openSUSE Security Update : MozillaFirefox / MozillaThunderbird / mozilla-nspr (openSUSE-2015-290)

Mozilla Firefox and Thunderbird were updated to fix several important vulnerabilities. Mozilla Firefox was updated to 37.0.1. Mozilla Thunderbird was updated to 31.6.0. mozilla-nspr was updated to 4.10.8 as a dependency. The following vulnerabilities were fixed in Mozilla Firefox : - Miscellaneou...

CVE-2015-1799

The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...

CVE-2015-1799

The CVE-2015-1799 issue affects ntpd's handling of symmetric-key authenticated peering. The vulnerability arises because ntpd may update internal state variables (state-variable updates) when processing certain invalid packets, which could allow a remote attacker—likely on the same or neighboring...

Qi Bo CMS variable overwrite vulnerability exp-vulnerability warning-the black bar safety net

Vulnerability of specific analysis in the http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.AooULy&id=1 3, The following published what I wrote of the exploits and exp. Use the following steps: （1）The first visit/member below the“comment management”function, the capture （2）in the http request...

Mandriva Linux Security Advisory : sudo (MDVSA-2015:126)

Updated sudo packages fix security vulnerability : Prior to sudo 1.8.12, the TZ environment variable was passed through unchecked. Most libc tzset implementations support passing an absolute pathname in the time zone to point to an arbitrary, user-controlled file. This may be used to exploit bugs...

QNAP admin shell via Bash Environment Variable Code Injection Exploit

Exploit for hardware platform in category remote exploits Exploit Title: QNAP admin shell via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | email protected work / email protected other Employer homepage: http://www.securegroup.it Vendor...

QNAP Web Server Remote Code Execution

Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | [email protected] work / [email protected] other Employer homepage:...

QNAP Web Server Remote Code Execution via Bash Environment Variable Code Injection Exploit

This Metasploit module allows you to inject unix command with the same user who runs the http service - admin - directly on the QNAP system. Affected products: All Turbo NAS models except TS-100, TS-101, TS-200 Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Cod...

QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection (Metasploit)

QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection Metasploit Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino |...

QNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit)

QNAP - Admin Shell via Bash Environment Variable Code Injection Metasploit Exploit Title: QNAP admin shell via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | [email protected] work /...

Debian DLA-63-1 : bash security update

Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into another environment CVE-2014-7169. With this update prefix and suffix for environment variable...

QNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit)

Exploit Title: QNAP admin shell via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | [email protected] work / [email protected] other Employer homepage: http://www.securegroup.it Vendor...

QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection (Metasploit)

Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | [email protected] work / [email protected] other Employer homepage:...

Debian DLA-160-1 : sudo security update

This update fixes the CVEs described below. CVE-2014-0106 Todd C. Miller reported that if the envreset option is disabled in the sudoers file, the envdelete option is not correctly applied to environment variables specified on the command line. A malicious user with sudo permissions may be able t...

Qi Bo CMS variable coverage leads to sql injection vulnerability analysis report-vulnerability warning-the black bar safety net

Blog post author: Alibaba security research lab—supporting su Release date: 2015-3-10 Blog post content: The recent Alibaba security research laboratory vulnerability monitoring system to monitor attendance Bo cms exist high-risk vulnerabilities that can lead to SQL vulnerability and thus affect...

CVE-2015-2152

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by 1 setting the DISPLAY environment variable, when compiled with SDL support,...

CVE-2015-2152

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by 1 setting the DISPLAY environment variable, when compiled with SDL support,...

Default credentials

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by 1 setting the DISPLAY environment variable, when compiled with SDL support,...

CVE-2014-8169

automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home...

Ubuntu 14.04 LTS : Sudo vulnerability (USN-2533-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2533-1 advisory. Jakub Wilk and Stephane Chazelas discovered that Sudo incorrectly handled the TZ environment variable. An attacker with Sudo access could possibly use this issue ...