[mwrlabs advisory][CVE-2014-0748] Cray Aprun/Apinit Privilege Escalation

Cray Aprun/Apinit Privilege Escalation ====================================== MWR have identified a vulnerability which allows users to escalate their privileges to root on Cray supercomputers. This advisory details the vulnerability and the patches which Cray customers can apply in order to...

Mybb All Version Denial of Service Vulnerability

Mybb All Version Denial of Service Vulnerability !/usr/bin/perl @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@...

[SECURITY] [DSA 2860-1] parcimonie security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2860-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 11, 2014 http://www.debian.org/security/faq -...

CVE-2014-2044 - Remote Code Execution in ownCloud

Vulnerability title: Remote Code Execution in ownCloud CVE: CVE-2014-2044 Vendor: ownCloud Product: ownCloud Affected version: 4.0.x & 4.5.x Fixed version: 5.0 Reported by: Alejo Murillo Moya Details: A remote code execution has been found and confirmed within ownCloud as an authenticated user. A...

Free Download Manager buffer overflow

Buffer overflow via filename...

[SECURITY] [DSA 2889-1] postfixadmin security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2889-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 28, 2014 http://www.debian.org/security/faq -...

[CVE-2014-0072] Apache Cordova File-Transfer insecure defaults

CVE-2014-0072: Apache Cordova File-Transfer insecure defaults Severity: Important Vendor: The Apache Software Foundation Versions Affected: Cordova File-Transfer iOS plugin from Cordova versions 2.4.0 to 2.9.0 Cordova File-Transfer iOS standalone plugin org.apache.cordova.file-transfer versions...

CVE-2014-0054 Spring MVC Incomplete fix for CVE-2013-4152 / CVE-2013-6429 (XXE)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0054 Incomplete fix for CVE-2013-4152 / CVE-2013-6429 XXE Severity: Important Vendor: Spring by Pivotal Versions Affected: - - Spring MVC 3.0.0 to 3.2.8 - - Spring MVC 4.0.0 to 4.0.1 - - Earlier unsupported versions may be affected Descriptio...

WordPress thecotton Themes Remote File Upload Vulnerability

@@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@...

Sendy 1.1.9.1 - SQL Injection Vulnerability

Sendy contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the /send-to script not properly sanitizing user-supplied input to the "c" parameter. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the...

CVE-2014-1216 - Remote Command Execution in Fitnesse Wiki

Vulnerability title: Remote Command Execution in Fitnesse Wiki CVE: CVE-2014-1216 Vendor: Fitnesse Product: Wiki Affected version: v20131110 and earlier Fixed version: N/A Reported by: Jerzy Kramarz Details: The Fitnesse wiki does not validate the syntax of edited pages to validate whether the...

Persistent XSS in Media File Renamer V1.7.0 wordpress plugin

Title: Persistent XSS in Media File Renamer V1.7.0 wordpress plugin Date: 1/31/2014 Author: Larry W. Cashdollar, @larry0 Vendor: Notified 2/4/2014 CVE: 2014-2040 Download: http://www.meow.fr/media-file-renamer/ Vulnerability: The following functions do not sanitize input before being echoed out: ...

EMC RSA Data Loss Prevention privilege escalation

Privilege escalation because of invalid session management...

CVE-2014-0097 Spring Security Blank password may bypass user authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0097 Blank password may bypass user authentication Severity: Important Vendor: Spring by Pivotal Versions Affected: - - Spring Security 3.2.0 to 3.2.1 - - Spring Security 3.1.0 to 3.1.5 Description: The ActiveDirectoryLdapAuthenticator does n...

MAAS security vulnerabilities

Weak permissions, crossite scripting...

BlackBerry Z 10 - Buffer Overflow in qconnDoor [MZ-13-05]

--------------------------------------------------------------------- modzero Security Advisory: BlackBerry Z 10 - Buffer Overflow in qconnDoor MZ-13-05 --------------------------------------------------------------------- --------------------------------------------------------------------- 1...

Wordpress plugin Buddypress <= 1.9.1 stored xss vulnerability

Vulnerability: Wordpress plugin Buddypress = 1.9.1 stored xss Date: 13/02/2014 Author: Pietro Oliva Vendor Homepage: http://buddypress.org Software Link: http://downloads.wordpress.org/plugin/buddypress.1.9.1.zip Version: 1.9.1 CVE : CVE-2014-1888 Responsibly disclosed and patched in version 1.9....

SEC Consult SA-20140411-0 :: Multiple vulnerabilities in Plex Media Server

SEC Consult Vulnerability Lab Security Advisory 20140411-0 ======================================================================= title: Multiple vulnerabilities product: Plex Media Server vulnerable version: confirmed in 0.9.9.10 fixed version: none impact: High homepage: http://www.plex.tv...

Cisco ASA multiple security vulnerabilities

Privilege escalation authentication bypass, DoS...

Cray supercomputers privilege escalation

root privileges escalation via aprun/apinit...

CVE-2014-0372 - SQL Injection in Oracle Demantra

Vulnerability title: SQL Injection in Oracle Demantra CVE: CVE-2014-0372 Vendor: Oracle Product: Demantra Affected version: 12.2.1 Fixed version: 12.2.3 Reported by: Oliver Gruskovnjak Details: The Oracle Demantra application is vulnerable to SQL injection. An attacker with access to the vulnerab...

CVE-2014-1904 XSS when using Spring MVC

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-1904 XSS when using Spring MVC Severity: Moderate Vendor: Spring by Pivotal Versions Affected: - - Spring MVC 3.0.0 to 3.2.8 - - Spring MVC 4.0.0 to 4.0.1 - - Earlier unsupported versions may be affected Description: When a programmer does no...

JOIDS (Java OpenID Server) multiple vulnerabilities

Hi, This is a public disclosure with disarmed Proof of Concept of unpatched vulnerabilities in JOIDS Java OpenID Server. "JOIDS Java OpenID Server is a multi-domain, multi-user OpenID Provider based on OpenID4Java, Spring Framework, Hibernate, Velocity" https://code.google.com/p/openid-server/...

Blackberry Z10 buffer overflow

qconndoor service buffer overflow...

HP IceWall Identity Manager / HP IceWall SSO Password Reset Option DoS

DoS related to Apache Commons FileUpload...

Jetro Cockpit Secure Browsing code execution

Code execution via print-to-PDF function...

[CVE-2014-2087] Free Download Manager CDownloads_Deleted::UpdateDownload() Buffer Overflow Remote Code Execution

RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: Free Download Manager Vendor URL: www.freedownloadmanager.org Type: Stack-based Buffer Overflow CWE-121 Date found: 2014-02-20 Date published: 2014-02-13 CVSSv2 Score: 9,3...

OpenSSL race conditions

Race conditions lead to DoS or data injection...

[USN-2192-1] OpenSSL vulnerabilities

========================================================================== Ubuntu Security Notice USN-2192-1 May 05, 2014 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Vulnerability in PHPFox v3.7.3, v3.7.4 and v3.7.5 all build [ CVE-2013-7195, CVE-2013-7196 ]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CNA primary MITRE Corporation [email protected] Software Vendors PHPFox http://www.phpfox.com Product http://demo.phpfox.com Version: v3.7.3, v3.7.4 and v3.7.5 Research Wesley Henrique Leite wesleyhenrique NOSPAM gmail NOSPAM// com + INFORMATION...

Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti

Deutsche Telekom CERT Advisory DTC-A-20140324-001 Summary: Three vulnerabilities were found in cacti version 0.8.7g. The vulnerabilities are: 1 Stored Cross-Site Scripting XSS via URL 2 Missing CSRF Cross-Site Request Forgery token allows execution of arbitrary commands 3 The use of exec-like...

xbuffy buffer overflow

Buffer oveflow on message parsing...

Synology DSM4 Blind SQL Injection

Title: Synology DSM Blind SQL Injection Version affected: = 4.3-3827 Vendor: Synology Discovered by: Michael Wisniewski Status: Patched The file "/photo/include/blog/article.php" contains a Blind SQL Injection Vulnerability in the 'value' variable in the URL. The vendor was contacted approximatel...

[CVE-2014-2035] XSS in InterWorx Web Control Panel <= 5.0.12

============================================== Product: InterWorx Web Control Panel Vendor: InterWorx LLC Tested Version: 5.0.12 build 569 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2014-2035 Risk Level: Medium CVSSv2 Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N Solution...

[SECURITY] [DSA 2921-1] xbuffy security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2921-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez May 04, 2014 http://www.debian.org/security/faq -...

Deutsche Telekom CERT Advisory [DTC-A-20140324-003] vulnerabilities in icinga

Deutsche Telekom CERT Advisory DTC-A-20140324-003 Summary: Two vulnerabilities were found in icinga version 1.9.1. These vulnerabilities are: 1 several buffer overflows 2 Off-by-one memory access Recommendations: Updates available and need to be installed: - Icinga 1.10.2 Bug Fix Release - Icinga...

CVE-2014-5880 - Authentication Bypass in Oracle Demantra

Vulnerability title: Authentication Bypass in Oracle Demantra CVE: CVE-2014-5880 Vendor: Oracle Product: Demantra Affected version: 12.2.1 Fixed version: 12.2.3 Reported by: Oliver Gruskovnjak Details: The authentication filter in Oracle Demantra is broken by design. For example the page:...

Open-Xchange Security Advisory 2014-04-08

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Vulnerability type: Information exposure CWE-200 Vulnerable version: 7.4.2 and earlier Vulnerable component: frontend Fixed version: 7.4.2-rev13, 7.4.1-rev11, 7.2.2-rev20 Report confidence: Confirmed Solution status: Fixed by Vendor Vendor...

[ISecAuditors Security Advisories] - Reflected XSS vulnerability in Boxcryptor (www.boxcryptor.com)

============================================= INTERNET SECURITY AUDITORS ALERT 2014-001 - Original release date: February 4, 2014 - Last revised: February 4, 2014 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 CVSSv2 Base Scored - CVE-ID: - =============================================...

[ MDVSA-2014:057 ] mediawiki

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:057 http://www.mandriva.com/en/support/security/ Package : mediawiki Date : March 13, 2014 Affected: Business Server 1.0 Problem Description: Updated mediawiki packages fix multiple vulnerabilities: MediaWik...

Phpbb Forum Denial of Service Vulnerability

!/usr/bin/perl @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@...

EMC RSA BSAFE Micro Edition Suite security vulnerabilities

Few SSL related vulnerabilities in certificates chain validation and BEAST attacks...

Zarafa DoS

Few DoS conditions...

[ MDVSA-2014:062 ] webmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:062 http://www.mandriva.com/en/support/security/ Package : webmin Date : March 17, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was discovered and...

Bluetooth Text Chat v1.0 iOS - Code Execution Vulnerability

Document Title: =============== Bluetooth Text Chat v1.0 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1250 Release Date: ============= 2014-04-07 Vulnerability Laboratory ID VL-ID: ===================================...

CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive

Vulnerability title: Unauthenticated access to sensitive information and functionality in Livetecs Timelive CVE: CVE-2014-1217 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.2.8 Reported by: Richard Hatch Details: It was possible to access a URL that allowed...

Adobe Flash Player multiple security vulnerabilities

Use-after-free, buffer overflow, restrictions bypass, crossite scripting...

Ruby Actionpack / Actionmailer multiple security vulnerabilities

DoS, crossite scripting...

Different Ruby gems security vulnerabilities

Crossite scripting, code execution, information leakage...

Multiple Vulnerabilities in OpenDocMan

Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Vendor Patch: February 24, 2014 Public...