UBUNTU-CVE-2015-3339

Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...

UBUNTU-CVE-2015-3329

Multiple stack-based buffer overflows in the pharsetinode function in pharinternal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a 1 tar, 2 phar, or 3 ZIP archive...

CVE-2015-3319

Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

Design/Logic Flaw

Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

CVE-2015-3319

CVE-2015-3319 affects Hotspot Express hotEx Billing Manager version 73. The root cause is absence of the HttpOnly flag in Set-Cookie headers, enabling potential access to cookies via client-side scripts by remote attackers. Multiple sources (NVD entry and CNVD/OpenVAS notes) corroborate this expo...

CVE-2015-3319

Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

[SECURITY] Fedora 20 Update: arj-3.10.22-22.fc20

This package is an open source version of the arj archiver. It has been created with the intent to preserve maximum compatibility and retain the feature set of original ARJ archiver as provided by ARJ Software, Inc...

VMware vCenter Operations Manager Web UI Default Credentials

The web UI component of VMware vCenter Operations Manager uses a known set of default credentials. An attacker can use these to gain access to the system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid82704;...

ShellShock attack lab-vulnerability warning-the black bar safety net

A, experimental description 2 0 1 4 year 9 month 2 4 day Bash discovered a serious vulnerability shellshock, the vulnerability can be used in many systems, and both can be remote can also be in the local trigger. In this experiment, students need to personally reproduce the attack to understand t...

Format string vulnerability lab-vulnerability warning-the black bar safety net

A, experimental description Format string vulnerability is by like printfuserinputof such code is caused, where userinput is the user input data, having a Set-UID root privileges of such programs at run time, the printf statement will become very dangerous, because it may lead to the following...

qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix)

A flaw was found in the way the Qpid daemon qpidd processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set that could use this flaw to crash qpidd...

qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix)

A flaw was found in the way the Qpid daemon qpidd processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set that could use this flaw to crash qpidd...

qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix)

A flaw was found in the way the Qpid daemon qpidd processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set that could use this flaw to crash qpidd...

CVE-2015-1229

net/http/proxyclientsocket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 aka Proxy Authentication Required HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response...

CVE-2015-1229

Removed by vendor...

Google Chrome cookie injection attack vulnerability

Google Chrome is a popular WEB browser. A security vulnerability exists in the Google Chrome net/http/proxyclientsocket.cc file due to failure to properly handle the 407 aka Proxy Authentication Required HTTP status code that appears in the Set-Cookie header. A remote attacker can exploit this...

chromium-browser: Cookie injection in proxies

net/http/proxyclientsocket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 aka Proxy Authentication Required HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response...

qemu: vnc: insufficient bits_per_pixel from the client sanitization

An uninitialized data structure use flaw was found in the way the setpixelformat function sanitized the value of bitsperpixel. An attacker able to access a guest's VNC console could use this flaw to crash the guest...

Drupal Feature Set Module Cross-Site Request Forgery Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Feature Set is one of the modules used to enable or disable a feature or group of modules. A cross-site request forgery vulnerability exists in the Drupal Feature Set module. A remote...

UBUNTU-CVE-2015-0240

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets...