Ubuntu: Security Advisory (USN-3271-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Libxslt vulnerabilities (USN-3271-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3271-1 advisory. Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString function in Libxslt. An attacker could use this to craft a maliciou...

python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs

It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose source of scripts in the cgi-bin directory...

Amazon Linux: Security Advisory (ALAS-2014-440)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs

It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose source of scripts in the cgi-bin directory...

Crumbs - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-082

This module enables you to add navigation to your webpages colloquially referred to as "breadcrumbs". The module doesn't sufficiently sanitize custom HTML separators for breadcrumbs, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacke...

[RT-SA-2014-008] Python CGIHTTPServer File Disclosure and Potential Code Execution

Advisory: Python CGIHTTPServer File Disclosure and Potential Code Execution The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary CGI scripts in the server's document root...

Updated python & python3 packages fix two vulnerabilities

Updated python and python3 packages fix security vulnerabilities: Python 2 and 3 are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value tha...

UBUNTU-CVE-2014-4650

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...

Framework: org.spring.web.util.JavaScriptUtils.javaScriptEscape insufficient escaping of characters

The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting XSS attacks via a 1 line separator or 2 paragraph separator Unicod...

CVE-2013-1939

The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7, and 1.8.x before 1.8.5, as used in ownCloud, when running on Windows, does not properly check path separators in the base path, which allows remote attackers to read arbitrary files via a \ backslash character...

PYSEC-2013-28

Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report...

CVE-2013-4510

CVE-2013-4510 describes a directory traversal vulnerability in the Tryton client (3.0.0, prior to 20131104) that allows a remote server to write arbitrary files via path separators in the extension of a report. The issue is documented across multiple sources (including GHSA and OSV entries) with ...

CVE-2013-4510

Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report...

Modsecurity Cross Site Scripting Bypass

Product: Modsecurity Author: Rafay Baloch Company: RHAINFOSEC Website: http://services.rafayhackingarticles.net Reported: 8/8/2013 Fixed: 25/8/2013 Status: Fixed ============ Introduction ============ The ModSecurity firewall is one of the most known WAF around, It has anonline smoke test where w...

os_commanding

This plugin will find OS commanding vulnerabilities. The detection is performed using two different techniques: Time delays Writing a known file to the HTML output With time delays, the plugin sends specially crafted requests that, if the vulnerability is present, will delay the response for 5...

CentOS Update for glibc CESA-2012:0058 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Moderate: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CVE-2009-4501

The zbxgetnextfield function in libs/zbxcommon/str.c in Zabbix Server before 1.6.8 allows remote attackers to cause a denial of service crash via a request that lacks expected separators, which triggers a NULL pointer dereference, as demonstrated using the Command keyword...

CVE-2009-4501

The zbxgetnextfield function in libs/zbxcommon/str.c in Zabbix Server before 1.6.8 allows remote attackers to cause a denial of service crash via a request that lacks expected separators, which triggers a NULL pointer dereference, as demonstrated using the Command keyword...