444 matches found
OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)
It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN...
Joomla Account Creation and Privilege Escalation
This module creates an arbitrary account with administrative privileges in Joomla versions 3.4.4 through 3.6.3. If an email server is configured in Joomla, an email will be sent to activate the account the account is disabled by default. This module requires Metasploit:...
Cisco ASA DNS DoS Vulnerability (cisco-sa-20151021-asa-dns2)
A vulnerability in the DNS code of Cisco ASA may lead to a denial of service. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...
CVE-2015-5505
The HTTP Strict Transport Security HSTS module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the "include subdomains" directive, which causes the HSTS policy to not be applied to subdomains and allows man-in-the-middle attackers to have unspecified impac...
Unspecified Vulnerability in Gemalto SafeNet Luna HSM
Gemalto SafeNet Luna HSM is a suite of application and transaction security solutions for enterprise and government organizations from Gemalto USA. A security vulnerability exists in Gemalto SafeNet Luna HSM, and no detailed vulnerability details are available at this time...
docker: volume mounts allow LSM profile escalation
Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...
Docker /proc/ file write vulnerability
Docker is an open-source application container engine that allows developers to package their applications, along with dependency packages, into a portable container and then distribute it to any popular Linux machine, also enabling virtualization. Docker handles volume mounts with a security...
Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure
This module tests vulnerable IIS HTTP header file paths on Microsoft Exchange OWA 2003 and CAS 2007, 2010, and 2013 servers. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Outlook Web App OWA ...
Multiple Websense Product Data Security Module Page Cross-Site Scripting Vulnerabilities
Websense, Inc. NASDAQ: WBSN is the world's leading provider of integrated Web, information and data security protection solutions. Multiple Websense product data security module page cross-site scripting vulnerabilities due to the program failing to properly filter user-supplied input. The...
[SECURITY] Fedora 22 Update: python-urllib3-1.10.2-1.fc22
Python HTTP module with connection pooling and file POST abilities...
Detours to modify the paragraph properties of vulnerability-vulnerability warning-the black bar safety net
Detours to modify the paragraph properties of the vulnerability Affected Software and systems Detours3. 0 and previous versions Description This issue will be its positioning as a vulnerability may be less suitable, the more likely that Detours a BUG, but because the defect will cause the exploit...
DS3 Authentication Server - Multiple Vulnerabilities
No description provided by source. Original: http://www.digitalsec.net/stuff/explt+advs/DS3.AuthServer.txt =============================== - Advisory - =============================== Tittle: DS3 Authentication Server - Command Execution Post Authentication & other minor issues Risk: High Date:...
Apple Updates iOS Security Guide
Apple rarely offers anyone a glimpse inside its walled-off security garden. The last time it did was in the spring of 2012 when it released a detailed paper on the security of its iOS operating system for iPhones and iPads. The company also presented a much-anticipated if not anticlimactic...
CVE-2013-2197
The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal, when using the login delay option, allows remote attackers to cause a denial of service CPU consumption via a large number of failed login attempts...
Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation
This module exploits a flaw in the nwfs.sys driver to overwrite data in kernel space. The corruption occurs while handling ioctl requests with code 0x1438BB, where a 0x00000009 dword is written to an arbitrary address. An entry within the HalDispatchTable is overwritten in order to execute...
DS3 Authentication Server Command Execution
Original: http://www.digitalsec.net/stuff/explt+advs/DS3.AuthServer.txt =============================== - Advisory - =============================== Tittle: DS3 Authentication Server - Command Execution Post Authentication & other minor issues Risk: High Date: 27.May.2013 Author: Pedro Andujar .:...
Design/Logic Flaw
Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running "under memory pressure" and the Xen Security Module XSM is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free and allows local guest kernels to injec...
Potential use of freed memory in event channel operations
ISSUE DESCRIPTION Wrong ordering of operations upon extending the per-domain event channel tracking table can cause a pointer to freed memory to be left in place, when the hypervisor is under memory pressure and XSM Xen Security Module is enabled. IMPACT Malicious guest kernels could inject...
Design/Logic Flaw
The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances ASA devices, and Prime Security Manager aka PRSM before 9.0.2-103, allows remote attackers to cause a denial of service disk consumption and application hang via unspecified IPv4 packets that trigger...
CVE-2012-4629
The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances ASA devices, and Prime Security Manager aka PRSM before 9.0.2-103, allows remote attackers to cause a denial of service disk consumption and application hang via unspecified IPv4 packets that trigger...