MoinMoin twikidraw Action Directory Traversal (CVE-2012-6081)

A directory traversal vulnerability has been reported in MoinMoin server application. The vulnerability is caused due to improper sanitization of query strings from the path. A remote attacker can exploit this vulnerability by sending crafted requests to the affected server. Successful exploitati...

SilverStripe CMS 3.0.3 Information Disclosure

SilverStripeR Information Exposure Through Query Strings in GET Request CWE-598 - CVE: CVE-2013-2653 - CWE: CWE-598 - Deloitte Argentina Advisory Code: DTTAR-20130002 - Vendor Status: CONFIRMED - Vendor Disclosure Date: May, 8th, 2013. - Public Disclosure Date: August, 1st, 2013. - Vendors...

CVE-2013-3444

The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Softwar...

SuSE 11.3 Security Update : icedtea-web (SAT Patch Number 7981)

This update to IcedTea-Web 1.4 provides the following fixes and enhancements : - Security updates - RH916774: Class-loader incorrectly shared for applets with same relative-path. CVE-2013-1926 - RH884705: fixed gifar vulnerabilit. CVE-2013-1927 - RH840592: Potential read from an uninitialized...

Oracle Linux 4 : kernel (ELSA-2009-1211)

From Red Hat Security Advisory 2009:1211 : Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain...

httpd: multiple XSS flaws due to unescaped hostnames

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...

USN-1894-1: curl vulnerability

Timo Sirainen discovered that libcurl incorrectly handled memory when parsing URL encoded strings. An attacker could possibly use this issue to cause libcurl to crash, leading to a denial of service, or execute arbitrary code...

Mandriva Linux Security Advisory : curl (MDVSA-2013:180)

A vulnerability has been discovered and corrected in curl : libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL encoded strings to raw binary data. URL encoded octets are represented with %HH combinations...

Updated curl packages fix CVE-2013-2174

libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL encoded strings to raw binary data. URL encoded octets are represented with %HH combinations where HH is a two-digit hexadecimal number. The decoded strin...

cURL library -- heap corruption in curl_easy_unescape

cURL developers report: libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL-encoded strings to raw binary data. URL-encoded octets are represented with %HH combinations where HH is a two-digit hexadecimal...

CVE-2013-0534

The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging the persistence of cleartext password strings within process memory...

TP-Link Print Server TL PS110U Information Enumeration

Exploit Title: TP-Link Print Server Sensitive Information Enumeration Exploit Author: SANTHO Vendor Homepage: http://www.tp-link.com Software Link: http://www.tp-link.com/en/products/details/?model=TL-PS110U Version: TL PS110U TP-Link TL PS110U Print Server runs telnet service which enables an...

TP-Link PS110U Print Server TL - Sensitive Information Enumeration

TP-Link PS110U Print Server TL - Sensitive Information Enumeration Exploit Title: TP-Link Print Server Sensitive Information Enumeration Exploit Author: SANTHO Vendor Homepage: http://www.tp-link.com Software Link: http://www.tp-link.com/en/products/details/?model=TL-PS110U Version: TL PS110U...

TP-Link Print Server TL PS110U - Sensitive Information Enumeration

Exploit for hardware platform in category remote exploits TP-Link TL PS110U Print Server runs telnet service which enables an attacker to access the configuration details without authentication. The PoC can extract device name, MAC address, manufacture name, Printer model, and SNMP Community...

PT-2013-3973 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.9.4 Description: The issue allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error...

Updated flightgear package fixes security vulnerability

It was reported that FlightGear suffers from improper handling of format strings when FlightGear is started with allowances for remote access via the --props or --telnet commandline arguments. If a remote attacker were able to connect to FlightGear and set special parameters related with clouds, ...

Fedora 17 : ruby-1.9.3.429-30.fc17 (2013-8411)

A vulnerability was found in DL and Fiddle in Ruby where tainted strings can be used by system calls regardless of the $SAFE level set in Ruby. This vulnerability has been assigned the CVE identifier CVE-2013-2065. This rpm will fix this issue. Note that Tenable Network Security has extracted the...

[SECURITY] Fedora 19 Update: python3-3.3.2-2.fc19

Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especi ally how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been remov...

CVE-2012-4481

The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameErrortos method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005...

CVE-2012-4481

CVE-2012-4481 affects Ruby 1.8.x where the safe-level feature allows context-dependent attackers to modify strings via NameError#to_s, noted as a follow-up to an incomplete fix for CVE-2011-1005. Connected advisories show affected Ruby 1.8.5/1.8.7 variants in MiracleLinux and EulerOS environments...