11 matches found
Code injection
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...
Regression - "Browse Project" permission for "Reporter" grants users to see projects they are not permitted to.
Regression of JRA-4935 When i add the "Reporter" to the "Browse Project" Permission of one project. This project instantly becomes visible to ALL usersvia the project table portlet, if they have any kind of permission to see this project or not. So all users can see this project, but can't see an...
Apple XCode 4.x 信息泄露漏洞
BUGTRAQ ID: 54679 CVE ID: CVE-2012-3698,CVE-2011-3389 Xcode是苹果机器上所使用的开发工具。 Apple Xcode 4.4之前版本在实现上存在安全漏洞,可被恶意用户利用泄露敏感信息,劫持用户会话,绕过某些安全限制。 1) SSL 3.0和TLS 1.0协议的实现中存在设计错误。 2) DR实现中的错误可允许App Store应用访问用Xcode构建的Helper工具中的密钥链项目。 0 Apple XCode 4.x 厂商补丁: Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
PHP "crypt()"函数安全限制绕过漏洞
BUGTRAQ ID: 49376 CVE ID: CVE-2011-3189 PHP是一种在电脑上运行的脚本语言,主要用途是在于处理动态网页,包含了命令行运行接口或者产生图形用户界面程序。 PHP在crypt函数的实现上存在安全漏洞,攻击者可利用此漏洞绕过某些安全限制。 0 PHP PHP 5.3.7 PHP PHP 5.3.6 PHP PHP 5.3.5 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.php.net HTTP Request: ==== POST...
SMBind 0.4.7 SQL Injection
smbind query"SELECT ID FROM users WHERE username = '" . $SESSION'username' ."' AND password = '" . md5$SESSION'password' . " ' "; Easy admin login Enter in username field: admin'; Enter in password field: anything Sql query will result like this: SELECT ID FROM users WHERE username = 'admin'; ' A...
Perl Safe模块对象引用绕过安全限制漏洞
BUGTRAQ ID: 40302 CVECAN ID: CVE-2010-1168,CVE-2010-1974 Perl是一种免费且功能强大的编程语言。 Perl中所使用的Safe模块没有正确地对经过隐式bless处理的对象限制DESTROY和AUTOLOAD等方式的代码,在访问或释放这些对象时 Safe可能未加限制的执行这些方式。在Safe隔离中所执行的特制Perl脚本可以利用这个漏洞绕过预期的Safe模块限制。 Perl 5.12.1 厂商补丁: Larry Wall ---------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Oracle Database password weakness
Added: 05/12/2009 Background Oracle Database is a relational database solution available for multiple platforms. Problem The Oracle Database service has accounts with default or easily guessed passwords, which could allow an attacker to make unauthorized SQL queries. Resolution Set a strong...
Linksys WRT160N无线路由器跨站请求伪造漏洞
BUGTRAQ ID: 34448 WRT160N是Linksy最新推出的一款802.11n无线路由器。 WRT160N路由器的WEB管理接口没有正确地验证用户所提交的HTTP请求,如果管理员受骗访问了恶意网页的话就可能导致绕过安全限制执行管理操作。 0 Linksys WRT160N Linksys ------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: a href=http://www.linksys.com target=blank rel=external nofollowhttp://www.linksys.com/a...
Linksys WRT54GXv2 UPnP请求处理漏洞
WRT54GXv2是一款流行的无线宽带路由器。 WRT54GXv2的UPnP功能的实现上存在漏洞,远程攻击者可能利用此漏洞绕过某些安全限制。 如果启用了UPnP的话,WRT54GXv2就会接受发送到WAN接口UPnP请求,攻击者可以通过向设备发送AddPortMapping命令打开任意端口。 Linksys WRT54GX v2 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.linksys.com...
Security Raiders: the breakthrough Group Policy operating limitations of the method-vulnerability warning-the black bar safety net
Idle with nothing on and ran to the sister company to go to the Internet, just to their executives in a meeting, you're welcome to sit to her seat on the movies. Would have been quiet the movie is not in trouble, just look for a moment, the old sister come and harass me. “Brother, Ah, there are...
Breakthrough Group Policy operating limitations-vulnerability warning-the black bar safety net
Idle with nothing on and ran to the sister company to go to the Internet, just to their executives in a meeting, you're welcome to sit to her seat on the movies. Would have been quiet the movie is not in trouble, just look for a moment, the old sister come and harass me. “Brother, Ah, there are...