Computer Security
[EN] securityvulns.ru no-pyccku


Enterpriser16 LoadBalancer multiple security vulnerabilities
Published:02.01.2013
Source:
SecurityVulns ID:12809
Type:remote
Threat Level:
5/10
Description:Multiple Web interface vulnerabilities.
Affected:ENTERPRISER16 : Enterpriser16 LoadBalancer 7.1
Original documentdocumentVulnerability Lab, Enterpriser16 LoadBalancer v7.1 - Multiple Web Vulnerabilities (02.01.2013)

AppArmor protection bypass
Published:02.01.2013
Source:
SecurityVulns ID:12805
Type:local
Threat Level:
5/10
Description:It's possible to bypass protection
Original documentdocumentUBUNTU, [USN-1668-1] Apport update (02.01.2013)
 documentUBUNTU, [USN-1676-1] AppArmor update (02.01.2013)

Comodo Internet Security authentication bypass
Published:02.01.2013
Source:
SecurityVulns ID:12810
Type:local
Threat Level:
4/10
Description:It's possible to access settings without enteing password if desktop widget is enabled.
Affected:COMODO : Comodo Internet Security 6.0
Files:Обход защиты CIS

GnuPG memory corruption
Published:02.01.2013
Source:
SecurityVulns ID:12792
Type:local
Threat Level:
5/10
Description:Memory corruption on keyring file import.
Affected:GNU : GnuPG 1.4
CVE:CVE-2012-6085 (The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.)
Original documentdocumentKB Sriram, GnuPG 1.4.12 and lower - memory access errors and keyring database corruption (02.01.2013)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:02.01.2013
Source:
SecurityVulns ID:12793
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:CUBECART : CubeCart 3.0
 MOINMOIN : MoinMoin 1.9
 AFFINITY : BuddyPress 1.2
 CUBECART : CubeCart 5.0
 CUBECART : CubeCart 4.4
 MEDIAWIKI : mediawiki 2.11
 MAHARA : Mahara 1.5
 ADISCON : Log Analyzer 3.6
 BANANADANCE : Banana Dance B.2.6
 EBB : Elite Bulletin Board 2.1
 WORDPRESS : WP-UserOnline 2.62
CVE:CVE-2012-6037 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4, and other versions including 1.2, allow remote attackers to inject arbitrary web script or HTML via a CSV header with "unknown fields," which are not properly handled in error messages in the (1) bulk user, (2) group, and (3) group member upload capabilities. NOTE: this issue was originally part of CVE-2012-2243, but that ID was SPLIT due to different issues by different researchers.)
 CVE-2012-5874 (Multiple SQL injection vulnerabilities in the (1) update_whosonline_reg and (2) update_whosonline_guest functions in Elite Bulletin Board before 2.1.22 allow remote attackers to execute arbitrary SQL commands via the PATH_INFO to (a) checkuser.php, (b) groups.php, (c) index.php, (d) login.php, (e) quicklogin.php, (f) register.php, (g) Search.php, (h) viewboard.php, or (i) viewtopic.php.)
 CVE-2012-5244 (Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to functions/print.php; or (7) the name parameter to functions/ajax.php.)
 CVE-2012-5243 (functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to read arbitrary database information via a crafted request.)
 CVE-2012-5242 (Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter in a get_template action.)
 CVE-2012-2253 (Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x before 1.5.7 and 1.6.x before 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter.)
 CVE-2012-2247 (Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to artefact/file/ and a crafted SVG file.)
 CVE-2012-2246 (Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to conduct clickjacking attacks to delete arbitrary users and bypass CSRF protection via account/delete.php.)
 CVE-2012-2244 (Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote authenticated administrators to execute arbitrary programs by modifying the path to clamav. NOTE: this can be exploited without authentication by leveraging CVE-2012-2243.)
 CVE-2012-2243 (Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to inject arbitrary web script or HTML by uploading an XML file with the xhtml extension, which is rendered inline as script. NOTE: this can be leveraged with CVE-2012-2244 to execute arbitrary code without authentication, as demonstrated by modifying the clamav path.)
 CVE-2012-2239 (Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote attackers to read arbitrary files or create TCP connections via an XML external entity (XXE) injection attack, as demonstrated by reading config.php.)
Original documentdocumentMustLive, XSS and CS vulnerabilities in BuddyPress for WordPress (02.01.2013)
 documentMustLive, CS and XSS vulnerabilities in BuddyPress for WordPress (02.01.2013)
 documentMustLive, Multiple vulnerabilities in multiple themes for WordPress (02.01.2013)
 documentMustLive, BF, CSRF, AoF and IAA vulnerabilities in MODx Revolution (02.01.2013)
 documentMustLive, Persistent XSS vulnerability in WP-UserOnline (02.01.2013)
 documentMustLive, Multiple vulnerabilities in RocketTheme themes for WordPress (02.01.2013)
 documentHigh-Tech Bridge Security Research, Multiple SQL Injection Vulnerabilities in Elite Bulletin Board (02.01.2013)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in Banana Dance (02.01.2013)
 documentVulnerability Lab, Log Analyzer 3.6.0 - Cross Site Scripting Vulnerability (02.01.2013)
 documentDEBIAN, [SECURITY] [DSA 2591-1] mahara security update (02.01.2013)
 documentUBUNTU, [USN-1680-1] MoinMoin vulnerabilities (02.01.2013)
 documentDEBIAN, [SECURITY] [DSA 2596-1] mediawiki-extensions security update (02.01.2013)
 documentYGN Ethical Hacker Group, Open-Realty CMS 3.x | Persistent Cross Site Scripting (XSS) Vulnerability (02.01.2013)
 documentYGN Ethical Hacker Group, Open-Realty CMS 3.x | Cross Site Request Forgery (CSRF) Vulnerability (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 3.0.20 (3.0.x) and lower | Multiple Cross Site Scripting Vulnerabilities (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 3.0.20 (3.0.x) and lower | Arbitrary File Upload (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 3.0.20 (3.0.x) and lower | Multiple SQL Injection Vulnerabilities (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 5.0.7 and lower | Open URL Redirection Vulnerability (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 5.0.7 and lower | Open URL Redirection Vulnerability (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 4.4.6 and lower | Cross Site Request Forgery (CSRF) Vulnerability (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 4.4.6 and lower | Multiple Cross Site Scripting Vulnerabilities (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 4.4.6 and lower | Multiple SQL Injection Vulnerabilities (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 4.4.6 and lower | Local File Inclusion Vulnerability (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 4.x/5.x | Setup Re-installation Privilege Escalation Vulnerability (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 5.0.7 and lower versions | Insecure Backup File Handling (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 5.x | Cross Site Request Forgery (CSRF) Vulnerability (02.01.2013)
 documentYGN Ethical Hacker Group, CubeCart 5.x | Multiple Cross Site Scripting Vulnerabilities (02.01.2013)

Charybdis IRC server DoS
Published:02.01.2013
Source:
SecurityVulns ID:12794
Type:remote
Threat Level:
5/10
Description:assert() on client capabilities negotiation.
Original documentdocumentmuztapha_(at)_gmail.com, Charybdis: Improper assumptions in the server handshake code may lead to a remote crash (02.01.2013)

Oracle VirtualBox DoS
Published:02.01.2013
Source:
SecurityVulns ID:12795
Type:local
Threat Level:
5/10
Description:Incorrect interrupt handling.
Affected:ORACLE : VirtualBox 4.1
 ORACLE : VirtualBox 3.2
 ORACLE : VirtualBox 4.0
CVE:CVE-2012-3221 (Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1 allows local users to affect availability via unknown vectors related to VirtualBox Core.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2594-1] virtualbox-ose security update (02.01.2013)

elinks authentication relaing
Published:02.01.2013
Source:
SecurityVulns ID:12796
Type:client
Threat Level:
5/10
Description:Incorrect user credentials delegation in GSS.
Affected:ELINKS : elinks 0.12
CVE:CVE-2012-4545 (The http_negotiate_create_context function in protocol/http/http_negotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2592-1] elinks security update (02.01.2013)

SonicWall Email Security crossite scripting
Published:02.01.2013
Source:
SecurityVulns ID:12797
Type:remote
Threat Level:
5/10
Description:Crossite scripting in Web administration interface.
Affected:SONICWALL : SonicWall Email Security 7.4
Original documentdocumentVulnerability Lab, SonicWall Email Security 7.4.1.x - Persistent Web Vulnerability (02.01.2013)

Polycom HDX Video End Points crossite scripting
Published:02.01.2013
Source:
SecurityVulns ID:12798
Type:remote
Threat Level:
5/10
Description:Crossite scripting in web management interface.
Affected:POLYCOM : HDX Video End Point 2.7
 POLYCOM : HDX Video End Point 3.0
CVE:CVE-2012-4970 (Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentRustein, Fara Denise (LATCO - Buenos Aires), Polycom® HDX® Video End Points Web Management Cross Site Scripting (XSS) vulnerability (02.01.2013)

Microsoft Internet Explorer stack overflow
Published:02.01.2013
Source:
SecurityVulns ID:12799
Type:client
Threat Level:
4/10
Description:Stack overrun on malformed tags sequence.
Affected:MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
Original documentdocumentpereira_(at)_secbiz.de, Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability (02.01.2013)

VMWare vCSA/ESXi multiple security vulnerabilities
Published:02.01.2013
Source:
SecurityVulns ID:12800
Type:remote
Threat Level:
5/10
Description:Directory traversal, information leakage.
Affected:VMWARE : ESXi 4.1
 VMWARE : ESXi 4.0
 VMWARE : ESXi 5.0
 VMWARE : ESXi 3.5
 VMWARE : vCenter Server Appliance 5.0
 VMWARE : vCenter Server Appliance 5.1
 VMWARE : ESXi 5.1
CVE:CVE-2012-6325 (VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors.)
 CVE-2012-6324 (Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors.)
Original documentdocumentVMWARE, VMSA-2012-0018 VMware security updates for vCSA and ESXi (02.01.2013)

CA IdentityMinder security vulnerabilities
Published:02.01.2013
Source:
SecurityVulns ID:12801
Type:remote
Threat Level:
6/10
Description:Code execution, privilege escalation.
Affected:CA : IdentityMinder 12.0
 CA : IdentityMinder 12.5
 CA : IdentityMinder 12.6
CVE:CVE-2012-6299 (Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to bypass intended access restrictions via unknown vectors.)
 CVE-2012-6298 (Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to execute arbitrary commands or modify data via unknown vectors.)
Original documentdocumentCA, CA20121220-01: Security Notice for CA IdentityMinder (02.01.2013)

EMC Data Protection Advisor information leakage
Published:02.01.2013
Source:
SecurityVulns ID:12802
Type:remote
Threat Level:
6/10
Description:It's possible to access files remotely.
Affected:EMC : EMC Data Protection Advisor 5.8
CVE:CVE-2012-4616 (Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor (DPA) 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors.)
Original documentdocumentEMC, ESA-2012-060: EMC Data Protection Advisor Information Disclosure Vulnerability. (02.01.2013)

Siemens SIMATIC S7-1200 controllers DoS
Published:02.01.2013
Source:
SecurityVulns ID:12803
Type:remote
Threat Level:
5/10
Description:Malformed data to TCP/102 port causes device to crash.
Affected:SIEMENS : Siemens S7-1200
Original documentdocumentArne Vidstrom, DoS vulnerability in Siemens S7-1200 PLCs (02.01.2013)

Cerberus FTP Server crossite scripting
Published:02.01.2013
Source:
SecurityVulns ID:12807
Type:remote
Threat Level:
5/10
Description:Crossite scripting in administration interface.
Affected:CERBERUS : Cerberus FTP Server 5.0
CVE:CVE-2012-6339 (Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow (2) remote authenticated administrators to inject arbitrary web script or HTML via a Messages field to the servermanager program.)
Original documentdocumentKen, Multiple XSS vulnerabilities in Cerberus FTP Server <= 5.0.5.1 [CVE-2012-6339] (02.01.2013)

Firefly MediaServer DoS
Published:02.01.2013
Source:
SecurityVulns ID:12808
Type:remote
Threat Level:
5/10
Description:Crash on TCP/9999 request parsing.
Affected:FIREFLY : FireFly MediaServer 1.0
CVE:CVE-2012-5875 (Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service (NULL pointer dereference) via a (1) crafted Connection HTTP header; a return carriage control character in the (2) Accept Language header, (3) User-agent header, (4) Host header, or (5) protocol version; or a (6) crafted HTTP protocol version.)
Original documentdocumentHigh-Tech Bridge Security Research, Firefly MediaServer Multiple Remote DoS Vulnerabilities (02.01.2013)

Centrify Deployment Manager symbolic links vulnerability
updated since 09.12.2012
Published:02.01.2013
Source:
SecurityVulns ID:12762
Type:local
Threat Level:
5/10
Description:Insecure temporary files creation.
Affected:CENTRIFY : Centrify Deployment Manager 2.1
CVE:CVE-2012-6348 (Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file.)
Original documentdocumentlarry0_(at)_me.com, Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root (02.01.2013)
 documentlarry0_(at)_me.com, Centrify Deployment Manager v2.1.0.283 local root (11.12.2012)
 documentlarry0_(at)_me.com, Centrify Deployment Manager v2.1.0.283 (09.12.2012)
Files:Local root exploit for Centrify Deployment Manager

Linux kernel security vulnerabilities
updated since 02.01.2013
Published:21.01.2013
Source:
SecurityVulns ID:12804
Type:local
Threat Level:
5/10
Description:Invalid hot-added memory handling, information leakage on module loading, DoS.
Affected:LINUX : kernel 2.6
 LINUX : kernel 3.5
CVE:CVE-2012-5532 (The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669.)
 CVE-2012-5517 (The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator.)
 CVE-2012-4530 (The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.)
 CVE-2012-4461 (The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.)
Original documentdocumentUBUNTU, [USN-1696-1] Linux kernel vulnerabilities (21.01.2013)
 documentUBUNTU, [USN-1683-1] Linux kernel vulnerability (14.01.2013)
 documentUBUNTU, [USN-1677-1] Linux kernel vulnerability (02.01.2013)

EMC Avamar weak permissions
updated since 02.01.2013
Published:27.01.2013
Source:
SecurityVulns ID:12806
Type:local
Threat Level:
5/10
Description:Cache files are world writable.
CVE:CVE-2012-2291 (EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack.)
Original documentdocumentEMC, Re: EMC Avamar: World writable cache files (27.01.2013)
 documentfulldisclosure_(at)_greyhat.dk, EMC Avamar: World writable cache files (02.01.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod