This is information regarding more bash vulnerabilities and how the original bash patches are ineffective.
9bef4f643cbc941c231d0995aa7df24f7322c03118f4cd7d60f56a5e05ccb428Epicor suffers from cross site scripting and password disclosure vulnerabilities.
0adc38541eec06be524dcdc4e10cbddffc5db40fd0f6f43e692e614e15788b74VMware Security Advisory 2014-0010 - VMware product updates address Bash security vulnerabilities.
35f6ed13d7102c88ca22ea6b869c28a45351e9ff87730aeeba642d5f37e08c62This archive contains all of the 158 exploits added to Packet Storm in September, 2014.
81e439aa508cca46d13331ea18cff9058479738a2b374e9b407aadaf61ac213eDebian Linux Security Advisory 3040-1 - Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.
e561d69b5178aba532af90ac7fb2ff1c69d976ffa69a1ce6567926bb397cbdd2Debian Linux Security Advisory 3041-1 - Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation.
4907d5b964f09a01c74ae0dc6ff9400295f8a8a13014c446cbbe4712c94984e9HP Security Bulletin HPSBMU03112 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Cross-site Scripting (XSS), Cross-site Request Forgery (CSRF), unauthorized disclosure of information, Denial of Service (DoS), and Clickjacking. Revision 1 of this advisory.
c7ee397bfe22743f1104826923b5ce2ee2bca83ffb77b9abc0126c7de3855248HP Security Bulletin HPSBST02958 - A potential security vulnerability has been identified with the HP MPIO Device Specific Module Manager. The vulnerability could be exploited locally to allow the execution of arbitrary code with privilege elevation. Revision 1 of this advisory.
a279e6dea837d98cd8fc73d74b390af5d9b26b658c6d62ef392942efede97dc0Textpattern version 4.5.5 suffers from a cross site scripting vulnerability.
c17496ddf5eda6467a85ee2db8b923d8afebf2fd140f0406c05e99b876845c6cHoneywell Falcon suffers from a vulnerability that allows anyone to login as the administrator without prior knowledge of any username or password.
38330e824709e2c82d60c63e425dfc961fdac2c05ddd5ba2bd7656c5ec7730c2WordPress Photo Gallery plugin version 1.1.30 suffers from a cross site scripting vulnerability.
963cbc8f2a16c4c41a12514cac90dc610c8c590afb2e097a64fd27d9a84c60a8A remote attacker can bypass authentication and create a false FreePBX Administrator account, which will then let them perform any action on a FreePBX system as the FreePBX user (which is often 'asterisk' or 'apache'). As of 2014/10/01 all versions of FreePBX are affected.
260d4b01eefece16b936fcbf58b1831d277210366a095cd34a9abbeb2d4109dfHP Security Bulletin HPSBHF03119 - A potential security vulnerability has been identified with HP DreamColor Display running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: Only the Z27x model is vulnerable. Revision 1 of this advisory.
da9257ca6c57b23fa4805ff297044e25f462fa8dde75c23bf8abded80b03f407TestLink version 1.9.11 suffers from multiple remote SQL injection vulnerabilities.
89a8209be3fba1b541de072c93114fc6da4c5937177e0ac438ee7af7946ca9c8HP Security Bulletin HPSBGN03117 - A potential security vulnerability has been identified with HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: The vCAS product is vulnerable only if DHCP is enabled. Revision 1 of this advisory.
477153bb7561e72d2c4aa3bcf37dc3af2ca5f1778cd8673085ac6be3db145009TP-Link VxWorks-based devices and 2-Series switches suffer from a large amount of vulnerabilities that the vendor refuses to address.
a676a5da6cb174308fa906e9e2a112a82239a9b19b287869528315328ae3de27
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed