Computer Security
[EN] no-pyccku

LXC directory traversal
SecurityVulns ID:14608
Threat Level:
Description:Directory traversal on lock files creation.
Affected:LXC : LXC 1.1
CVE:CVE-2015-1335 (lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.)
 CVE-2015-1334 (attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a poc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.)
 CVE-2015-1331 (lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.)
Original documentdocumentUBUNTU, [USN-2675-1] LXC vulnerabilities (27.07.2015)

libuser / userhelper security vulnerabilities
SecurityVulns ID:14609
Threat Level:
Description:Unsafe files handling, insufficient characters filtering.
CVE:CVE-2015-3246 (libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.)
 CVE-2015-3245 (Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.)
Original documentdocumentQualys Security Advisory, Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser (27.07.2015)
Files:an unusual local root exploit against CVE-2015-3245 userhelper chfn() newline filtering / CVE-2015-3246 libuser passwd file handling

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:14610
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:THAIWEB : ThaiWeb CMS 2015Q3
 XCEEDIUM : Xsuite 2.4
 WORDPRESS : Count Per Day 3.4
 CACTI : cacti 0.8
 OPENWEB : Open-Web-Analytics 1.5
 WORDPRESS : Paid Memberships Pro 1.8
 NETCRACKER : NetCracker 8.0
 KASEYA : Kaseya Virtual System Administrator 9.1
 AXIGEN : Axigen 8.0
 GETSIMPLE : GetSimpleCMS 3.3
 APACHE : Groovy 2.4
 NOVELL : GroupWise 2014
 CVE-2015-4634 (SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.)
 CVE-2015-2863 (Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before, 8.x before, 9.0 before, and 9.1 before allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.)
 CVE-2015-2862 (Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before, 8.x before, 9.0 before, and 9.1 before allows remote authenticated users to read arbitrary files via a crafted HTTP request.)
Original documentdocumentadrian.vollmer_(at), Novell GroupWise 2014 WebAccess vulnerable to XSS attacks (27.07.2015)
 documentCedric Champeau, [CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure (27.07.2015)
 documentPedro Ribeiro, [CVE-2015-2862/2863 / CERT VU#919604] Kaseya VSA arbitrary file download / open redirect (27.07.2015)
 documentlilian_iatco_(at), XSS vulnerability in OFBiz forms (27.07.2015)
 documentTim, XSS, Code Execution, DOS, Password Leak, Weak Authentication in GetSimpleCMS 3.3.5 (27.07.2015)
 documentVulnerability Lab, FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability (27.07.2015)
 documentAXIGEN, CVE-2015-5379: Axigen XSS vulnerability for html attachments (27.07.2015)
 documentapparitionsec_(at), Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities (27.07.2015)
 documentjychia.sec_(at), NetCracker Resource Management 8.0 - XSS Vulnerability (27.07.2015)
 documentjychia.sec_(at), NetCracker Resource Management 8.0 - SQL Injection Vulnerability (27.07.2015)
 documentDEBIAN, [SECURITY] [DSA 3312-1] cacti security update (27.07.2015)
 documentHigh-Tech Bridge Security Research, Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin (27.07.2015)
 documentHigh-Tech Bridge Security Research, SQL Injection in Count Per Day WordPress Plugin (27.07.2015)
 documentmodzero security, Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] (27.07.2015)
 documentVulnerability Lab, ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability (27.07.2015)
 documentDEBIAN, [SECURITY] [DSA 3314-1] typo3-src end of life (27.07.2015)
 documentapparitionsec_(at), Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878 (27.07.2015)

Cisco Videoscape Delivery System DoS
SecurityVulns ID:14611
Threat Level:
Description:It's possible to reload device with HTTP request.
Affected:CISCO : Videoscape Distribution Suite 4.0
CVE:CVE-2015-0725 (Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming (aka VDS-IS or CDS-IS) before 3.3.1 R7 and 4.x before 4.0.0 R4 allow remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug IDs CSCus79834 and CSCuu63409.)
Files: Cisco Security Advisory Cisco Videoscape Delivery System Denial of Service Vulnerability

Elastic Logstash directory traversal
updated since 14.06.2015
SecurityVulns ID:14542
Threat Level:
Description:Directory traversal in file output plugin.
Affected:ELASTIC : Logstash 1.5
 ELASTIC : Logstash 1.4
 CVE-2015-4152 (Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.)
Original documentdocumentKevin Kluge, Logstash vulnerability CVE-2015-5378 (27.07.2015)
 documentELASTIC, Logstash vulnerability CVE-2015-4152 (14.06.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod