[security bulletin] HPSBMU02775 SSRT100853 rev.1 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03312417 Version: 1 HPSBMU02775 SSRT100853 rev.1 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting XSS, Privilege...

Advisory: Android SQLite Journal Information Disclosure (CVE-2011-3901)

1 Background ============ Android applications are executed in a sandbox environment, to ensure that no application can access sensitive information held by another, without adequate privileges. For example, The Browser application holds sensitive information such as cookies, cache and history, a...

[CVE-2012-1002] OpenConf <= 4.11 (author/edit.php) Blind SQL Injection Vulnerability

-------------------------------------------------------------------- OpenConf = 4.11 author/edit.php Blind SQL Injection Vulnerability -------------------------------------------------------------------- author...............: Egidio Romano aka EgiX mail.................: n0b0d13satgmaildotcom...

Apple Mac OS X filevault information leakage

Encrypted file system password is written in cleartext to log file...

rssh security announcement

rssh is a shell for restricting SSH access to a machine to only scp, sftp, or a small set of similar applications. http://www.pizzashack.org/rssh/ Henrik Erkkonen has discovered that, through clever manipulation of environment variables on the ssh command line, it is possible to circumvent rssh. ...

rssh restrictions bypass

It's possible to bypass restrictions by manipulating with environment variables...

VMware Backdoor Response Uninitialized Memory Potential VM Break

VMware Backdoor Response Uninitialized Memory Potential VM Break Derek Soeder [email protected] Reported: December 5, 2011 Published: May 3, 2012 AFFECTED VENDOR --------------- VMware, Inc. AFFECTED ENVIRONMENTS --------------------- The following VMware product versions are known to be...

HPSBMU02771 SSRT100558 rev.1 - HP SNMP Agents for Linux, Remote Cross Site Scripting (XSS), URL Redirection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03301854 Version: 1 HPSBMU02771 SSRT100558 rev.1 - HP SNMP Agents for Linux, Remote Cross Site Scripting XSS, URL Redirection NOTICE: The information in this Security Bulletin should be acted upo...

Android information leakage

All local applications have unrestricted /proce access and access to SQLite journal files...

IAA, Redirector and XSS vulnerabilities in WordPress

Hello 3APA3A! I want to warn you about security vulnerabilities in WordPress. These are Insufficient Anti-automation, Redirector and Cross-Site Scripting vulnerabilities. ------------------------- Affected products: ------------------------- Vulnerable are WordPress 2.0 - 3.3.1. ---------- Detail...

[security bulletin] HPSBMU02772 SSRT100603 rev.1 - HP System Health Application and Command Line Utilities for Linux, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03301871 Version: 1 HPSBMU02772 SSRT100603 rev.1 - HP System Health Application and Command Line Utilities for Linux, Remote Execution of Arbitrary Code NOTICE: The information in this Security...

HP Insight Management Agents multiple security vulnerabilities

Cross Site Request Forgery CSRF, Cross Site Scripting XSS, URL Redirection, Unauthorized Modification, Denial of Service DoS...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

HP SNMP Agents for Linux security vulnerabilities

Crossite scripting, URL redirection...

HP Performance Insight for Networks multiple security vulnerabilities

Crossite scripting, SQL injection, privilege escalation...

Multiple vulnerabilities in OrangeHRM

Advisory ID: HTB23080 Product: OrangeHRM Vendor: OrangeHRM Inc. Vulnerable Versions: 2.7 RC and probably prior Tested Version: 2.7 RC Vendor Notification: 7 March 2012 Vendor Patch: 24 April 2012 Public Disclosure: 9 May 2012 Vulnerability Type: SQL Injection, Cross-Site Scripting XSS CVE...

LAN Messenger v1.2.28 - Denial of Service Vulnerability

Title: ====== LAN Messenger v1.2.28 - Denial of Service Vulnerability Date: ===== 2012-05-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=537 VL-ID: ===== 537 Introduction: ============= LAN Messenger is a free and open source cross-platform instant messaging...

Cross-Site Scripting (XSS) in Pivotx

Advisory ID: HTB23087 Product: Pivotx Vendor: pivotx.net Vulnerable Versions: 2.3.2 and probably prior Tested Version: 2.3.2 Vendor Notification: 18 April 2012 Vendor Patch: 18 April 2012 Public Disclosure: 9 May 2012 Vulnerability Type: Cross-Site Scripting XSS CVE Reference: CVE-2012-2274...

Firefox security bug (proxy-bypass) in current Tor BBs

https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs "A user has discovered a severe security bug in Firefox related to websockets bypassing the SOCKS proxy DNS configuration. This means when connecting to a websocket service, your Firefox will query your local DNS...

SQL Injection and other issues in Micro Technology Services, Inc. Lynx

Summary The Micro Technology Services Inc. "Lynx Message Server 7.11.10.2" and/or "LynxTCPService version 1.1.62" web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a "Facility wide Duress and Emergency Notification" system...

Lan Messenger DoS

Crash on network packet parsing...

[waraxe-2012-SA#087] - Reflected XSS in Joomla 1.5.26 "ja_purity" template

waraxe-2012-SA087 - Reflected XSS in Joomla 1.5.26 "japurity" template =============================================================================== Author: Janek Vind "waraxe" Date: 03. May 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-87.html CVE:...

FireFox information leakage

DNS names for websockets requests are resolved via system DNS server instead of configured SOCKS...

VMWare privilege escalation

Uninitialized memory reference on guest system call processing...

Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability

Advisory: Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability Advisory ID: KORAMIS-ADV2012-001 Contact: [email protected] Author: Stefan Schurtz Affected Software: Successfully tested on Serendipity 1.6 Vendor URL: http://www.s9y.org Vendor Status: fixed...

Apple Legacy filevault barn door...

As someone said here recently, carefully built crypto has a unfortunate tendency to consist of three thick impregnable walls and a picket fence in the back with the gate left open. That seems to have happened to Apple's older "legacy" Filevault in the current release of MacOX Lion 10.7.3...

[waraxe-2012-SA#088] - Reflected XSS in Joomla 2.5.4 admin sysinfo page

waraxe-2012-SA088 - Reflected XSS in Joomla 2.5.4 admin sysinfo page =============================================================================== Author: Janek Vind "waraxe" Date: 03. May 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-88.html CVE:...

HP System Health Application сode execution

No description provided...

VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address critical security issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0009 Synopsis: VMware Workstation, Player, ESXi and ESX patches address critical security issues Issue date: 2012-05-03 Updated on:...

Samba privilege escalation

Unprivileged user can execute privileged RPC calls to modify accounts database...

[ MDVSA-2012:067 ] samba

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:067 http://www.mandriva.com/security/ Package : samba Date : May 1, 2012 Affected: 2010.1, 2011. Problem Description: A vulnerability has been found and corrected in samba: Security checks were incorrectly...

Adobe Flash Player memory corruption

Memory corruption due to invalid objects handling...

Adobe Shockwave Player Remote Code Execution (CVE-2012-2030)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Qualys Vulnerability & Malware Research Labs VMRL http://www.dissect.pe Memory corruption when Adobe Shockwave Player parses .dir media file CVE-2012-2030 INTRODUCTION Adobe Shockwave Player is the Adobe plugin to many different browsers to view...

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions in main code and different libraries, crossite scripting, information leakage...

Adobe Flash Professional buffer overflow

Buffer overflow on files processing...

Adobe Shockwave Player multiple security vulnerabilities

Multiple memory corruptions...

Adobe Illustrator multiple security vulnerabilities

Multiple memory corruptions on file processing...

Apple iOS multiple security vulnerabilities

URL spoofing, crossite scripting, memory corruptions...

[CAL-2011-0073]CVE-2012-2028 Adobe Photoshop parsing TIF heap buffer overflow vulnerability

hi dear, today, adobe publiced a bulletins about adboe photoshop. http://www.adobe.com/support/security/bulletins/apsb12-11.html nine8 of code audit labs of vulnhunt.com with "vulnhunt Fuzzing" discovered a vulnerability named CVE: CVE-2012-2028. more details see...

Adobe Shockwave Player Remote Code Execution (CVE-2012-2029)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Qualys Vulnerability & Malware Research Labs VMRL http://www.dissect.pe Memory corruption when Adobe Shockwave Player parses .dir media file CVE-2012-2029 INTRODUCTION Adobe Shockwave Player is the Adobe plugin to many different browsers to view...

Adobe Shockwave Player Remote Code Execution (CVE-2012-2031)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Qualys Vulnerability & Malware Research Labs VMRL http://www.dissect.pe Memory corruption when Adobe Shockwave Player parses .dir media file CVE-2012-2031 INTRODUCTION Adobe Shockwave Player is the Adobe plugin to many different browsers to view...

[CAL-2011-0073]CVE-2012-2028 Adobe Photoshop parsing TIF heap buffer overflow vulnerability

hi dear, today, adobe publiced a bulletins about adboe photoshop. http://www.adobe.com/support/security/bulletins/apsb12-11.html nine8 of code audit labs of vulnhunt.com with "vulnhunt Fuzzing" discovered a vulnerability named CVE: CVE-2012-2028. more details see...

APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update iOS 5.1.1 Software Update is now available and addresses the following: Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch 3rd generation and later, iPad, iPad 2 Impact: A maliciously...

CORE-2011-1123: Windows Kernel ReadLayoutFile Heap Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Windows Kernel ReadLayoutFile Heap Overflow 1. Advisory Information Title: Windows Kernel ReadLayoutFile Heap Overflow Advisory ID: CORE-2011-1123 Advisory URL:...

[SECURITY] [DSA 2462-1] imagemagick security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2462-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 29, 2012 http://www.debian.org/security/faq -...

McAfee Virtual Technician ActiveX code execution

GetObject unsafe function...

Oracle TNS Poison vulnerability is actually a 0day with no patch available

Hi all, Short history: The remote pre-authenticated vulnerability with CVSS2 10 I published some days ago 1, the vulnerability I called Oracle TNS Poison reported to vendor in 2008, is a 0day affecting all database versions from 8i to 11g R2. There is no patch at all for this vulnerability and...

DoS vulnerabilities in Firefox, Internet Explorer and Opera

Hello 3APA3A! I want to warn you about Denial of Service vulnerability in Mozilla Firefox, Internet Explorer and Opera. Earlier there was published DoS vulnerability in browser Opera 10.10 found by Inj3ct0r http://securityvulns.com/news/Opera/1002.html. And some time ago I've checked this exploit...

NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM

======= Summary ======= Name: Symantec pcAnywhere Remote Code Execution Preauth Release Date: 30 April 2012 Reference: NGS00118 Discoverer: Edward Torkington [email protected] Vendor: Symantec Vendor Reference: Systems Affected: Symantec pcAnywhere 12.5.x IT Management Suite 7.0...

Car Portal CMS v3.0 - Multiple Web Vulnerabilities

Title: ====== Car Portal CMS v3.0 - Multiple Web Vulnerabilities Date: ===== 2012-04-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=502 VL-ID: ===== 502 Introduction: ============= Car Portal is a php software product for running auto classifieds websites. It provid...