Computer Security
[EN] securityvulns.ru no-pyccku


HP System Health Application сode execution
Published:10.05.2012
Source:
SecurityVulns ID:12375
Type:remote
Threat Level:
5/10
CVE:CVE-2012-2000 (Multiple unspecified vulnerabilities in HP System Health Application and Command Line Utilities before 9.0.0 allow remote attackers to execute arbitrary code via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBMU02772 SSRT100603 rev.1 - HP System Health Application and Command Line Utilities for Linux, Remote Execution of Arbitrary Code (10.05.2012)

rssh restrictions bypass
Published:10.05.2012
Source:
SecurityVulns ID:12364
Type:local
Threat Level:
4/10
Description:It's possible to bypass restrictions by manipulating with environment variables.
Original documentdocumentDerek Martin, rssh security announcement (10.05.2012)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:10.05.2012
Source:
SecurityVulns ID:12365
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JOOMLA : Joomla 1.5
 WORDPRESS : WordPress 3.3
 SERENDIPITY : Serendipity 1.6
 ORANGEHRM : OrangeHRM 2.7
 PIVOTX : PivotX 2.3
 PLUXML : PluXml 5.1
 MICROTECHNOLOGY : Lynx Message Server 7.11
 JOOMLA : Joomla 2.5
 OPENCONF : OpenConf 4.11
 DRUPAL : Drupal 7.14
CVE:CVE-2012-2413 (Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.)
 CVE-2012-2412
 CVE-2012-2274 (Cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php in PivotX 2.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the file parameter.)
 CVE-2012-2227 (Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter.)
 CVE-2012-1507 (Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltResumeHsp.php, (2) sortOrder1 parameter to templates/hrfunct/emppop.php, or (3) uri parameter to index.php.)
 CVE-2012-1506 (SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details are obtained from third party information.)
 CVE-2012-1002 (Unspecified vulnerability in OpenConf 4.x before 4.12 has unknown impact and attack vectors.)
Original documentdocumentn0b0d13s_(at)_gmail.com, [CVE-2012-1002] OpenConf <= 4.11 (author/edit.php) Blind SQL Injection Vulnerability (10.05.2012)
 documentJanek Vind, [waraxe-2012-SA#087] - Reflected XSS in Joomla 1.5.26 "ja_purity" template (10.05.2012)
 documentJanek Vind, [waraxe-2012-SA#088] - Reflected XSS in Joomla 2.5.4 admin sysinfo page (10.05.2012)
 documentbede_(at)_foofus.net, SQL Injection and other issues in Micro Technology Services, Inc. Lynx (10.05.2012)
 documentMustLive, IAA, Redirector and XSS vulnerabilities in WordPress (10.05.2012)
 documentHigh-Tech Bridge Security Research, Local File Inclusion in PluXml (10.05.2012)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in OrangeHRM (10.05.2012)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in Pivotx (10.05.2012)
 documentsecurity_(at)_koramis.de, Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability (10.05.2012)

HP Performance Insight for Networks multiple security vulnerabilities
Published:10.05.2012
Source:
SecurityVulns ID:12366
Type:remote
Threat Level:
5/10
Description:Crossite scripting, SQL injection, privilege escalation.
Affected:HP : Performance Insight for Networks 5.41
CVE:CVE-2012-2009 (Unspecified vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to gain privileges via unknown vectors.)
 CVE-2012-2008 (Cross-site scripting (XSS) vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2012-2007 (SQL injection vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.)
Original documentdocumentHP, [security bulletin] HPSBMU02775 SSRT100853 rev.1 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation (10.05.2012)

Apple Mac OS X filevault information leakage
Published:10.05.2012
Source:
SecurityVulns ID:12367
Type:local
Threat Level:
5/10
Description:Encrypted file system password is written in cleartext to log file.
Affected:APPLE : MacOS X 10.7
Original documentdocumentDavid I. Emery, Apple Legacy filevault barn door... (10.05.2012)

VMWare privilege escalation
Published:10.05.2012
Source:
SecurityVulns ID:12368
Type:local
Threat Level:
5/10
Description:Uninitialized memory reference on guest system call processing.
Affected:VMWARE : VMware Workstation 7.1
 VMWARE : VMware Player 3.1
 VMWARE : ESXi 4.1
CVE:CVE-2012-2450 (VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS.)
 CVE-2012-2449 (VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS.)
 CVE-2012-2448 (VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via NFS traffic.)
 CVE-2012-1517 (The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving function pointers.)
 CVE-2012-1516 (The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers.)
Original documentdocumentVMWARE, VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address critical security issues (10.05.2012)
 documentds.adv.pub_(at)_gmail.com, VMware Backdoor Response Uninitialized Memory Potential VM Break (10.05.2012)
 documentds.adv.pub_(at)_gmail.com, VMware Backdoor ghi.guest.trashFolder.state Uninitialized Memory Potential VM Break (10.05.2012)

Samba file existance check
Published:10.05.2012
Source:
SecurityVulns ID:12369
Type:local
Threat Level:
3/10
Description:It's possible to check file existance by error message of mount.cifs
CVE:CVE-2012-1586 (mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.)
Original documentdocumentMANDRIVA, [ MDVSA-2012:070 ] samba (10.05.2012)

Samba privilege escalation
Published:10.05.2012
Source:
SecurityVulns ID:12370
Type:local
Threat Level:
7/10
Description:Unprivileged user can execute privileged RPC calls to modify accounts database.
Affected:SAMBA : Samba 3.3
 SAMBA : Samba 3.4
 SAMBA : Samba 3.5
CVE:CVE-2012-2111 (The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection.)
Original documentdocumentSAMBA, [ MDVSA-2012:067 ] samba (10.05.2012)

FireFox information leakage
Published:10.05.2012
Source:
SecurityVulns ID:12371
Type:local
Threat Level:
3/10
Description:DNS names for websockets requests are resolved via system DNS server instead of configured SOCKS.
Original documentdocumentoLhrrBHQeTr0EmbKwBXa_(at)_Safe-mail.net, Firefox security bug (proxy-bypass) in current Tor BBs (10.05.2012)

Android information leakage
updated since 24.04.2012
Published:10.05.2012
Source:
SecurityVulns ID:12340
Type:local
Threat Level:
3/10
Description:All local applications have unrestricted /proce access and access to SQLite journal files.
Affected:GOOGLE : Android 2.3
Original documentdocumentRoee Hay, Advisory: Android SQLite Journal Information Disclosure (CVE-2011-3901) (10.05.2012)
 documentsumanj_(at)_gmail.com, Android information leak (24.04.2012)

Lan Messenger DoS
Published:10.05.2012
Source:
SecurityVulns ID:12372
Type:remote
Threat Level:
4/10
Description:Crash on network packet parsing.
Affected:LANMESSENGER : LAN Messenger 1.2
Original documentdocumentVulnerability Lab, LAN Messenger v1.2.28 - Denial of Service Vulnerability (10.05.2012)

HP Insight Management Agents multiple security vulnerabilities
Published:10.05.2012
Source:
SecurityVulns ID:12373
Type:remote
Threat Level:
5/10
Description:Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), URL Redirection, Unauthorized Modification, Denial of Service (DoS)
CVE:CVE-2012-2006 (Unspecified vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to modify data or cause a denial of service via unknown vectors.)
 CVE-2012-2005 (Cross-site scripting (XSS) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2012-2004 (Open redirect vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.)
 CVE-2012-2003 (Cross-site request forgery (CSRF) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBMU02770 SSRT100848 rev.1 - HP Insight Management Agents for Windows Server, Remote Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), URL Redirection, Unauthorized Modification, Denial of Service (10.05.2012)

HP SNMP Agents for Linux security vulnerabilities
Published:10.05.2012
Source:
SecurityVulns ID:12374
Type:remote
Threat Level:
5/10
Description:Crossite scripting, URL redirection.
CVE:CVE-2012-2002 (Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.)
 CVE-2012-2001 (Cross-site scripting (XSS) vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentHP, HPSBMU02771 SSRT100558 rev.1 - HP SNMP Agents for Linux, Remote Cross Site Scripting (XSS), URL Redirection (10.05.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod