EMC Documentum WebTop based products contain fixes for multiple cross-scripting vulnerabilities that could potentially be exploited by malicious users to inject arbitrary script via some query string parameters. This may lead to execution of malicious html requests or scripts in the context of an authenticated user. These issues are caused due to the vulnerable parameters ?startat? and ?entryId?.
b434568623c4c0e8cf4b56bd01b7005b5a5a3db80d070310d5419ca3eebed85eDocumentum WDK based clients may be vulnerable to multiple CSRF vulnerabilities. A malicious unauthenticated attacker can potentially leverage this vulnerability to trick authenticated users of the application to click on specially-crafted links that are embedded within an email, web page or other source and perform Docbase operations with that user privileges.
4df293103cd5f8c60c8784e2a3ef3a2ec090d9c792323de73f9429bdd73c182eUbuntu Security Notice 2232-4 - USN-2232-1 fixed vulnerabilities in OpenSSL. One of the patch backports for Ubuntu 10.04 LTS caused a regression for certain applications. This update fixes the problem.
67e0e8644e9b976275e227eeae25d58569e1a29be71eb344aa1092fdbe47be4dThis Metasploit module takes advantage of the addition of authorized ssh keys in the gitlab-shell functionality of Gitlab. Versions of gitlab-shell prior to 1.7.4 used the ssh key provided directly in a system call resulting in a command injection vulnerability. As this relies on adding an ssh key to an account valid credentials are required to exploit this vulnerability.
65fe10c27fade5931f989520557835098ed4bf35e440ecf8cc61973c2269ee5bThis Metasploit module gains remote code execution on Firefox 15-22 by abusing two separate Javascript-related vulnerabilities to ultimately inject malicious Javascript code into a context running with chrome:// privileges.
723732f5e9f85d7844a5395a8a59e9af072256440c604cfc1138fd3468e2d08dDebian Linux Security Advisory 3006-1 - Multiple security issues have been discovered in the Xen virtualisation solution which may result in information leaks or denial of service.
022c7dacd6753366685e6693c5aeb3e32a9dce17c24badf0fc135994da1dfee0Apache HttpComponents (prior to revision 4.3.5/4.0.2) may be susceptible to a 'Man in the Middle Attack' due to a flaw in the default hostname verification during SSL/TLS when a specially crafted server side certificate is used.
889514603cc555b13c01e72b05be1ebefa0cbf2ff89b15aa2ff8b3f9c2602bf1Senkas Kolibri WebServer version 2.0 is vulnerable to remote code execution via an overly long POST request. Sending the exploit will result in a SEH overwrite, which can then be use to redirect execution to a POP POP RET within the application's binary itself, which once executed, will allow the attacker to execute his/her payload located in the HOST field.
e7aca045137e803e2f420610b3f8fd1f46b74e952efdfc1f4fc8d70e6048f942Red Hat Security Advisory 2014-1073-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv3, TLS, and other security standards. It was found that the implementation of Internationalizing Domain Names in Applications hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid. In addition, the nss, nss-util, and nss-softokn packages have been upgraded to upstream version 3.16.2, which provides a number of bug fixes and enhancements over the previous versions.
03bc1e998b88732356d3e9bf36b37a5c3c6517bf7c5512470a4b2b29f352b83aUbuntu Security Notice 2317-1 - Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. Kenton Varda discovered a flaw with read-only bind mounds when used with user namespaces. An unprivileged local user could exploit this flaw to gain full write privileges to a mount that should be read only. Various other issues were also addressed.
891094f08750c7ff1ccc2f3aa4fe734c4fae78b401f90a2713af74ba81869398Ubuntu Security Notice 2318-1 - Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. Kenton Varda discovered a flaw with read-only bind mounds when used with user namespaces. An unprivileged local user could exploit this flaw to gain full write privileges to a mount that should be read only. Various other issues were also addressed.
ac47389034e16265b91f850754f4d17ed121b6517b8fb5a79f805b8139d46dffOutlook.com for Android fails to properly validate SSL server certificates allowing for man-in-the-middle attacks. This issue was found in Outlook.com for Android version 7.8.2.12.49.2176 and version 7.8.2.12.49.6434.
feb52f7f3c4f0ae9883f60191249254d8403bfb4759cf2e2b7f8a017088d241aTenda A5s router suffers from an authentication bypass vulnerability due to improperly trusting cookies.
75354821f95fabdfb5c0ba4d05cdf943735ebbb7e157fc3995bef4b079711abdViproy Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.
dd2aee754acd9cdcd4184af9508f9a6f1c6510444a5f6485807f4ac9ebf5000fThese are the slides from the presentation "VoIP Wars: Attack of the Cisco Phones" from the talk given at Defcon 22 and Blackhat USA 2014.
720ddb24a662b21cf705390762e270841f4e60b42dfbc2cfb78cf7cff84316a9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed