Computer Security
[EN] securityvulns.ru no-pyccku


perl-Module-Signature content spoofing
updated since 05.05.2015
Published:12.05.2015
Source:
SecurityVulns ID:14444
Type:library
Threat Level:
5/10
Description:Unsigned content can be interpreted as a signed.
Affected:PERL : perl-Module-Signature 0.730
CVE:CVE-2015-3409 (Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.)
 CVE-2015-3408 (Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.)
 CVE-2015-3407 (Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files.)
 CVE-2015-3406
Original documentdocumentUBUNTU, [USN-2607-1] Module::Signature vulnerabilities (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:207 ] perl-Module-Signature (05.05.2015)

Fortinet FortiAnalyzer and FortiManager crossite scripting
Published:12.05.2015
Source:
SecurityVulns ID:14476
Type:remote
Threat Level:
5/10
Description:Crossite scripting in web interface.
Affected:FORTINET : FortiManager 5.2
 FORTINET : FortiAnalyzer 5.2
CVE:CVE-2015-3620 (Cross-site scripting (XSS) vulnerability in the advanced dataset reports page in Fortinet FortiAnalyzer 5.0.0 through 5.0.10 and 5.2.0 through 5.2.1 and FortiManager 5.0.3 through 5.0.10 and 5.2.0 through 5.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentVulnerability Lab, Fortinet FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Vulnerability (12.05.2015)

NetworkManager directory traversal
Published:12.05.2015
Source:
SecurityVulns ID:14477
Type:local
Threat Level:
5/10
Description:File access on modem device handling.
Affected:UBUNTU : Ubuntu network-manager 0.9
CVE:CVE-2015-1322 (Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or ready arbitrary files via a .. (dot dot) in the file name in a request to read modem device contexts (com.canonical.NMOfono.ReadImsiContexts).)
Original documentdocumentUBUNTU, [USN-2581-1] NetworkManager vulnerability (12.05.2015)

Open-Xchange crossite scripting
Published:12.05.2015
Source:
SecurityVulns ID:14478
Type:client
Threat Level:
5/10
Description:Crossite scripting via attachment.
Affected:OPENXCHANGE : Open-Xchange 7.6
CVE:CVE-2015-1588
Original documentdocumentOPENXCHANGE, Open-Xchange Security Advisory 2015-04-27 (12.05.2015)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:12.05.2015
Source:
SecurityVulns ID:14479
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:ENCAPS : Encaps PHP/Flash Gallery 2.3
 MANAGEENGINE : Manage Engine Firewall Analyzer 8.3
 MANAGEENGINE : Manage Engine Event Log Analyzer 10
 WOLFCMS : Wolf CMS 0.8
 LANDESK : Landesk Management Suite 9.5
 GLPI : GLPI 0.84
 ZEND : ZendFramework 1.12
 MANAGEENGINE : Manage Engine Desktop Central 9
 ATLASSIAN : Comalatech Comala Workflows 4.6
 GOAUTODIAL : GoAutoDial 3.3
 PHPTRAFFICA : phpTrafficA 2.3
 APACHE : Flex 4.14
 MEDIAWIKI : MediaWiki 1.24
 PHPMYADMIN : phpmyadmin 4.3
 APACHE : Cassandra 2.1
 MARKUPFIELDS : django-markupfield 1.3
 LYCHEE : Lechee 2.7
 MOVABLETYPE : MovableType 5.1
 DRUPAL : drupal 7.34
 EGROUPWARE : eGroupware 1.8
 WSO2 : WSO2 Identity Server 5.0
CVE:CVE-2015-2940 (Cross-site request forgery (CSRF) vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors.)
 CVE-2015-2939 (Cross-site scripting (XSS) vulnerability in the Scribunto extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a function name, which is not properly handled in a Lua error backtrace.)
 CVE-2015-2938 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a custom JavaScript file, which is not properly handled when previewing the file.)
 CVE-2015-2937 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM or Zend PHP, allows remote attackers to cause a denial of service ("quadratic blowup" and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, a different vulnerability than CVE-2015-2942.)
 CVE-2015-2936 (MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing, allows remote attackers to cause a denial of service (CPU consumption) via a long password.)
 CVE-2015-2935 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to bypass the SVG filtering and obtain sensitive user information via a mixed case @import in a style element in an SVG file, as demonstrated by "@imporT.")
 CVE-2015-2934 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 does not properly handle when the Zend interpreter xml_parse function does not expand entities, which allows remote attackers to inject arbitrary web script or HTML via a crafted SVG file.)
 CVE-2015-2933 (Cross-site scripting (XSS) vulnerability in the Html class in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a LanguageConverter substitution string when using a language variant.)
 CVE-2015-2932 (Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an animated href XLink element.)
 CVE-2015-2931 (Incomplete blacklist vulnerability in includes/upload/UploadBase.php in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an application/xml MIME type for a nested SVG with a data: URI.)
 CVE-2015-2845 (The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.)
 CVE-2015-2844 (The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1420434000 allows remote attackers to execute arbitrary commands via the $action portion of the PATH_INFO.)
 CVE-2015-2843 (Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the (1) user_name or (2) user_pass parameter in go_login.php or the PATH_INFO to (3) go_login/validate_credentials/admin/ or (4) index.php/go_site/go_get_user_info/.)
 CVE-2015-2842 (Unrestricted file upload vulnerability in go_audiostore.php in the audiostore (Voice Files) upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in sounds/.)
 CVE-2015-2781 (Cross-site scripting (XSS) vulnerability in cgi-bin/hotspotlogin.cgi in Hotspot Express hotEx Billing Manager 73 allows remote attackers to inject arbitrary web script or HTML via the reply parameter.)
 CVE-2015-2750
 CVE-2015-2749
 CVE-2015-2690
 CVE-2015-2560
 CVE-2015-2559 (Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL.)
 CVE-2015-2206 (libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.)
 CVE-2015-2172 (DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permission for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API.)
 CVE-2015-1773 (Cross-site scripting (XSS) vulnerability in asdoc/templates/index.html in Apache Flex before 4.14.1 allows remote attackers to inject arbitrary web script or HTML by providing a crafted URI to JavaScript code generated by the asdoc component.)
 CVE-2015-0845 (Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related to localization of templates.)
 CVE-2015-0225 (The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.)
 CVE-2014-9258 (SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.)
 CVE-2014-9253 (The default file type whitelist configuration in conf/mime.conf in the Media Manager in DokuWiki before 2014-09-29b allows remote attackers to execute arbitrary web script or HTML by uploading an SWF file, then accessing it via the media parameter to lib/exe/fetch.php.)
 CVE-2014-8764 (DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind.)
 CVE-2014-8763 (DokuWiki before 2014-05-05b, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a password starting with a null (\0) character and a valid user name, which triggers an unauthenticated bind.)
 CVE-2014-8762 (The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter.)
 CVE-2014-8761 (inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call.)
 CVE-2014-8360 (Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .._ (dot dot underscore) in an item type to the getItemForItemtype, as demonstrated by the itemtype parameter in ajax/common.tabs.php.)
 CVE-2014-8089
 CVE-2014-5362
 CVE-2014-5361 (Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk Management Suite 9.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) start, (2) stop, or (3) restart services via a request to remote/serverServices.aspx.)
 CVE-2014-5032 (GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.)
 CVE-2014-5022 (Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field.)
 CVE-2014-5021 (Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label.)
 CVE-2014-5020 (The File module in Drupal 7.x before 7.29 does not properly check permissions to view files, which allows remote authenticated users with certain permissions to bypass intended restrictions and read files by attaching the file to content with a file field.)
 CVE-2014-5019 (The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause a denial of service via a crafted HTTP Host header, related to determining which configuration file to use.)
 CVE-2014-4914
 CVE-2014-3704 (The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.)
 CVE-2014-2983 (Drupal 6.x before 6.31 and 7.x before 7.27 does not properly isolate the cached data of different anonymous users, which allows remote anonymous users to obtain sensitive interim form input information in opportunistic situations via unspecified vectors.)
 CVE-2014-2685 (The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote attackers to bypass authentication by leveraging an assertion from an OpenID provider.)
 CVE-2014-2684 (The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 does not verify that the openid_op_endpoint value identifies the same Identity Provider as the provider used in the association handle, which allows remote attackers to bypass authentication and spoof arbitrary OpenID identities by using a malicious OpenID Provider that generates OpenID tokens with arbitrary identifier and claimed_id values.)
 CVE-2014-2683 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0 allow remote attackers to cause a denial of service (CPU consumption) via (1) recursive or (2) circular references in an XML entity definition in an XML DOCTYPE declaration, aka an XML Entity Expansion (XEE) attack. NOTE: this issue exists because of an incomplete fix for CVE-2012-6532.)
 CVE-2014-2682 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0, when PHP-FPM is used, does not properly share the libxml_disable_entity_loader setting between threads, which might allow remote attackers to conduct XML External Entity (XXE) attacks via an XML external entity declaration in conjunction with an entity reference. NOTE: this issue exists because of an incomplete fix for CVE-2012-5657.)
 CVE-2014-2681 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and memory consumption) via an XML External Entity (XXE) attack. NOTE: this issue exists because of an incomplete fix for CVE-2012-5657.)
 CVE-2014-2027 (eGroupware before 1.8.006.20140217 allows remote attackers to conduct PHP object injection attacks, delete arbitrary files, and possibly execute arbitrary code via the (1) addr_fields or (2) trans parameter to addressbook/csv_import.php, (3) cal_fields or (4) trans parameter to calendar/csv_import.php, (5) info_fields or (6) trans parameter to csv_import.php in (a) projectmanager/ or (b) infolog/, or (7) processed parameter to preferences/inc/class.uiaclprefs.inc.php.)
Original documentdocumentUBUNTU, [USN-2558-1] Mailman vulnerability (12.05.2015)
 documentBartlomiej Balcerek, WSO2 Identity Server multiple vulnerabilities (12.05.2015)
 documentMANDRIVA, Manage Engine Desktop Central 9 - CVE-2015-2560 - Unauthorised administrative password reset (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:087 ] egroupware (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:097 ] php-ZendFramework (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:167 ] glpi (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:181 ] drupal (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:185 ] dokuwiki (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:186 ] phpmyadmin (12.05.2015)
 documentAPACHE, [SECURITY ANNOUNCEMENT] CVE-2015-0225 (12.05.2015)
 documentbhadresh.patel_(at)_helpag.com, HotExBilling Manager Cross-site scripting (XSS) vulnerability (12.05.2015)
 documentAPACHE, CVE-2015-1773 Apache Flex reflected XSS vulnerability (12.05.2015)
 documentSecurify B.V., Reflected Cross-Site Scripting vulnerability in asdoc generated documentation (12.05.2015)
 documentSecurify B.V., Reflected Cross-Site Scripting vulnerability in asdoc generated documentation (12.05.2015)
 documentDaniel Geerts, [CVE-2015-2926] XSS vuln in phpTrafficA (12.05.2015)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20150409-0 :: Multiple XSS & XSRF vulnerabilities in Comalatech Comala Workflows (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:200 ] mediawiki (12.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3227-1] movabletype-opensource security update (12.05.2015)
 documentalex_haynes_(at)_outlook.com, [CVE-2014-5361][CVE-2014-5362]Landesk Management Suite RFI & CSRF Security Vulnerabilities (12.05.2015)
 documentprathan.ptr_(at)_gmail.com, Wolf CMS 0.8.2 Arbitrary File Upload Vulnerability (12.05.2015)
 documentFilippo Cavallarin, Lychee 2.7.1 remote code execution (12.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3230-1] django-markupfield security update (12.05.2015)
 documentJouko Pynnonen, Google Analytics by Yoast stored XSS #2 (12.05.2015)
 documentroot_(at)_localhost.com, GoAutoDial 3.3 multiple vulnerabilities (12.05.2015)
 documentkkulkarni_(at)_controlcase.com, Reflected XSS Vulnerability In Manage Engine Firewall Analyzer (12.05.2015)
 documentHigh-Tech Bridge Security Research, Multiple Cross-Site Scripting (XSS) in FreePBX (12.05.2015)
 documentZoRLu Bugrahan, Avsarsoft Matbaa Script - Multiple Vulnerabilities (12.05.2015)
 documentZoRLu Bugrahan, Encaps PHP/Flash Gallery 2.3.22s Database Puffing Up Exploit (12.05.2015)

Battle of Wesnoth directory traversal
Published:12.05.2015
Source:
SecurityVulns ID:14480
Type:client
Threat Level:
5/10
Description:Directory traversal on maps loading.
Affected:WESNOTH : Battle for Wesnoth 1.12
CVE:CVE-2015-0844 (The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3218-1] wesnoth-1.10 security update (12.05.2015)

EMC Documentum xCelerated Management System information disclosure
Published:12.05.2015
Source:
SecurityVulns ID:14481
Type:remote
Threat Level:
5/10
Description:Service password is stored in .bat file.
Affected:EMC : Documentum xCelerated Management System 1.1
CVE:CVE-2015-0527 (EMC Documentum xCelerated Management System (xMS) 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform (xCP) provisioning, which allows local users to obtain sensitive information by reading a file.)
Original documentdocumentEMC, ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability (12.05.2015)

EMC Isilon OneFS privilege escalation
Published:12.05.2015
Source:
SecurityVulns ID:14482
Type:local
Threat Level:
5/10
Description:Local files access.
Affected:EMC : Isilon OneFS 7.1
CVE:CVE-2015-0528 (The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7.1.0 before 7.1.0.6, 7.1.1 before 7.1.1.2, and 7.2.0 before 7.2.0.1 allows local users to gain privileges by leveraging an ability to modify system files.)
Original documentdocumentEMC, ESA-2015-049: EMC Isilon OneFS Privilege Escalation Vulnerability (12.05.2015)

GoAhead Web Server security vulnerabilities
Published:12.05.2015
Source:
SecurityVulns ID:14483
Type:remote
Threat Level:
6/10
Description:Directory traversal, buffer overflow.
Affected:EMBEDTHIS : GoAhead 3.4
CVE:CVE-2014-9707 (EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path segments starting with a . (dot), which allows remote attackers to conduct directory traversal attacks, cause a denial of service (heap-based buffer overflow and crash), or possibly execute arbitrary code via a crafted URI.)
Original documentdocumentMatthew Daley, Advisory: CVE-2014-9707: GoAhead Web Server 3.0.0 - 3.4.1 (12.05.2015)

Appweb web server DoS
Published:12.05.2015
Source:
SecurityVulns ID:14484
Type:remote
Threat Level:
5/10
Description:NULL poiinter dereference on Range: header parsing.
Affected:EMBEDTHIS : Appweb 5.2
CVE:CVE-2014-9708 (Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".)
Original documentdocumentMatthew Daley, Advisory: CVE-2014-9708: Appweb Web Server (12.05.2015)

Palo Alto Traps Server XSS
Published:12.05.2015
Source:
SecurityVulns ID:14485
Type:remote
Threat Level:
5/10
Description:Stored XSS in logs.
Affected:PALOALTO : Traps Server 3.1
CVE:CVE-2015-2223 (Multiple cross-site scripting (XSS) vulnerabilities in Palo Alto Networks Traps (formerly Cyvera Endpoint Protection) 3.1.2.1546 allow remote attackers to inject arbitrary web script or HTML via the (1) Arguments, (2) FileName, or (3) URL parameter in a SOAP request.)
Original documentdocumentmichael.hendrickx_(at)_helpag.com, CVE-2015-2223: Palo Alto Traps Server Stored XSS (12.05.2015)

Novell ZenWorks Configuration Management code execution
Published:12.05.2015
Source:
SecurityVulns ID:14486
Type:remote
Threat Level:
6/10
Description:Code execution via web interface.
Affected:NOVELL : ZENworks Configuration Management 11.3
CVE:CVE-2015-0779 (Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323 and CVE-2010-5324.)
Original documentdocumentPedro Ribeiro, [CVE-2015-0779]: Novell ZenWorks Configuration Management remote code execution (12.05.2015)

mercurial code execution
Published:12.05.2015
Source:
SecurityVulns ID:14487
Type:remote
Threat Level:
6/10
Description:Code injection via clone command.
Affected:MERCURIAL : Mercurial 3.2
CVE:CVE-2014-9462 (The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3257-1] mercurial security update (12.05.2015)

quassel SQL injection
Published:12.05.2015
Source:
SecurityVulns ID:14488
Type:remote
Threat Level:
6/10
Description:SQL injection via messages.
Affected:QUASSEL : Quassel IRC 0.9
CVE:CVE-2015-3427 (Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422.)
 CVE-2013-4422 (SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3258-1] quassel security update (12.05.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod