47153 matches found
Elasticsearch vulnerability CVE-2014-6439
Summary: Elasticsearch versions 1.3.x and prior have a default configuration for CORS that allows an attacker to craft links that could cause a user’s browser to send requests to Elasticsearch instances on their local network. These requests could cause data loss or compromise. We have been...
elasticsearch weak CORS policy
Crossite requests to local network are possible...
[security bulletin] HPSBST02958 rev.1 - HP MPIO Device Specific Module Manager, Local Execution of Arbitrary Code with Privilege Elevation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04048122 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04048122 Version: 1 HPSBST02958 rev....
CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway
Vulnerability Title: DoS in ZyXEL SBG-3300 Security Gateway Date: 02/10/2014 CVE-ID: CVE-2014-7278 Product: ZyXEL SBG3300-N series Vendor: www.zyxel.com Affected Firmware: Latest version at the time of disclosure V1.00AADY.4C0 and below tested Patch: Unpatched Authored by: Mirko Casadei Disclosur...
the other bash RCEs (CVE-2014-6277 and CVE-2014-6278)
Good morning! This is kinda long. == Background == If you are not familiar with the original bash function export vulnerability CVE-2014-6271, you may want to have a look at this article: http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html Well, long story short: the...
HP Systems Insight Manager multiple security vulnerability
Privilege escalation, crossite scripting, clickjacking...
[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04468121 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04468121 Version: 1 HPSBMU03118 rev....
Ultra Electronics / AEP Networks SSL VPN security vulnerabilities
SQL injection, directory traversal...
perl-XML-DT symbolic links vulnerability
mkxmltype and mkdtskel symbolic links vulnerability...
[security bulletin] HPSBHF03124 rev.1 - HP Thin Clients running Bash, Remote Execution of Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04471546 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04471546 Version: 1 HPSBHF03124 rev....
[security bulletin] HPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04468293 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04468293 Version: 2 HPSBHF03119 rev....
[security bulletin] HPSBGN03117 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04467807 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04467807 Version: 1 HPSBGN03117 rev....
[SECURITY] [DSA 3040-1] rsyslog security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3040-1 [email protected] http://www.debian.org/security/ September 30, 2014 http://www.debian.org/security/faq -...
[ MDVSA-2014:191 ] perl-XML-DT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:191 http://www.mandriva.com/en/support/security/ Package : perl-XML-DT Date : September 29, 2014 Affected: Business Server 1.0 Problem Description: Updated perl-XML-DT package fixes security vulnerability: T...
[security bulletin] HPSBMU03112 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04463322 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04463322 Version: 1 HPSBMU03112 rev....
nginx information leakage
Invalid cached session reusage...
SmarterTools Smarter Track 6-10 - Information Disclosure Vulnerability
Document Title: =============== SmarterTools Smarter Track 6-10 - Information Disclosure References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1298 Tracking ID: 088-1B879F0C-0A22 Release Date: ============= 2014-09-22 Vulnerability Laboratory ID VL-ID:...
[oCERT-2014-007] libvncserver multiple issues
2014-007 libvncserver multiple issues Description: Virtual Network Computing VNC is a graphical sharing system based on the Remote Frame Buffer RFB protocol. The LibVNCServer project, an open source library for implementing VNC compliant communication, suffers from a number of bugs that can be...
libvncserver multiple security vulnerabilities
Buffer overflows, memory corruptions, DoS...
GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability
Document Title: =============== GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1325 Release Date: ============= 2014-09-22 Vulnerability Laboratory ID VL-ID: ====================================...
Cisco IOS multiple security vulnerabilities
Multiple DoS conditions...
net-snmp DoS
snmptrapd NULL pointer dereference...
WWW File Share Pro v7.0 - Denial of Service Vulnerability
Document Title: =============== WWW File Share Pro v7.0 - Denial of Service Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1310 Video: http://www.vulnerability-lab.com/getcontent.php?id=1309 http://cwe.mitre.org/data/definitions/121.html...
[ MDVSA-2014:184 ] net-snmp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:184 http://www.mandriva.com/en/support/security/ Package : net-snmp Date : September 24, 2014 Affected: Business Server 1.0 Problem Description: Updated net-snmp packages fix security vulnerabilities: A remo...
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability
Document Title: =============== Briefcase 4.0 iOS - Code Execution & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability Laboratory ID VL-ID:...
Perl stack overflow
Buffer overflow on recursion...
Glype filtering bypass
Access by decimal addresses is possible. Directory traversal...
Glype proxy local address filter bypass
------------------------------------------------------------------------ Glype proxy local address filter bypass ------------------------------------------------------------------------ Securify, September 2014 ------------------------------------------------------------------------ Abstract...
[ MDVSA-2014:188 ] wireshark
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:188 http://www.mandriva.com/en/support/security/ Package : wireshark Date : September 25, 2014 Affected: Business Server 1.0 Problem Description: Updated wireshark packages fix security vulnerabilities: RTP...
USB&WiFi Flash Drive v1.3 iOS - Code Execution Vulnerability
Document Title: =============== USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1316 Release Date: ============= 2014-09-15 Vulnerability Laboratory ID VL-ID: ===================================...
Photorange v1.0 iOS - File Include Web Vulnerability
Document Title: =============== Photorange v1.0 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1318 Release Date: ============= 2014-09-07 Vulnerability Laboratory ID VL-ID: ==================================== 1318...
wireshark multiple security vulnerabilities
Multiple memory corruptions and DoS conditions on dufferent formats...
Glype proxy privacy settings can be disabled via CSRF
------------------------------------------------------------------------ Glype proxy privacy settings can be disabled via CSRF ------------------------------------------------------------------------ Securify, September 2014 ------------------------------------------------------------------------...
ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability
Document Title: =============== ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1317 Release Date: ============= 2014-09-10 Vulnerability Laboratory ID VL-ID: ==================================== 13...
[USN-2351-1] nginx vulnerability
========================================================================== Ubuntu Security Notice USN-2351-1 September 22, 2014 nginx vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
LSE Leading Security Experts GmbH - LSE-2014-06-10 - Perl CORE - Deep Recursion Stack Overflow
=== LSE Leading Security Experts GmbH - Security Advisory LSE-2014-06-10 === Perl CORE - Deep Recursion Stack Overflow ----------------------------------------- Affected Versions ================= Perl v5.20.1 and below Issue Overview ============== Vulnerability Type: Stack Overflow Technical...
Mozilla NSS library RSA siagnature forgery
Signature validation bypass due to invalid length check in ASN.1 record...
Glype proxy cookie jar path traversal allows code execution
------------------------------------------------------------------------ Glype proxy cookie jar path traversal allows code execution ------------------------------------------------------------------------ Securify, September 2014...
[ MDVSA-2014:185 ] libgadu
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:185 http://www.mandriva.com/en/support/security/ Package : libgadu Date : September 24, 2014 Affected: Business Server 1.0 Problem Description: Updated libgadu packages fix security vulnerability: Libgadu...
libgadu certificate check bypass
Server certificate is not checked...
Apple iOS v7.1.2 - Merge Apps Service Local Bypass Vulnerability
Document Title: =============== Apple iOS v7.1.2 - Merge Apps Service Local Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1280 Video: http://www.vulnerability-lab.com/getcontent.php?id=1281 Vulnerability Magazine:...
Linux kernel multiple security vulnerabilities
SCTP DoS, ALSA multiple DoS and information leakage, autofs DoS...
[USN-2359-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-2359-1 September 23, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[USN-2353-1] APT vulnerability
========================================================================== Ubuntu Security Notice USN-2353-1 September 23, 2014 apt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[oss-security] Re: CVE-2014-6271: remote code execution through bash
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITRE is currently using CVE-2014-7169 to track the report of the incomplete patch, i.e., incorrect function parsing that's present in builds that are up-to-date with the http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-025 changes. We realize that...
apt multiple security vulnerabilities
Protection bypass, restrictions bypass...
Re: [oss-security] CVE-2014-6271: remote code execution through bash
On Wed, Sep 24, 2014 at 12:08:46PM -0400, Chet Ramey wrote: On 9/24/14, 11:16 AM, Solar Designer wrote: I see no good workaround. You're correct; there is not a good workaround. Since there are publicly available patches for all bash versions back 15 years or so, though, the best path forward is ...
Re: [oss-security] CVE-2014-6271: remote code execution through bash
Tavis Ormandy just tweetet this: https://twitter.com/taviso/status/514887394294652929 The bash patch seems incomplete to me, function parsing is still brittle. e.g. $ env X=' a=' sh -c "echo date"; cat echo -- Hanno Bock http://hboeck.de/ mail/jabber: [email protected] GPG: BBB51E42...
[USN-2362-1] Bash vulnerability
========================================================================== Ubuntu Security Notice USN-2362-1 September 24, 2014 bash vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Re: [oss-security] CVE-2014-6271: remote code execution through bash
On Wed, Sep 24, 2014 at 04:05:51PM +0200, Florian Weimer wrote: Stephane Chazelas discovered a vulnerability in bash, related to how environment variables are processed: trailing code in function definitions was executed, independent of the variable name. In many common configurations, this...