[SWRX-2014-001] Open Web Analytics Pre-Auth SQL Injection

Dell SecureWorks Security Advisory SWRX-2014-001 Open Web Analytics Pre-Auth SQL Injection Advisory Information Title: Open Web Analytics Pre-Auth SQL Injection Advisory ID: SWRX-2014-001 Advisory URL: http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2014-001/ Date published:...

[ MDVSA-2014:054 ] otrs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:054 http://www.mandriva.com/en/support/security/ Package : otrs Date : March 13, 2014 Affected: Business Server 1.0 Problem Description: Updated otrs package fixes security vulnerability: An attacker could...

Multiple Vulnerabilities in SeedDMS < = 4.3.3

Product description: ============ SeedDMS is the continuation of LetoDMS because it has lost its main developer. SeedDMS is an easy to use but powerful Open Source Document Management System. http://www.seeddms.org/index.php?id=2 ============ SeedDMS Unprivileged User Remote Code Execution...

E-Store (1.0 & 2.0) <= SQL Injection Vulnerability

Exploit Author: Nawaf Alkeraithe ====================================== for "E-store 1.0": Google Dork: "Powered by: PD" inurl:"page.php?id" Vulnerable page: http://target/page.php?id=SQL Injection ====================================== for "E-store 2.0": Google Dork: "Powered by: PD"...

Critical security flaws in Nagios NRPE client/server crypto

in CC to: grok full disclosure, bugtraq TL;DR - DO NOT USE NRPE'S SSL IMPLEMENTATION! -- Dear Nagios developers, It's been a couple of years since I've had a look at NRPE, the remote monitoring agent distributed with Nagios. Back then we've exclusively used NRPE on unrouted dedicated monitoring...

[SECURITY] [DSA 2882-1] extplorer security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2882-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano March 20, 2014 http://www.debian.org/security/faq -...

Pearson eSIS Enterprise Student Information System SQL Injection

Advisory ID: hag201478 Product: Pearson eSIS Enterprise Student Information System Vendor: PearsonVue Vulnerable Versions: Any version Advisory Publication: April 06, 2014 Vendor Notification: March 05, 2014 Public Disclosure: April 06, 2014 Vulnerability Type: Improper Neutralization of Special...

[CVE-2013-6231] Remote Privilege Escalation in SpagoBI v4.0

Advisory Information Title: Remote Privilege Escalation in SpagoBI Date published: 2013-02-28 Date of last update: 2013-02-28 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Information CVE reference: CVE-2013-6231 CVSS v2 Base Score: 9...

Wordpress all_in_one_carousel Plugin /XSS/CSRF/ Vuln

Exploit : centerbWordpress allinonecarousel Plugin Xss & Csrf Vulnerability /centerbrbr html head titleWordpress allinonecarousel Plugin Xss & Csrf Vulnerability IeDb TeaM/title /headbody form action="http://YourTarget.Com" id="formid" method="post" input name="name"...

ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks

ESA-2012-032.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST Browser Exploit Against SSL/TLS attacks EMC Identifier: ESA-2012-032 CVE Identifier: CVE-2011-3389 Severity Rating: CVSS v2 Base Score: 4.3...

[CVE-2014-2531] SQL injection in InterWorx Web Control Panel <= 5.0.13

================================================= Title: SQL injection in InterWorx Control Panel Product: InterWorx Web Control Panel Vendor: InterWorx LLC Tested Version: 5.0.13 build 574 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2014-2531 Solution Status: Fixed in Version...

Authentication-Bypass in CosmoShop ePRO V10.17.00 (and lower, maybe higher)

Issue: Authentication-Bypass in CosmoShop ePRO V10.17.00 and lower, maybe higher Author: l0om http://l0om.org Date: 26.02.2013 Overview: Cosmoshop provides an admin backup-function which saves .htaccess protected MySQL dump files in a backup directory. This directory does only prevent HTTP...

[SECURITY] [DSA 2867-1] otrs2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2895-1] prosody security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2895-1 [email protected] http://www.debian.org/security/ Luciano Bello April 06, 2014 http://www.debian.org/security/faq -...

CVE-2014-5795 - Database Credentials Leak in Oracle Demantra

Vulnerability title: Database Credentials Leak in Oracle Demantra CVE: CVE-2014-5795 Vendor: Oracle Product: Demantra Affected version: 12.2.1 Fixed version: 12.2.3 Reported by: Oliver Gruskovnjak Details: Oracle Demantra version 12.2.1 has a backend function that allows anyone to retrieve the...

Jetro Cockpit Secure Browsing vulnerability - Client missing input validation allowing RCE

CVE-2014-1861 Affected versions: 4.3.3 4.3.1 and probably prior versions. Jetro Cockpit Secure Browsing makes use of a client running on a user's workstation in the enterprise's internal network, and a server in the DMZ that connects on the client's behalf to the internet. Attack scenario: User...

[CVE-2013-6234] XSS File Upload in SpagoBI v4.0

Advisory Information Title: XSS File Upload Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability Information CVE reference: CVE-2013-6234 CVSS v2 Base Score: 4 CVSS v2 Vector:...

[ MDVSA-2014:055 ] owncloud

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:055 http://www.mandriva.com/en/support/security/ Package : owncloud Date : March 13, 2014 Affected: Business Server 1.0 Problem Description: Updated owncloud packages fix security vulnerabilities and bugs:...

Plex Media Server multiple security vulnerabilities

Information leakage, protection bypass, CSRF...

[USN-2105-1] MAAS vulnerabilities

========================================================================== Ubuntu Security Notice USN-2105-1 February 13, 2014 maas vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

[CVE-2014-1903] FreePBX 2.9 through 12 RCE

Overview: Unauthenticated user-level Remote Code Execution RCE vulnerability in admin/config.php, the main interface to FreePBX. This bug was introduced in FreePBX 2.9, earlier versions are not affected. Score - 8.4 AV:N/AC:L/Au:N/C:P/I:P/A:C/E:H/RL:OF/RC:C/CDP:MH/TD:ND/CR:L/IR:L/AR:M Reference t...

CVE-2014-1223 - Cross-site Scripting in Telligent Evolution

Vulnerability title: Cross-site Scripting in Telligent Evolution CVE: CVE-2014-1223 Vendor: Telligent Product: Evolution Affected version: 7.5.0.32466 Fixed version: 7.6.7.36651 Reported by: Jerzy Kramarz Details: It is possible for an attacker to inject JavaScript by manipulating the 'msg'...

owncloud security vulnerabilities

Owncloud versions 5.0.15 and 6.0.2 fix several unspecified security vulnerabilities, as well as many other bugs...

Open-Xchange security vulnerabilities

Password is passed via URI during password reset. Crossite scripting...

OpenAFS DoS

Buffer overflow in GetStatistics64 RPC call...

[CVE-2014-2206] GetGo Download Manager HTTP Response Header Buffer Overflow Remote Code Execution

RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: GetGo Download Manager Vendor URL: www.getgosoft.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2014-02-20 Date published: 2014-03-02 CVSSv2 Score: 10,0 AV:N/AC:L/Au:N/C:C/I:C/A:C...

Update: CVE-2014-0053 Information Disclosure when using Grails

CVE-2014-0053 Information Disclosure in Grails applications Severity: Important Vendor: Grails by Pivotal Product Affected: - Grails Resources plugin 1.0.0 to 1.2.5 Products known to depend on the affected product: - Grails 2.0.0 to 2.3.6 Description: The Grails resources plug-in, a default...

Wordpress plugin Buddypress <= 1.9.1 privilege escalation vulnerability

Vulnerability: Wordpress plugin Buddypress = 1.9.1 privilege escalation Date: 13/02/2014 Author: Pietro Oliva Vendor Homepage: http://buddypress.org Software Link: http://downloads.wordpress.org/plugin/buddypress.1.9.1.zip Version: 1.9.1 CVE : CVE-2014-1889 Responsibly disclosed and patched in...

[CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0

Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability Information CVE reference: CVE-2013-6233...

CVE-2014-2570 - php-font-lib 0.3 www/make_subset.php Reflected Cross Site Scripting

========================================================== php-font-lib - Subset maker makesubset.php Reflected Cross-site Scripting Revision 1.0 ========================================================== Author: Daniel C. Marques @0xc0da Release date: 2014-03-23 Reference:...

Pearson eSIS Enterprise Student Information System Stored XSS

Advisory ID: hag201477 Product: Pearson eSIS Enterprise Student Information System Vendor: PearsonVue Vulnerable Versions: Any version Advisory Publication: April 06, 2014 Vendor Notification: March 05, 2014 Public Disclosure: April 06, 2014 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...

phpMyBackupPro-2.4 Cross-Site Scripting vulnerability

phpmybackuppro Cross-Site Scripting vulnerability @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@ @@@ @@...

[ MDVSA-2014:044 ] zarafa

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:044 http://www.mandriva.com/en/support/security/ Package : zarafa Date : February 19, 2014 Affected: Business Server 1.0 Problem Description: Robert Scheck discovered multiple vulnerabilities in Zarafa that...

[RT-SA-2014-002] rexx Recruitment: Cross-Site Scripting in User Registration

Advisory: rexx Recruitment Cross-Site Scripting in User Registration RedTeam Pentesting discovered a cross-site scripting XSS vulnerability in rexx Recruitment's user registration page during a penetration test. If attackers can persuade users to click on a prepared link or redirected them to suc...

[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability

HTTPCS Advisory : HTTPCS127 Product : ClanSphere Version : 2011.4 Date : 2014-03-07 Criticality level : Less Critical Description : A vulnerability has been discovered in ClanSphere, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'where'...

parcimonie information leakage

Information leakage via timings...

[SECURITY] [DSA 2899-1] openafs security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2899-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 09, 2014 http://www.debian.org/security/faq -...

Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue

Document Title: =============== Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1256 Video: http://www.vulnerability-lab.com/getcontent.php?id=1257 Release Dat...

[SECURITY] [DSA 2920-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2920-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 03, 2014 http://www.debian.org/security/faq -...

[CVE-2014-0072] Apache Cordova File-Transfer insecure defaults

CVE-2014-0073: Apache Cordova In-App-Browser privilege escalation Severity: Important Vendor: The Apache Software Foundation Versions Affected: Cordova In-App-Browser iOS plugin from Cordova versions 2.6.0 to 2.9.0 Cordova In-App-Browser iOS standalone plugin org.apache.cordova.inappbrowser...

CVE-2014-2043 - SQL Injection in Procentia IntelliPen

Vulnerability title: SQL Injection in Procentia IntelliPen CVE: CVE-2014-2043 Vendor: Procentia Product: IntelliPen Affected version: 1.1.12.1520 Fixed version: 1.1.18.1658 Reported by: Jerzy Kramarz Details: SQL injection has been found and confirmed within the software as an authenticated user....

Deutsche Telekom CERT Advisory [DTC-A-20140324-004] nagios vulnerability

Deutsche Telekom CERT Advisory DTC-A-20140324-004 Summary: An Off-by-one memory access was found in the web gui of nagios. A patch was applied to the core master branch of nagios http://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866/. This resolution is announced ...

Oracle / Sun / MySQL / PeopleSoft / OpenJDK applications multiple security vulnerabilities

Quarterly update fixes 144 different vulnerabilities...

prosody DoS

Resources exhaustion via zip bomb...

CVE-2014-1222 - Local File Inclusion in Vtiger CRM

Vulnerability title: Local File Inclusion in Vtiger CRM CVE: CVE-2014-1222 Vendor: Vtiger Product: CRM Affected version: Vtiger CRM 5.4.0, 6.0 RC & 6.0.0 GA Fixed version: Vtiger CRM 6.0.0 Security patch 1 Reported by: Jerzy Kramarz Details: A local file inclusion vulnerability was discovered in...

ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability

ESA-2014-003.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability EMC Identifier: ESA-2014-003 CVE Identifier: CVE-2014-0624 Severity Rating: CVSS v2 Base Score: 3.5 AV:L/AC:H/Au:S/C:P/I:P/A:P Affected Products: RSA Da...

EMC Documentum Content Server information leakage

It's possible to access restricted folders...

Deutsche Telekom CERT Advisory [DTC-A-20140324-002] update140328 - vulnerabilities in check_mk

Deutsche Telekom CERT Advisory DTC-A-20140324-002 update140328 Summary: Several vulnerabilities were found in checkmk version 1.2.2p2. Update to original advisory: Corrected: vulnerability 5 and 6 not 4 and 5 are currently not fixed. The vulnerabilities are: 1 - Reflected Cross-Site Scripting XSS...

[CVE-2013-6232] Persistent Cross-Site Scripting (XSS) in SpagoBI v4.0

Advisory Information Title: Persistent Cross-Site Scripting XSS in SpagoBI Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Information CVE reference: CVE-2013-6232 CVSS v2 Base...

[ MDVSA-2014:072 ] php-ZendFramework

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:072 http://www.mandriva.com/en/support/security/ Package : php-ZendFramework Date : April 9, 2014 Affected: Business Server 1.0 Problem Description: Updated php-ZendFramework packages fix security...