Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:06.05.2013
Source:
SecurityVulns ID:13053
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WORDPRESS : Advanced XML Reader 0.3
 GETSIMPLE : GetSimple CMS 3.1
 B2EVOLUTION : b2evolution 4.1
 SNMPSOFT : Syslog Watcher Pro 2.8
 JOOMLA : Joomla 3.0
 ROUNDCUBE : RoundCube Webmail 0.8
 KRIMSONAV : KrisonAV CMS 3.0
 SOSCISURVEY : Sosci Survey 2.3
 MATRIX42 : Service Store 5.3
 OPENXCHANGE : Open-Xchange Server 6
 E107 : e107 1.0
 FUDFORUM : FUDforum 3.0
 SYMPHONY : Symphony 2.3
 ROYALTS : Royal TS 2.1
 ROYALTS : mRemote 1.50
 MAILORDERWORKS : MailOrderWorks 5.907
 WORDPRESS : podPress 8.8
 AWSDMS : AWS XMS 2.5
 ICINGA : icinga 1.7
 SYNCONNECT : SynConnect 2.0
 SMOKEPING : smokeping 2.6
 ZONEMINDER : zoneminder 1.25
 OPENCART : OpenCart 1.5
 APACHE : Rave 0.20
 APACHE : VCL 2.1
 APACHE : VCL 2.2
 APACHE : VCL 2.3
 VANILLAFORUMS : Vanilla Forums 2.0
 TINYWEBGALLERY : TinyWebGallery 1.8
 TYPO3 : typo3 4.5
 WORDPRESS : WordPress 3.3
 JOOMLA : Joomla 2.5
 XENFORO : XenForo 1.1
 JFORUM : jforum 2.1
 SWFUPLOAD : SWFUpload 2.2
 JWPLAYER : JW Player 5.10
 HORNBILL : Supportworks ITSM 1.0
 JPLAYER : jPlayer 2.2
 JPLAYER : jPlayer 2.3
 DOTCLEAR : Dotclear 2.4
 DOTCLEAR : Dotclear 2.5
 ZEROCLIPBOARD : ZeroClipboard 1.1
 PHPMYADMIN : phpmyadmin 3.5
 PHPMYADMIN : phpMyAdmin 4.0
CVE:CVE-2013-3242 (plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors.)
 CVE-2013-3239 (phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.)
 CVE-2013-3238 (phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature.)
 CVE-2013-2945 (SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticated administrators to execute arbitrary SQL commands via the show_statuses[] parameter. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.)
 CVE-2013-2750 (Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the query string.)
 CVE-2013-2714
 CVE-2013-2713 (Cross-site request forgery (CSRF) vulnerability in users_maint.html in KrisonAV CMS before 3.0.2 allows remote attackers to hijack the authentication of administrators for requests that create user accounts via a crafted request.)
 CVE-2013-2712 (Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter.)
 CVE-2013-2631
 CVE-2013-2594 (SQL injection vulnerability in reports/calldiary.php in Hornbill Supportworks ITSM 1.0.0 through 3.4.14 allows remote attackers to execute arbitrary SQL commands via the callref parameter.)
 CVE-2013-2582 (CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allows remote attackers to inject arbitrary HTTP headers and conduct open redirect attacks by leveraging improper sanitization of whitespace characters.)
 CVE-2013-2559 (SQL injection vulnerability in Symphony CMS before 2.3.2 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter to system/authors/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.)
 CVE-2013-2504 (Cross-site scripting (XSS) vulnerability in SPS/Portal/default.aspx in Service Desk in Matrix42 Service Store 5.3 SP3 (aka 5.33.946.0) allows remote attackers to inject arbitrary web script or HTML via the query string.)
 CVE-2013-2474
 CVE-2013-2267
 CVE-2013-1904 (Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the _value parameter for the generic_message_footer setting in a save-perf action to index.php, as exploited in the wild in March 2013.)
 CVE-2013-1843 (Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.)
 CVE-2013-1842 (SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values.")
 CVE-2013-1814 (The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.)
 CVE-2013-1420
 CVE-2013-0332 (Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter.)
 CVE-2013-0232 (includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the setDeviceStatusX10 function.)
 CVE-2012-6096 (Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable.)
 CVE-2012-0790 (Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping 2.4.2, 2.6.6, and other versions before 2.6.7 allows remote attackers to inject arbitrary web script or HTML via the displaymode parameter.)
Original documentdocumentAPACHE, Apache VCL improper input validation (06.05.2013)
 documentAPACHE, [CVE-2013-1814] Apache Rave exposes User over API (06.05.2013)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20130311-0 :: Persistent cross-site scripting in jforum (06.05.2013)
 documentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics (06.05.2013)
 documentJanek Vind, [waraxe-2013-SA#098] - Directory Traversal Vulnerabilities in OpenCart 1.5.5.1 (06.05.2013)
 documentOPENXCHANGE, Open-Xchange Security Advisory 2013-03-13 (06.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2640-1] zoneminder security update (06.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2646-1] typo3-src security update (06.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2651-1] smokeping security update (06.05.2013)
 documentbhadresh.k.patel_(at)_cyberoam.com, SynConnect PMS SQL Injection Vulnerability (06.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2653-1] icinga security update (06.05.2013)
 documentHigh-Tech Bridge Security Research, Path Traversal in AWS XMS (06.05.2013)
 documenthip_(at)_insight-labs.org, WordPress podPress Plugin XSS in SWF (06.05.2013)
 documentVulnerability Lab, MailOrderWorks v5.907 - Multiple Web Vulnerabilities (06.05.2013)
 documentJanek Vind, [waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50 (06.05.2013)
 documentJanek Vind, [waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5 (06.05.2013)
 documentHigh-Tech Bridge Security Research, SQL Injection Vulnerability in Symphony (06.05.2013)
 documentHigh-Tech Bridge Security Research, PHP Code Injection in FUDforum (06.05.2013)
 documentSimon Bieber, TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2 (06.05.2013)
 documentmschratt_(at)_mfs-enterprise.com, Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable (06.05.2013)
 documentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9 (06.05.2013)
 documentJanek Vind, [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7 (06.05.2013)
 documentOPENXCHANGE, Open-Xchange Security Advisory 2013-04-17 (06.05.2013)
 documentHigh-Tech Bridge Security Research, Multiple Vulnerabilities in KrisonAV CMS (06.05.2013)
 documentSEC Consult Vulnerability Lab, SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey (06.05.2013)
 document43z sec, CVE-2013-2504 : Matrix42 Service Desk XSS (06.05.2013)
 documentMichal Blaszczak, [SQLi] vBilling for FreeSWITCH (06.05.2013)
 documentMANDRIVA, [ MDVSA-2013:149 ] roundcubemail (06.05.2013)
 documentJanek Vind, [waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin (06.05.2013)
 documentEgidio Romano, [KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability (06.05.2013)
 documentdemonalex_(at)_163.com, Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability (06.05.2013)
 documentHigh-Tech Bridge Security Research, SQL Injection in b2evolution (06.05.2013)
 documentHigh-Tech Bridge Security Research, Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS (06.05.2013)
 documentMANDRIVA, [ MDVSA-2013:160 ] phpmyadmin (06.05.2013)
 documentadmin_(at)_elites0ft.com, WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability (06.05.2013)
 documentMustLive, Vulnerabilities in SWFUpload in multiple web applications: WordPress, Dotclear, InstantCMS, AionWeb and others (06.05.2013)
 documentMustLive, XSS vulnerabilities in ZeroClipboard and multiple web applications (06.05.2013)
 documentMustLive, XSS vulnerabilities in ZeroClipboard in multiple plugins for WordPress (06.05.2013)
 documentMustLive, XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress (06.05.2013)
 documentMustLive, XSS and CS vulnerabilities in Dotclear (06.05.2013)
 documentMustLive, Vulnerabilities in AI-Bolit (06.05.2013)
 documentMustLive, Multiple vulnerabilities in Colormix theme for WordPress (06.05.2013)
 documentMustLive, Vulnerabilities in jPlayer (06.05.2013)
 documentMustLive, Vulnerabilities in multiple plugins for WordPress with jPlayer (06.05.2013)
 documentMustLive, Vulnerabilities in multiple themes for WordPress with jPlayer (06.05.2013)
 documentresearch_(at)_reactionis.co.uk, hornbill supportworks SQL injection (06.05.2013)
 documentX-Cisadane, Site by Webrevelation SQL Injection Vulnerability (06.05.2013)
 documentMustLive, XSS vulnerability in JW Player and JW Player Pro (06.05.2013)

HP Managed Printing Administration crossite scripting
Published:06.05.2013
Source:
SecurityVulns ID:13054
Type:remote
Threat Level:
5/10
Affected:HP : Managed Printing Administration 2.6
CVE:CVE-2012-5219 (Cross-site scripting (XSS) vulnerability in HP Managed Printing Administration (MPA) before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentHP, [security bulletin] HPSBPI02868 SSRT101017 rev.1 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS) (06.05.2013)

Unauthorized access to different HP printing devices
Published:06.05.2013
Source:
SecurityVulns ID:13055
Type:remote
Threat Level:
5/10
Description:It's possible to access files.
Affected:HP : LaserJet 4250
 HP : LaserJet 4350
 HP : LaserJet 9040
 HP : Color LaserJet CP3525
 HP : LaserJet P3015
 HP : Color LaserJet CM6030
 HP : Color LaserJet CM6040
 HP : Color LaserJet CP4025
 HP : Color LaserJet CP4525
 HP : Color LaserJet CP6015
 HP : LaserJet P4014
 HP : LaserJet P4015
 HP : LaserJet P4515
 HP : Color LaserJet 3000
 HP : Color LaserJet 3800
 HP : Color LaserJet 4700
 HP : Color LaserJet 4730
 HP : Color LaserJet 5550
 HP : Color LaserJet 9500
 HP : Color LaserJet CP3505
 HP : Color LaserJet CP4005
 HP : LaserJet 4240
 HP : LaserJet 4345
 HP : LaserJet 5200
 HP : LaserJet 9050
 HP : LaserJet M3027
 HP : LaserJet M3035
 HP : LaserJet M4345
 HP : LaserJet M5025
 HP : LaserJet M5035
 HP : LaserJet M9040
 HP : LaserJet M9050
 HP : LaserJet P3005
CVE:CVE-2012-5221 (Unspecified vulnerability on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBPI02869 SSRT100936 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files (06.05.2013)

Cisco Unified Computing System multiple security vulnerabilities
Published:06.05.2013
Source:
SecurityVulns ID:13056
Type:remote
Threat Level:
8/10
Description:Buffer overflow, information leakage, authentication bypass, DoS.
Affected:CISCO : Unified Computing System 6100
 CISCO : Unified Computing System 6200
CVE:CVE-2013-1186 (Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746.)
 CVE-2013-1185 (The web interface in the Manager component in Cisco Unified Computing System (UCS) 1.x and 2.x before 2.0(2m) allows remote attackers to obtain sensitive information by reading a (1) technical-support bundle file or (2) on-device configuration backup, aka Bug ID CSCtq86543.)
 CVE-2013-1184 (The management API in the XML API management service in the Manager component in Cisco Unified Computing System (UCS) 1.x before 1.2(1b) allows remote attackers to cause a denial of service (service outage) via a malformed request, aka Bug ID CSCtg48206.)
 CVE-2013-1183 (Buffer overflow in the Intelligent Platform Management Interface (IPMI) functionality in the Manager component in Cisco Unified Computing System (UCS) 1.0 and 1.1 before 1.1(1j) and 1.2 before 1.2(1b) allows remote attackers to execute arbitrary code via malformed data in a UDP packet, aka Bug ID CSCtd32371.)
 CVE-2013-1182 (The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.)
Files:Multiple Vulnerabilities in Cisco Unified Computing System

Cisco Device Manager code execution
Published:06.05.2013
Source:
SecurityVulns ID:13057
Type:remote
Threat Level:
5/10
Description:Code execution via JAR applications.
Affected:CISCO : Cisco MDS 9000
 CISCO : Cisco Nexus 5000
CVE:CVE-2013-1192 (The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802.)
Files:Cisco Device Manager Command Execution Vulnerability

OpenText/IXOS ECM for SAP NetWeaver code exeution
Published:06.05.2013
Source:
SecurityVulns ID:13058
Type:remote
Threat Level:
6/10
Description:ABAP code injection
CVE:CVE-2013-3243 (Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors.)
Original documentdocumentESNC Security, [ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver (06.05.2013)

libarchive integer overflow
Published:06.05.2013
Source:
SecurityVulns ID:13060
Type:library
Threat Level:
5/10
Description:Integer overflow on zip file creation leads to buffer overflow.
Affected:LIBARCHIVE : libarchive 3.0
CVE:CVE-2013-0211 (Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.)
Original documentdocumentMANDRIVA, [ MDVSA-2013:147 ] libarchive (06.05.2013)

Dell EqualLogic directory traversal
Published:06.05.2013
Source:
SecurityVulns ID:13062
Type:remote
Threat Level:
4/10
Description:It's possible to access system files.
Affected:DELL : EqualLogic PS6110X
Original documentdocumentddivulnalert_(at)_ddifrontline.com, DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal (06.05.2013)

OWASP WAF protection bypass
Published:06.05.2013
Source:
SecurityVulns ID:13064
Type:remote
Threat Level:
3/10
Description:It's possible to bypass protection by using non-standard URL encodings.
Original documentdocumentsafe3q_(at)_gmail.com, Report OWASP WAF Naxsi bypass Vulnerability (06.05.2013)

Censornet Professional multiple security vulnerabilities
Published:06.05.2013
Source:
SecurityVulns ID:13065
Type:remote
Threat Level:
5/10
Description:Crossite scripting, SQL injections.
Affected:CENSORNET : Censornet Professional 4
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7) (06.05.2013)

Microsoft Antimalware privilege escalation
updated since 12.04.2013
Published:06.05.2013
Source:
SecurityVulns ID:13007
Type:local
Threat Level:
6/10
Description:It's possible to execute code with local system rights.
Affected:MICROSOFT : Windows 8
 MICROSOFT : Windows RT
CVE:CVE-2013-0078 (The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which allows local users to gain privileges via a crafted application, aka "Microsoft Antimalware Improper Pathname Vulnerability.")
Original documentdocumentStefan Kanthak, Vulnerability in Microsoft Security Essentials <v4.2 (06.05.2013)
Files:Microsoft Security Bulletin MS13-034 - Important Vulnerability in Microsoft Antimalware Client Could Allow Elevation of Privilege (2823482)

D-Link DSL-320B unauthorized access
Published:06.05.2013
Source:
SecurityVulns ID:13067
Type:remote
Threat Level:
5/10
Description:It's possible to access configuration files without authentication.
Affected:DLINK : D-Link DSL-320B
Original documentdocumentdevnull_(at)_s3cur1ty.de, Multiple Vulnerabilities in D-Link DSL-320B (06.05.2013)

Oracle Java / IBM Java protection bypass
Published:06.05.2013
Source:
SecurityVulns ID:13059
Type:library
Threat Level:
7/10
Description:Sandbox protection bypass via Reflaction API.
Affected:ORACLE : JRE 1.7
Original documentdocumentSecurity Explorations, [SE-2012-01] New security vulnerabilities and broken fixes in IBM Java (06.05.2013)
 documentSecurity Exploration, [SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE (06.05.2013)

3CX Phone outdated libraries
Published:06.05.2013
Source:
SecurityVulns ID:13068
Type:library
Threat Level:
5/10
Description:Outdated versions of OpenSSL and FFmpeg/FFdshow are used.
Affected:3CX : 3CX Phone 6
Original documentdocumentStefan Kanthak, VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6 (06.05.2013)

EMC RSA Archer multiple security vulnerabilities
Published:06.05.2013
Source:
SecurityVulns ID:13069
Type:remote
Threat Level:
6/10
Description:Code execution, crosite scripting, authorization bypass.
Affected:EMC : RSA Archer GRC 5.3
CVE:CVE-2013-0934 (EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and modify global reports via unspecified vectors.)
 CVE-2013-0933 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-0932 (EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and upload arbitrary files via unspecified vectors.)
Original documentdocumentEMC, ESA-2013-015: RSA ArcherĀ® GRC Multiple Vulnerabilities (06.05.2013)

HAProxy security vulnerabilities
updated since 06.05.2013
Published:01.07.2013
Source:
SecurityVulns ID:13061
Type:remote
Threat Level:
6/10
Description:Few memory corruptions.
Affected:HAPROXY : haproxy 1.4
 HAPROXY : haproxy 1.5
CVE:CVE-2013-2175 (HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (negative array index usage and crash) via an HTTP header with a certain number of values, related to the MAX_HDR_HISTORY variable.)
 CVE-2013-1912 (Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends to requests, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted pipelined HTTP requests that prevent request realignment from occurring.)
 CVE-2012-2942 (Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.)
Original documentdocumentUBUNTU, [USN-1889-1] HAProxy vulnerability (01.07.2013)
 documentUBUNTU, [USN-1800-1] HAProxy vulnerabilities (06.05.2013)

Security vulnerabilities in different Ruby Gems
updated since 06.05.2013
Published:12.08.2013
Source:
SecurityVulns ID:13063
Type:library
Threat Level:
5/10
Description:VUlnerabilities in different libraries.
Affected:RUBY : Ruby Gem kelredd-pruview 0.3
 RUBY : Ruby Gem ldoce 0.0
 RUBY : Ruby Gem fastreader 1.0
 RUBY : Ruby Gem ftpd 0.2
 RUBY : Ruby gem Rgpg 0.2
CVE:CVE-2013-4203 (The self.run_gpg function in lib/rgpg/gpg_helper.rb in the rgpg gem before 0.2.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.)
Original documentdocumentlarry0_(at)_me.com, Rgpg 0.2.2 Ruby Gem Remote Command Injection (12.08.2013)
 documentlarry0_(at)_me.com, Remote command execution for Ruby Gem ftpd-0.2.1 (06.05.2013)
 documentlarry0_(at)_me.com, Curl Ruby Gem Remote command execution (06.05.2013)
 documentlarry0_(at)_me.com, MiniMagic ruby gem remote code execution (06.05.2013)
 documentlarry0_(at)_me.com, Remote command execution in fastreader ruby gem (06.05.2013)
 documentlarry0_(at)_me.com, Remote command execution in Ruby Gem Command Wrap (06.05.2013)
 documentlarry0_(at)_me.com, Remote command execution in Ruby Gem ldoce 0.0.2 (06.05.2013)
 documentlarry0_(at)_me.com, Remote command injection in Ruby Gem kelredd-pruview 0.3.8 (06.05.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod