BugTraq Mode:
(Page 5 of 1700)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-26
Dawid Golunski (dawid legalhackers com)
I added a simple PoC video for the CVE-2016-1240 vulnerability.

In the PoC I used Ubuntu 16.04 with the latest tomcat7 package
(version: 7.0.68-ubuntu-0.1) installed from the default ubuntu repos
which appears vulnerable still.

The video poc can be found at:

http://legalhackers.com/videos/Apache-

[ more ]  [ reply ]
[SECURITY] [DSA 3700-1] asterisk security update 2016-10-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3700-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
October 25, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3701-1] nginx security update 2016-10-25
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3701-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
October 25, 2016

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED] 2016-10-25
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-16:15.sysarch [REVISED] Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
CVE-2016-6804 Apache OpenOffice Windows Installer Untrusted Search Path 2016-10-25
Dennis E. Hamilton (orcmid apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

CVE-2016-6804
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6804>
Apache OpenOffice Advisory
<https://www.openoffice.org/security/cves/CVE-2016-6804.html>

Title: Windows Installer Execution of Arbitrary Code with Elevated Privileges

Version

[ more ]  [ reply ]
wincvs-2.0.2.4 Privilege Escalation 2016-10-25
apparitionsec gmail com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/WINCVS-PRIVILEGE-ESCALATION.t
xt

[+] ISR: ApparitionSec

Vendor:
======================
cvsgui.sourceforge.net
www.wincvs.org

Product:
===========
WinCvs v2.1.1.1

[ more ]  [ reply ]
APPLE-SA-2016-10-24-3 Safari 10.0.1 2016-10-24
Apple Product Security (product-security-noreply lists apple com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-10-24-3 Safari 10.0.1

Safari 10.0.1 is now available and addresses the following:

WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12
Impact: Processing maliciously crafted web content may le

[ more ]  [ reply ]
[SECURITY] [DSA 3698-1] php5 security update 2016-10-24
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3698-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
October 24, 2016

[ more ]  [ reply ]
Puppet Enterprise Web Interface Authentication Redirect 2016-10-22
hyp3rlinx lycos com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/PUPPET-AUTHENTICATION-REDIREC
T.txt

[+] ISR: ApparitionSec

Vendor:
==============
www.puppet.com

Product:
================================
Puppet Enterprise Web

[ more ]  [ reply ]
Puppet Enterprise Web Interface User Enumeration 2016-10-21
apparitionsec gmail com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/PUPPET-USER-ENUMERATION.txt

[+] ISR: ApparitionSec

Vendor:
==============
www.puppet.com

Product:
===============================
Puppet Enterprise Web Interfa

[ more ]  [ reply ]
Puppet Enterprise Web Interface Authentication Redirect 2016-10-21
apparitionsec gmail com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/PUPPET-AUTHENTICATION-REDIREC
T.txt

[+] ISR: ApparitionSec

Vendor:
==============
www.puppet.com

Product:
================================
Puppet Enterprise Web

[ more ]  [ reply ]
Oracle Netbeans IDE v8.1 Import Directory Traversal 2016-10-21
apparitionsec gmail com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/ORACLE-NETBEANS-IDE-DIRECTORY
-TRAVERSAL.txt

[+] ISR: ApparitionSec

Vendor:
===============
www.oracle.com

Product:
=================
Netbeans IDE v8.1

Vulne

[ more ]  [ reply ]
ESA-2016-111: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability 2016-10-20
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-111: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability

EMC Identifier: ESA-2016-111

CVE Identifier: CVE-2016-0909

Severity Rating: CVSSv3 Base Score: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affe

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 44): complete failure of Windows Update 2016-10-20
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

since more than a year now, Windows Update fails (not only, but most
notably) on FRESH installations of Windows 7/8/8.1 (especially their
32-bit editions), which then get NO security updates at all [°]!

One of the many possible causes: Windows Update Client runs out of
(virtual) memory dur

[ more ]  [ reply ]
[CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability 2016-10-20
dirtycow dirtcow ninja
Debian: https://security-tracker.debian.org/tracker/CVE-2016-5195

Redhat: https://access.redhat.com/security/cve/cve-2016-5195

FAQ: https://dirtycow.ninja/

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 45): filesystem redirection fails to redirect the application directory 2016-10-20
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

on x64 editions of Windows, RegEdit.exe exists both as
%windir%\regedit.exe and %windir%\SysWOW64\regedit.exe.

<https://msdn.microsoft.com/en-us/library/aa384187.aspx> states

| [...] whenever a 32-bit application attempts to access [...]
| %windir%\regedit.exe is redirected to %windir%\Sy

[ more ]  [ reply ]
[security bulletin] HPSBGN03663 rev.1 - HPE ArcSight WINC Connector, Remote Code Execution 2016-10-19
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053137
43

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05313743
Version: 1

HPSBGN03663 rev.1 - HPE ArcS

[ more ]  [ reply ]
Cisco Security Advisory: Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability 2016-10-19
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability

Advisory ID: cisco-sa-20161019-asa-idfw

Revision: 1.0

For Public Release 2016 October 19 16:00 GMT

+---------------------------------------------------------------------

Su

[ more ]  [ reply ]
[SECURITY] [DSA 3695-1] quagga security update 2016-10-18
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3695-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
October 18, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3694-1] tor security update 2016-10-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3694-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
October 18, 2016

[ more ]  [ reply ]
[ERPSCAN-16-030] SAP NetWeaver - buffer overflow vulnerability 2016-10-17
ERPScan inc (erpscan online gmail com)
Application: SAP NetWeaver KERNEL

Versions Affected: SAP NetWeaver KERNEL 7.0-7.5

Vendor URL: http://SAP.com

Bugs: Denial of Service

Sent: 09.03.2016

Reported: 10.03.2016

Vendor response: 10.03.2016

Date of Public Advisory: 12.07.2016

Reference: SAP Security Note 2295238

Author: Dmitry

[ more ]  [ reply ]
[SECURITY] [DSA 3693-1] libgd2 security update 2016-10-14
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3693-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
October 14, 2016

[ more ]  [ reply ]
Evernote for Windows DLL Loading Remote Code Execution Vulnerability 2016-10-14
mehta himanshu21 gmail com
Aloha,

Summary
Evernote contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability exists due to some DLL file is loaded by 'Evernote_6.1.2.2292.exe' improperly. And it allows an attacker to load th

[ more ]  [ reply ]
[security bulletin] HPSBNS03661 rev.1 - NonStop Backbox, Remote Disclosure of Information 2016-10-13
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053075
89

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05307589
Version: 1

HPSBNS03661 rev.1 - NonStop

[ more ]  [ reply ]
Snort v2.9.7.0-WIN32 DLL Hijack 2016-10-12
apparitionsec gmail com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/SNORT-DLL-HIJACK.txt

[+] ISR: ApparitionSec

Vendor:
=============
www.snort.org

Product:
===================
Snort v2.9.7.0-WIN32

Snort is an open-source, fre

[ more ]  [ reply ]
ZendStudio IDE v13.5.1 Privilege Escalation 2016-10-12
apparitionsec gmail com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/ZEND-STUDIO-PRIVILEGE-ESCALAT
ION.txt

[+] ISR: ApparitionSec

Vendor:
============
www.zend.com

Product:
======================
ZendStudio IDE v13.5.1

Zend Stud

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Meeting Server Client Authentication Bypass Vulnerability 2016-10-12
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Meeting Server Client Authentication Bypass Vulnerability

Advisory ID: cisco-sa-20161012-msc

Revision 1.0

For Public Release 2016 October 12 16:00 UTC (GMT)
Last Updated 2016 October 12 16:00 UTC (GMT)

+-------------------------------------

[ more ]  [ reply ]
Multiple Vulnerabilities in Plone CMS 2016-10-12
Sebastian Perez (s3bap3 gmail com)
[Product Description]
Plone is a free and open source content management system built on
top of the Zope application server. Plone is positioned as an
"Enterprise CMS" and is most commonly used for intranets and as part
of the web presence of large organizations

[Systems Affected]
Product

[ more ]  [ reply ]
[security bulletin] HPSBPV03516 rev.2 - HP VAN SDN Controller, Multiple Vulnerabilities 2016-10-11
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c048196
35

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04819635
Version: 2

HPSBPV03516 rev.2 - HP VAN

[ more ]  [ reply ]
Facebook API v2.1 - RFC6749 Open Redirect Vulnerability 2016-10-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Facebook API v2.1 - RFC6749 Open Redirect Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1972

Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2016/10/10/facebook-api-v21
-hit-rfc6749-

[ more ]  [ reply ]
(Page 5 of 1700)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus