Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:27.07.2015
Source:
SecurityVulns ID:14610
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:AXIGEN : Axigen 8.0
 GETSIMPLE : GetSimpleCMS 3.3
 APACHE : Groovy 2.4
 NOVELL : GroupWise 2014
 THAIWEB : ThaiWeb CMS 2015Q3
 XCEEDIUM : Xsuite 2.4
 WORDPRESS : Count Per Day 3.4
 CACTI : cacti 0.8
 OPENWEB : Open-Web-Analytics 1.5
 NETCRACKER : NetCracker 8.0
 KASEYA : Kaseya Virtual System Administrator 9.1
 WORDPRESS : Paid Memberships Pro 1.8
CVE:CVE-2015-5533
 CVE-2015-5532
 CVE-2015-5379
 CVE-2015-4669
 CVE-2015-4664
 CVE-2015-4634 (SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.)
 CVE-2015-3423
 CVE-2015-2878
 CVE-2015-2863 (Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.)
 CVE-2015-2862 (Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request.)
 CVE-2015-2207
Original documentdocumentadrian.vollmer_(at)_syss.de, Novell GroupWise 2014 WebAccess vulnerable to XSS attacks (27.07.2015)
 documentCedric Champeau, [CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure (27.07.2015)
 documentPedro Ribeiro, [CVE-2015-2862/2863 / CERT VU#919604] Kaseya VSA arbitrary file download / open redirect (27.07.2015)
 documentlilian_iatco_(at)_yahoo.com, XSS vulnerability in OFBiz forms (27.07.2015)
 documentTim, XSS, Code Execution, DOS, Password Leak, Weak Authentication in GetSimpleCMS 3.3.5 (27.07.2015)
 documentVulnerability Lab, FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability (27.07.2015)
 documentAXIGEN, CVE-2015-5379: Axigen XSS vulnerability for html attachments (27.07.2015)
 documentapparitionsec_(at)_gmail.com, Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities (27.07.2015)
 documentjychia.sec_(at)_gmail.com, NetCracker Resource Management 8.0 - XSS Vulnerability (27.07.2015)
 documentjychia.sec_(at)_gmail.com, NetCracker Resource Management 8.0 - SQL Injection Vulnerability (27.07.2015)
 documentDEBIAN, [SECURITY] [DSA 3312-1] cacti security update (27.07.2015)
 documentHigh-Tech Bridge Security Research, Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin (27.07.2015)
 documentHigh-Tech Bridge Security Research, SQL Injection in Count Per Day WordPress Plugin (27.07.2015)
 documentmodzero security, Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] (27.07.2015)
 documentVulnerability Lab, ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability (27.07.2015)
 documentDEBIAN, [SECURITY] [DSA 3314-1] typo3-src end of life (27.07.2015)
 documentapparitionsec_(at)_gmail.com, Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878 (27.07.2015)

libuser / userhelper security vulnerabilities
Published:27.07.2015
Source:
SecurityVulns ID:14609
Type:library
Threat Level:
5/10
Description:Unsafe files handling, insufficient characters filtering.
CVE:CVE-2015-3246 (libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.)
 CVE-2015-3245 (Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.)
Original documentdocumentQualys Security Advisory, Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser (27.07.2015)
Files:an unusual local root exploit against CVE-2015-3245 userhelper chfn() newline filtering / CVE-2015-3246 libuser passwd file handling

Cisco Videoscape Delivery System DoS
Published:27.07.2015
Source:
SecurityVulns ID:14611
Type:remote
Threat Level:
5/10
Description:It's possible to reload device with HTTP request.
Affected:CISCO : Videoscape Distribution Suite 4.0
CVE:CVE-2015-0725 (Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming (aka VDS-IS or CDS-IS) before 3.3.1 R7 and 4.x before 4.0.0 R4 allow remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug IDs CSCus79834 and CSCuu63409.)
Files: Cisco Security Advisory Cisco Videoscape Delivery System Denial of Service Vulnerability

LXC directory traversal
Published:27.07.2015
Source:
SecurityVulns ID:14608
Type:local
Threat Level:
5/10
Description:Directory traversal on lock files creation.
Affected:LXC : LXC 1.1
CVE:CVE-2015-1335 (lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.)
 CVE-2015-1334 (attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a poc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.)
 CVE-2015-1331 (lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.)
Original documentdocumentUBUNTU, [USN-2675-1] LXC vulnerabilities (27.07.2015)

Elastic Logstash directory traversal
updated since 14.06.2015
Published:27.07.2015
Source:
SecurityVulns ID:14542
Type:remote
Threat Level:
5/10
Description:Directory traversal in file output plugin.
Affected:ELASTIC : Logstash 1.4
 ELASTIC : Logstash 1.5
CVE:CVE-2015-5378
 CVE-2015-4152 (Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.)
Original documentdocumentKevin Kluge, Logstash vulnerability CVE-2015-5378 (27.07.2015)
 documentELASTIC, Logstash vulnerability CVE-2015-4152 (14.06.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod