Reflected Cross-Site Scripting (XSS) in Jamroom

Advisory ID: HTB23224 Product: Jamroom Vendor: Talldude Networks, LLC Vulnerable Versions: 5.2.6 and probably prior Tested Version: 5.2.6 Advisory Publication: July 23, 2014 without technical details Vendor Notification: July 23, 2014 Vendor Patch: July 23, 2014 Public Disclosure: August 13, 2014...

SQL Injection Vulnerability in ArticleFR

Advisory ID: HTB23225 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 3.0.4 and probably prior Tested Version: 3.0.4 Advisory Publication: July 23, 2014 without technical details Vendor Notification: July 23, 2014 Public Disclosure: August 20, 2014 Vulnerability Type: SQL...

Panda Security privilege escalation

Privilege escalation via PavTPK.sys driver...

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities

ESA-2014-073.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities EMC Identifier: ESA-2014-073 CVE Identifier: CVE-2014-2518 Severity Rating: CVSS v2 Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Affected products: • EMC...

[USN-2320-1] Oxide vulnerabilities

========================================================================== Ubuntu Security Notice USN-2320-1 August 20, 2014 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

CVE-2014-4973 - Privilege Escalation in ESET Windows Products

Vulnerability title: Privilege Escalation in ESET Windows Products CVE: CVE-2014-4973 Vendor: ESET Product: ESET Windows Products Affected version: v5.0 - 7.0 Firewall Module Build 1183 20140214 and earlier Fixed version: v6 - v7 Firewall Module Build 1212 20140609 Reported by: Kyriakos Economou...

Deutsche Telekom CERT Advisory [DTC-A-20140820-001] check_mk vulnerabilities

Deutsche Telekom CERT Advisory DTC-A-20140820-001 Summary: Several vulnerabilities were found in checkmk prior versions 1.2.4p4 and 1.2.5i4. The vulnerabilities are: 1 - Reflected Cross-Site Scripting XSS 2 - write access to config files .mk files 3 - arbitrary code execution Recommendations:...

[USN-2315-1] serf vulnerability

========================================================================== Ubuntu Security Notice USN-2315-1 August 14, 2014 serf vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

[SECURITY] [DSA 3001-1] wordpress security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3001-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 09, 2014 http://www.debian.org/security/faq -...

IBM Maximo: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0914 and -0915)

Two classes of persistent XSS issues we reported in IBM Maximo a month or two back are now fixed: http://www.pentestpartners.com/blog/further-ibm-maximo-asset-management-vulnerabilities-reported/ Individual bulletins linked from the above, but tl;dr is I would suggest patching, as this could...

[USN-2316-1] Subversion vulnerabilities

========================================================================== Ubuntu Security Notice USN-2316-1 August 14, 2014 subversion vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

ntopng 1.2.0 XSS injection using monitored network traffic

ntopng 1.2.0 XSS injection using monitored network traffic ntopng is the next generation version of the original ntop, a network traffic probe and monitor that shows the network usage, similar to what the popular top Unix command does. The web-based frontend of the software is vulnerable to...

[SECURITY] [DSA 3009-1] python-imaging security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3009-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 21, 2014 http://www.debian.org/security/faq -...

[ MDVSA-2014:156 ] ocsinventory

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:156 http://www.mandriva.com/en/support/security/ Package : ocsinventory Date : August 7, 2014 Affected: Business Server 1.0 Problem Description: Updated ocsinventory packages fix security vulnerability:...

serf certificate name spoofing vulnerability

Certificate spoofing via NUL byte...

DNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : DNNDotNetNuke® Iconbar Control Panel Bad Access Level config Author : alieye vendor : http://dnnsoftware.com/ Contact : [email protected] Risk : High Class: Remote Google Dork: inurl:ctl/+inurl:/tab inurl:ctl+inurl:tab Model Module...

TomatoCart v1.x (latest-stable) Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3978 - Remote SQL Injection Vulnerability CVE-2014-3830 - Reflected Cross Site Scripting - ------------------------------------------------------------------------------ Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability...

[SECURITY] [DSA 3011-1] mediawiki security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3011-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 23, 2014 http://www.debian.org/security/faq -...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request

Exploit Details ------------------ Senkas Kolibri WebServer 2.0 available at http://www.senkas.com/kolibri/download.php is vulnerable to RCE via an overly long POST request. Sending the exploit will result in a SEH overwrite, which can then be use to redirect execution to a POP POP RET within the...

[security bulletin] HPSBMU03079 rev.1 - HP Service Manager, Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04388127 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04388127 Version: 1 HPSBMU03079 rev....

Zyxel P660RT2 multiple security vulnerabilities

Crossite scripting, CSRF, password bruteforce...

DNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : DNNDotNetNuke® Ribbon Bar Control Panel Bad Access Level config Author : alieye vendor : http://dnnsoftware.com/ Contact : [email protected] Risk : High Class: Remote Google Dork: inurl:ctl/+inurl:/tab inurl:ctl+inurl:tab Model...

oxide-qt multiple security vulnerabilities

Information leakage, code execution...

XSS, FPD and RCE vulnerabilities in DZS Video Gallery for WordPress

Hello 3APA3A! These are Cross-Site Scripting, Full path disclosure and OS Commanding vulnerabilities in plugin DZS Video Gallery for WordPress. Earlier I've disclosed Content Spoofing and Cross-Site Scripting vulnerabilities in this plugin http://securityvulns.ru/docs30871.html...

pyCADF information leakage

Authentication tokens leakage...

[SECURITY] [DSA 3007-1] cacti security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3007-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 20, 2014 http://www.debian.org/security/faq -...

ntopng XSS

XSS in web interface...

[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability

CVE-2014-0232: Apache OFBiz Cross-site scripting XSS vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OFBiz 11.04.01 to 11.04.04 Apache OFBiz 12.04.01 to 11.04.03 The unsupported Apache OFBiz 09.04.x, 10.04.x versions may be also affected...

Apache Subversion multiple security vulnerabilities

DoS, information leakage, certificate validation bypass...

Grand MA 300 Fingerprint Reader insufficient encryption

PIN code is not encrypted during transfer...

OpenStack multiple security vulnerabilities

Ceilometer information leakage, Neutron information leakage and DoS, Glance DoS, Horizon crossite scripting, Keystone restrictions bypass and privilege escalation, Nova timing attacks...

[USN-2311-2] OpenStack Ceilometer vulnerability

========================================================================== Ubuntu Security Notice USN-2311-2 August 21, 2014 ceilometer vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Apache OpenOffice security vulnerabilities

Code execution, information leakage...

DoS attacks (ICMPv6-based) resulting from IPv6 EH drops

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Folks, Ten days ago or so we published this I-D: http://www.ietf.org/internet-drafts/draft-gont-v6ops-ipv6-ehs-in-real-world-00.txt Section 5.2 of the I-D discusses a possible attack vector based on a combination of "forged" ICMPv6 PTB messages and IP...

Ganeti weak permissions

Weak archives permissions...

[USN-2325-1] OpenStack Nova vulnerability

========================================================================== Ubuntu Security Notice USN-2325-1 August 21, 2014 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

[USN-2323-1] OpenStack Horizon vulnerabilities

========================================================================== Ubuntu Security Notice USN-2323-1 August 21, 2014 horizon vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3575 OpenOffice Targeted Data Exposure Using Crafted OLE Objects Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OpenOffice 4.1.0 and older on Windows. OpenOffice.org versions are also affected. Descriptio...

[oCERT-2014-006] Ganeti insecure archive permission

2014-006 Ganeti insecure archive permission Description: Ganeti, an open source virtualisation manager, suffers from an insecure file permission vulnerability that leads to sensitive information disclosure. The Ganeti upgrade command 'gnt-cluster upgrade' creates an archive of the current...

IPv6 DoS

Forget ICMPv6 PTB can break communication between two hosts...

[USN-2321-1] OpenStack Neutron vulnerabilities

========================================================================== Ubuntu Security Notice USN-2321-1 August 21, 2014 neutron vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

[USN-2324-1] OpenStack Keystone vulnerabilities

========================================================================== Ubuntu Security Notice USN-2324-1 August 21, 2014 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

[USN-2322-1] OpenStack Glance vulnerability

========================================================================== Ubuntu Security Notice USN-2322-1 August 21, 2014 glance vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3524 OpenOffice Calc Command Injection Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OpenOffice 4.1.0 and older on Windows. OpenOffice.org versions may also be affected. Description: The...

Apache HttpClient certificate checking bypass

Validation bypass via malcrafted constructions like O="foo,CN=www.apache.org”...

Outlook.com for Android insufficient certificate validation

Server certificate is not checked...

Linux kernel multiple security vulnerabilities

DoS via ptrace syscall, filesystems mount options limitation bypass...

Outlook.com for Android fails to validate server certificates

------------------------------------------------------------------------ Outlook.com for Android fails to validate server certificates ------------------------------------------------------------------------ Yorick Koster, April 2014...

CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory - Apache Software Foundation Apache HttpComponents / hc.apache.org Hostname verification susceptible to MITM attack CVE-2014-3577 / CVSS 1.4 Apache HttpComponents prior to revision 4.3.5/4.0.2 may be susceptible to a 'Man in the Midd...