Debian Linux Security Advisory 3548-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
7a6a72fc4b7668bd8cbc57c97d60464eeffdb556c75c1914e8530a1e6d416eb8OpenWGA Content Manager version 7.1.9 suffers from a cross site scripting vulnerability when input passed via the User-Agent HTTP header is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
9d71ce5e11ca39dfc7ec78ef37fa5c5ebd50d84f836c4358d8cf523620e4a121OpenWGA Developer Studio version 3.1.0 suffers from an arbitrary code execution vulnerability when using the File OpenDialog box enabling the attacker to execute any binary he or she chooses including elevation of privileges.
cac68fae3b766c1b59f1effea63f646a7d46e1e5a92a57e85fcc6a77d37f8919This Metasploit module exploits a file upload vulnerability in Kace K1000 versions 5.0 to 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 which allows unauthenticated users to execute arbitrary commands under the context of the 'www' user. This Metasploit module also abuses the 'KSudoClient::RunCommandWait' function to gain root privileges. This Metasploit module has been tested successfully with Dell KACE K1000 version 5.3.
ce165f4ada05beefea1776978f34c8b9073a363082d4e2c9070aa0d2aed7d73dTexas Instruments Calculators Emulator version 3.03-nogdb+dfsg-3 suffers from a buffer overflow vulnerability.
189c0e2dd8442cb5bb1443d6a2b0e7a6e2a076cb8c15f1bc5ba7f76146a40887Webline CMS 2016Q2 suffers from a remote SQL injection vulnerability.
0a5013f90a4d1adad4f948811aefe1b99cc92775272d91587066533f3c50a3f3Red Hat Security Advisory 2016-0612-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.
ffbf714b0edd288eeaf89811100e15d4b6b63a95aa4b7b155086d46d5b7e484aRed Hat Security Advisory 2016-0618-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.
2ef3378782b2bc3031aa0f55cbc9dc7d137916e7c132e676b32ed6eddb2e01c8Red Hat Security Advisory 2016-0614-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.
28b70dba8ec3f6d0feaab4a731c2c94f34f0c5f334aa07d08384ce1e210bdf87Red Hat Security Advisory 2016-0625-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol and the Local Security Authority Remote Protocol. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.
ff28c74c3e9ee7ca93fb17e35f33b850df2eaf1ee08ce8f0366ddf8a1aa08d95Ovidentia module Troubletickets version 7.6 suffers from a remote file inclusion vulnerability.
8b8b42d83c24b45290bbe6733839b4dcde30f4bfb2e1b86847d77f45461c6242
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed