CVE-2015-2831

Buffer overflow in daswatchdog 0.9.0 allows local users to execute arbitrary code with root privileges via a large string in the XAUTHORITY environment variable...

CVE-2015-2831

Buffer overflow in daswatchdog 0.9.0 allows local users to execute arbitrary code with root privileges via a large string in the XAUTHORITY environment variable...

Mandriva Linux Security Advisory : ntp (MDVSA-2015:202)

Multiple vulnerabilities has been found and corrected in ntp : The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by...

DSA-3221-1 das-watchdog - security update

Bulletin has no description...

sudo: Information disclosure

Background sudo allows a system administrator to give users the ability to run commands as other users. Access to commands may also be granted on a range to hosts. Description sudo does not handle the TZ environment variable properly. Impact A local attacker may be able to read arbitrary files or...

openSUSE Security Update : MozillaFirefox / MozillaThunderbird / mozilla-nspr (openSUSE-2015-290)

Mozilla Firefox and Thunderbird were updated to fix several important vulnerabilities. Mozilla Firefox was updated to 37.0.1. Mozilla Thunderbird was updated to 31.6.0. mozilla-nspr was updated to 4.10.8 as a dependency. The following vulnerabilities were fixed in Mozilla Firefox : - Miscellaneou...

CVE-2015-1799

The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...

CVE-2015-1799

The CVE-2015-1799 issue affects ntpd's handling of symmetric-key authenticated peering. The vulnerability arises because ntpd may update internal state variables (state-variable updates) when processing certain invalid packets, which could allow a remote attacker—likely on the same or neighboring...

Qi Bo CMS variable overwrite vulnerability exp-vulnerability warning-the black bar safety net

Vulnerability of specific analysis in the http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.AooULy&id=1 3, The following published what I wrote of the exploits and exp. Use the following steps: （1）The first visit/member below the“comment management”function, the capture （2）in the http request...

Mandriva Linux Security Advisory : sudo (MDVSA-2015:126)

Updated sudo packages fix security vulnerability : Prior to sudo 1.8.12, the TZ environment variable was passed through unchecked. Most libc tzset implementations support passing an absolute pathname in the time zone to point to an arbitrary, user-controlled file. This may be used to exploit bugs...

QNAP admin shell via Bash Environment Variable Code Injection Exploit

Exploit for hardware platform in category remote exploits Exploit Title: QNAP admin shell via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | email protected work / email protected other Employer homepage: http://www.securegroup.it Vendor...

QNAP Web Server Remote Code Execution

Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | [email protected] work / [email protected] other Employer homepage:...

QNAP Web Server Remote Code Execution via Bash Environment Variable Code Injection Exploit

This Metasploit module allows you to inject unix command with the same user who runs the http service - admin - directly on the QNAP system. Affected products: All Turbo NAS models except TS-100, TS-101, TS-200 Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Cod...

QNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit)

QNAP - Admin Shell via Bash Environment Variable Code Injection Metasploit Exploit Title: QNAP admin shell via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | [email protected] work /...

Debian DLA-63-1 : bash security update

Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into another environment CVE-2014-7169. With this update prefix and suffix for environment variable...

QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection (Metasploit)

QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection Metasploit Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino |...

QNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit)

Exploit Title: QNAP admin shell via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | [email protected] work / [email protected] other Employer homepage: http://www.securegroup.it Vendor...

QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection (Metasploit)

Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | [email protected] work / [email protected] other Employer homepage:...

Debian DLA-160-1 : sudo security update

This update fixes the CVEs described below. CVE-2014-0106 Todd C. Miller reported that if the envreset option is disabled in the sudoers file, the envdelete option is not correctly applied to environment variables specified on the command line. A malicious user with sudo permissions may be able t...

Qi Bo CMS variable coverage leads to sql injection vulnerability analysis report-vulnerability warning-the black bar safety net

Blog post author: Alibaba security research lab—supporting su Release date: 2015-3-10 Blog post content: The recent Alibaba security research laboratory vulnerability monitoring system to monitor attendance Bo cms exist high-risk vulnerabilities that can lead to SQL vulnerability and thus affect...