Sites designed by Plan B suffer from remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
74353edb6b9bfad8c79dd5fc97bd85115a127b7ec3a208e7ce1ed9b1bf98ca4aGnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
535373f59c88c171429ed3c4777dc7126681b597e3adca95aa88ecbb69e7c646Backupbuddy versions 2.2.4 and below suffer form sensitive data exposure vulnerabilities.
cbe311849237bfc9b163b928d07dd363ac78ad37c2671920bf6ec41f05f6039fJAOW version 2.4.8 suffers from a cross site scripting vulnerability.
1756fb0f74d18ef67eb1e819d35290b5368c6c4ca15037e67b1d5eb67dff2bc6AContent version 1.3 suffers from a local file inclusion vulnerability.
dc8fa3990193a6cdff88f129fadbb8cd29020fb630f73f75c5ed020e4615685eFree Hosting Manager version 2.0.2 suffers from a remote SQL injection vulnerability.
4295a00581caeec06139b95b1fc60c8ee276284817c2324aecfcae44f23330aeThis Metasploit module exploits a vulnerability found in KingView <= 6.55. It exists in the KingMess.exe application when handling log files, due to the insecure usage of sprintf. This Metasploit module uses a malformed .kvl file which must be opened by the victim via the KingMess.exe application, through the 'Browse Log Files' option. The module has been tested successfully on KingView 6.52 and KingView 6.53 Free Trial over Windows XP SP3.
a222e0dccc97deceefae4025049d3943429ac06345a09773afe5955769586945This Metasploit module exploits an authenticated command injection vulnerability in the Mutiny appliance. Versions prior to 4.5-1.12 are vulnerable. In order to exploit the vulnerability the mutiny user must have access to the admin interface. The injected commands are executed with root privileges. This Metasploit module has been tested successfully on Mutiny 4.2-1.05.
1fad7a31c0a752bd14f7e1935025f6ba0a7fc35ef4c925b7202c07a9fca02a4aUbuntu Security Notice 1778-1 - Andrew Jones discovered a flaw with the xen_iret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege. A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. Various other issues were also addressed.
af8c6d029a29cb100ee0cf285e51af80c2f837650a0be518c832cb85e752d2a1Ubuntu Security Notice 1776-1 - A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). Various other issues were also addressed.
97d3855a4b7407cdfe8da33f6e14f63525cfe8916a39471f14e794dc510927adUbuntu Security Notice 1775-1 - A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). Various other issues were also addressed.
1358f8a1f860e256b3384b686b5acc9fc5aaf68a1cbe72af55479f9faf55d338HP Security Bulletin HPSBUX02856 SSRT101104 - Potential security vulnerabilities have been identified with HP-UX OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or allow unauthorized disclosure of information. Revision 1 of this advisory.
9917a432965b1459a3758cf6c669fbe20c9d2348e5edcfdba51ca85b607708f2Local root exploit for Mageia release 2 (32bit) using the sock_diag_handlers[] vulnerability.
583f10c762d370ddd5cd3c44ff64334cc20eb9b077d18cc3b9667645a0e13222GnuTLS libgnutls double-free certificate list parsing remote denial of service proof of concept exploit. Versions affected are 3.0.13 and below.
cdefe8cbc7db61295ac1d863eda74e91643144878d48831d727a329a03ac2ec2WordPress IndiaNIC FAQS Manager third party plugin version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
4eef48563f974167e0475f2ccc99c75e0be7d32fa173da8022968e93ced51a37WordPress IndiaNIC FAQS Manager third party plugin version 1.0 suffers from a remote blind SQL injection vulnerability.
3d1a884edc47b4a97429ba801e284ca9de542f09d510a7f8693e162902fc8430This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions < 2.3.1.2. This issue is caused because the ParametersInterceptor allows for the use of parentheses which in turn allows it to interpret parameter values as OGNL expressions during certain exception handling for mismatched data types of properties which allows remote attackers to execute arbitrary Java code via a crafted parameter.
e56bcff70dfc308ffd717452aab966d54c1fdec14e8544d8df4198054ba401b9LibreOffice version 4.0.1.2 suffers from an update spoofing vulnerability due to not using a secure channel nor digital signatures.
0fd0fd152553fcde204b860ae9af883db4511e308c44f058a80c84db259f2843EastFTP Active-X control version 4.6.02 code execution exploit.
47eaaf588524ad7407e7c1eb004c09636584ead0b6cece7bf2405b531a30fe71This archive contains proof of concept exploits from Security Explorations. They waited for over a year for vendors to fix the issues in various digital satellite TV platforms and were ignored.
226671de37e4d85a2d62d0df29ac823cb5ba7b68f552e3d574a8e4642dcc0a49Red Hat Security Advisory 2013-0671-01 - PackStack is a command line utility that uses Puppet modules to support rapid deployment of OpenStack on existing servers over an SSH connection. PackStack is suitable for deploying both single node proof of concept installations and more complex multi-node installations. It was found that PackStack did not handle the answer file securely. In some environments, such as those using a non-default umask, a local attacker could possibly modify the answer file if PackStack was run in an attacker controlled directory, or attempted to create the answer file in "/tmp/", allowing the attacker to modify systems being deployed using OpenStack. Note: After applying this update, PackStack will create the answer file in the user's home directory by default. It will no longer create it in the current working directory or the "/tmp/" directory by default.
85ac7dd9a04979cc15ea84e62d6594f4bb4612fd814eea5ea9893b169ddd1d78Red Hat Security Advisory 2013-0670-01 - The Django web framework is used by Horizon, the OpenStack Dashboard, which is a web interface for managing OpenStack services. A denial of service flaw was found in the Extensible Markup Language parser used by Django. A remote attacker could use this flaw to send a specially-crafted request to an Horizon API, causing Horizon to consume an excessive amount of CPU and memory. A flaw was found in the XML parser used by Django. If a remote attacker sent a specially-crafted request to an Horizon API, it could cause Horizon to connect to external entities, causing a large amount of system load, or allow an attacker to read files on the Horizon server that are accessible to the user running Horizon.
f43133ae695ecbbd6f834f905823dd891d699fa224d25328a2c8c1c9c98db579Red Hat Security Advisory 2013-0669-01 - Qt is a software toolkit that simplifies the task of writing and maintaining GUI applications for the X Window System. It was discovered that the QSharedMemory class implementation of the Qt toolkit created shared memory segments with insecure permissions. A local attacker could use this flaw to read or alter the contents of a particular shared memory segment, possibly leading to their ability to obtain sensitive information or influence the behavior of a process that is using the shared memory segment.
0e67715652896aa6a5c89b1f944208d96234e81835c89b6e02a33a791946f822Red Hat Security Advisory 2013-0668-01 - The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standard Library. A flaw was found in the way the ordered_malloc() routine in Boost sanitized the 'next_size' and 'max_size' parameters when allocating memory. If an application used the Boost C++ libraries for memory allocation, and performed memory allocation based on user-supplied input, an attacker could use this flaw to crash the application or, potentially, execute arbitrary code with the privileges of the user running the application.
177eeb143093a935b907879d3e2456e4d04a4b736b6f3edca5b2c328fd9975cfRed Hat Security Advisory 2013-0658-01 - The openstack-cinder packages provide OpenStack Volume, which provides services to manage and access block storage volumes for use by virtual machine instances. A denial of service flaw was found in the Extensible Markup Language parser used by Cinder. A remote attacker could use this flaw to send a specially-crafted request to a Cinder API, causing Cinder to consume an excessive amount of CPU and memory. A flaw was found in the XML parser used by Cinder. If a remote attacker sent a specially-crafted request to a Cinder API, it could cause Cinder to connect to external entities, causing a large amount of system load, or allow an attacker to read files on the Cinder server that are accessible to the user running Cinder.
685dedeb4a1d9e24e68f572aa40addf6cf297350396926eb9e89d6cf3c150694
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed