Cross-Site Scripting (XSS) in Offiria

Advisory ID: HTB23210 Product: Offiria Vendor: Slashes Dots Sdn Bhd. Vulnerable Versions: 2.1.0 and probably prior Tested Version: 2.1.0 Advisory Publication: April 2, 2014 without technical details Vendor Notification: April 2, 2014 Public Disclosure: May 7, 2014 Vulnerability Type: Cross-Site...

Сross-Site Request Forgery (CSRF) in TAO

Advisory ID: HTB23211 Product: TAO Vendor: Open Assessment Technologies S.A. Vulnerable Versions: 2.5.6 and probably prior Tested Version: 2.5.6 Advisory Publication: April 16, 2014 without technical details Vendor Notification: April 16, 2014 Public Disclosure: May 7, 2014 Vulnerability Type:...

[oss-security] CVE request: Denial of Service attacks against Dovecot v1.1+

Hello, Can I get CVE identifier for DoS attacks against Dovecot v1.1+, thank you. http://permalink.gmane.org/gmane.mail.imap.dovecot/77499 """ There's an upper limit to how many IMAP/POP3 connections can exist that haven't logged in and separate limits for post-login. Normally when this limit is...

SEC Consult SA-20140508-0 :: Multiple critical vulnerabilities in AVG Remote Administration

SEC Consult Vulnerability Lab Security Advisory 20140508-0 ======================================================================= title: Multiple critical vulnerabilities product: AVG Remote Administration vulnerable version: all - except issue 2 fixed version: none - except issue 2 impact:...

SSH key cloning problem in OnApp templates

OnApp sells a "complete IaaS platform" for hosting providers to offer virtual servers. Their platform ships with templates disk images for many different operating systems, which it automatically customizes passwords, network settings, etc. when a new virtual server is deployed. During each...

Apache mod_security protection bypass

Protection bypass via chunked encoding...

OnApp SSH keys cloning

ECDSA host keys are not regenerated after system image cloning...

[security bulletin] HPSBMU03035 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross-Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04273695 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04273695 Version: 1 HPSBMU03035 rev....

[oss-security] Unsafe Query Risk in Active Record

This advisory concerns a security risk in all supported versions of Active Record. There is no patch to apply for this issue. Due to the query API that Active Record supports, there is a risk of unsafe query generation in two scenarios. Databases with a table that contains a column with the same...

[security bulletin] HPSBST03038 rev.1 - HP H-series Fibre Channel Switches, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04277407 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04277407 Version: 1 HPSBST03038 rev....

[oss-security] CVE Request - Predictable temporary filenames in GNU Emacs

I reported these bugs on the Debian tracker on Monday: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747100 In brief some of the bundled Emacs Lisp uses predictable /tmpfile names insecurely: lisp/gnus/gnus-fun.el: In the function gnus-grab-cam-face the file "/tmp/gnus.face.ppm" is used,...

[oss-security] CVE Request - Local File inclusion in Cobbler

hi, as reported in https://github.com/cobbler/cobbler/issues/939 A local file inclusion is possible by specifying full path to any desired file in the Kickstart value in Cobbler's WebUI in all versions. Cobbler ease setup of network installation environments. After informing cobbler team, a patch...

[USN-2210-1] cups-filters vulnerability

========================================================================== Ubuntu Security Notice USN-2210-1 May 08, 2014 cups-filters vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

cups-filters code execution

cups-browsed shell characters vulnerabiilty...

[ MDVSA-2014:083 ] mediawiki

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:083 http://www.mandriva.com/en/support/security/ Package : mediawiki Date : May 8, 2014 Affected: Business Server 1.0 Problem Description: Updated mediawiki packages fix security vulnerabilities: Login CSRF...

[security bulletin] HPSBHF02946 rev.1 - HP Servers with NVIDIA GPU Computing Driver, Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04036775 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04036775 Version: 1 HPSBHF02946 rev....

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

[RT-SA-2014-003] Metadata Information Disclosure in OrbiTeam BSCW

Advisory: Metadata Information Disclosure in OrbiTeam BSCW RedTeam Pentesting discovered an information disclosure vulnerability in OrbiTeam's BSCW collaboration software. An unauthenticated attacker can disclose metadata about internal objects which are stored in BSCW. Details ======= Product:...

[oss-security] Linux kernel floppy ioctl kernel code execution

Hi, As this was posted to linux-distros, and was supposed to be made public earlier this week, but so far wasn't published on oss-sec ... Reported by Matthew Daley to [email protected]. There apparently exists a proof of concept root exploit, that allows local users with access to a floppy devi...

[security bulletin] HPSBMU03037 rev.1 - HP Multimedia Service Environment (MSE), (HP Network Interactive Voice Response (NIVR)), Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04275280 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04275280 Version: 1 HPSBMU03037 rev....

CVE-2014-2845 - Cyberduck (Windows): Failure validating some certificates (using FTP-SSL) with untrusted root certificate authority

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-004 Product: Cyberduck Affected Versions: 4.4.3 14140 Windows only Not Affected Versionss: 4.4.3 14140 and 4.2.1 9350 both OS X 10.9.2 Tested Versions: 4.4.3 Windows 7 32 bit and Windows 8.1 64 bit Vulnerability Type: X.509...

Apache Struts multiple security vulnerabilities

Few ClassLoader manipulation vulnerabilities with potential RCE impact...

CVE-2014-2882 - Lack of SSL Certificate Validation in Citrix Netscaler

Vulnerability title: Lack of SSL Certificate Validation in Citrix Netscaler CVE: CVE-2014-2882 Vendor: Citrix Product: Netscaler Affected version: All prior to 10.1-122.17/9.3-66.5 Fixed version: 10.1-122.17/9.3-66.5 Reported by: Graham Sutherland Details: The remote configuration Java applet...

[USN-2209-1] libvirt vulnerabilities

========================================================================== Ubuntu Security Notice USN-2209-1 May 07, 2014 libvirt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

libvirt security vulnerabilities

DoS, smbolic links vulnerability...

[USN-2208-1] OpenStack Cinder vulnerability

========================================================================== Ubuntu Security Notice USN-2208-1 May 06, 2014 cinder vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

[USN-2208-2] OpenStack Quantum vulnerability

========================================================================== Ubuntu Security Notice USN-2208-2 May 06, 2014 quantum vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

libxml2 DoS

CPU exhaustion on XML parsing...

CVE-2014-0930 - Kernel Memory Leak And Denial Of Service Condition in IBM AIX

Vulnerability title: Kernel Memory Leak And Denial Of Service Condition in IBM AIX CVE: CVE-2014-0930 Vendor: IBM Product: AIX Affected version: 5.3, 6.1 and 7.1 releases VIOS 2.2. Fixed version: Interim version Reported by: Tim Brown Details: It has been identified that the ptrace system call ca...

[USN-2194-1] OpenStack Neutron vulnerability

========================================================================== Ubuntu Security Notice USN-2194-1 May 05, 2014 neutron vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

Citrix Netscaler security vulnerabilities

Weak Diffie-Hellman protocol implementation, lack of SSL cerificate check...

[USN-2206-1] OpenStack Horizon vulnerability

========================================================================== Ubuntu Security Notice USN-2206-1 May 06, 2014 horizon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

[USN-2207-1] OpenStack Swift vulnerability

========================================================================== Ubuntu Security Notice USN-2207-1 May 06, 2014 swift vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

[ANN] Struts 2.3.16.3 GA release available - security fix

The Apache Struts group is pleased to announce that Struts 2.3.16.3 is available as a "General Availability" release.The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed ...

IBM AIX security vulnerabilities

ptrace information leak and DoS...

CVE-2014-2881 - Poor Quality Implementation of Diffie-Hellman Key Exchange in Citrix Netscaler

Vulnerability title: Poor Quality Implementation of Diffie-Hellman Key Exchange in Citrix Netscaler CVE: CVE-2014-2881 Vendor: Citrix Product: Netscaler Affected version: All prior to 10.1-122.17/9.3-66.5 Fixed version: 10.1-122.17/9.3-66.5 Reported by: Graham Sutherland Details: The remote...

Cyberduck protection bypass

Invali FTP-SSL root ceritificates check...

[oss-security] CVE-2014-0191 libxml2: external parameter entity loaded when entity substitution is disabled

Hi, It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially-crafted XML file...

[SECURITY] [DSA 2922-1] strongswan security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2922-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez May 05, 2014 http://www.debian.org/security/faq -...

Openswan / Strongswan security vulnerabilities

Buffer overflow, DoS, protection bypass...

[USN-2196-1] Linux kernel vulnerability

========================================================================== Ubuntu Security Notice USN-2196-1 May 06, 2014 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

[USN-2193-1] OpenStack Glance vulnerability

========================================================================== Ubuntu Security Notice USN-2193-1 May 05, 2014 glance vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

OpenStack multiple security vulnerabilities

Glance code execution, Neutron and Swift unauthorized access, Horizon crossite scripting, Quantum / Cinder / Oslo information leakage...

[CVE-2014-2035] XSS in InterWorx Web Control Panel <= 5.0.12

============================================== Product: InterWorx Web Control Panel Vendor: InterWorx LLC Tested Version: 5.0.12 build 569 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2014-2035 Risk Level: Medium CVSSv2 Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N Solution...

[ MDVSA-2014:054 ] otrs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:054 http://www.mandriva.com/en/support/security/ Package : otrs Date : March 13, 2014 Affected: Business Server 1.0 Problem Description: Updated otrs package fixes security vulnerability: An attacker could...

[SECURITY] [DSA 2860-1] parcimonie security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2860-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 11, 2014 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2882-1] extplorer security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2882-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano March 20, 2014 http://www.debian.org/security/faq -...

Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti

Deutsche Telekom CERT Advisory DTC-A-20140324-001 Summary: Three vulnerabilities were found in cacti version 0.8.7g. The vulnerabilities are: 1 Stored Cross-Site Scripting XSS via URL 2 Missing CSRF Cross-Site Request Forgery token allows execution of arbitrary commands 3 The use of exec-like...

[ MDVSA-2014:062 ] webmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:062 http://www.mandriva.com/en/support/security/ Package : webmin Date : March 17, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was discovered and...

CVE-2014-0372 - SQL Injection in Oracle Demantra

Vulnerability title: SQL Injection in Oracle Demantra CVE: CVE-2014-0372 Vendor: Oracle Product: Demantra Affected version: 12.2.1 Fixed version: 12.2.3 Reported by: Oliver Gruskovnjak Details: The Oracle Demantra application is vulnerable to SQL injection. An attacker with access to the vulnerab...