute arbitrary vbscript Windows or applescript OSX. The exploit drops the payload on the server and must be removed manually. This module requires Metasploit: https://metasploit.com/downloa...

Debian DSA-2578-1 : rssh - insufficient filtering of rsync command line

James Clawson discovered that rssh, a restricted shell for OpenSSH to be used with scp, sftp, rdist and cvs, was not correctly filtering command line options. This could be used to force the execution of a remote script and thus allow arbitrary command execution. Two CVE were assigned : -...

Error pages can be used to guess local file paths – Opera Security Advisories

Remote web pages should not be able to detect what files a user has on their local machine. Certain error pages do not apply this restriction correctly, allowing web pages to produce an error page where a script can run. The script can then use various events to detect whether files on the user’s...

Pebble vulnerable to HTTP header injection

Overview Pebble contains an HTTP header injection vulnerability. Pebble is an open source weblog system. Pebble contains an HTTP header injection vulnerability. Takahisa Kishiya reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

nginx+cgi to parse php is prone to a vulnerability-vulnerability warning-the black bar safety net

The title is a bit large, when we analyze carefully after, in fact, are generally configuration issues. If someone wants to attack the server, it will scan the machine where there is vulnerability can upload a malicious script file, the upload script is the first step, When a malicious php script...

Tokyo BBS vulnerable to cross-site scripting

Overview Tokyo BBS contains a cross-site scripting vulnerability. Tokyo BBS provided by Come on Girls Interface contains a cross-site scripting vulnerability. Naohiko Tsuda reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...