[FD] Security Advisories

2016-02-03 Thread Portcullis Advisories
Vulnerability title: Multiple Instances Of Cross-site Scripting In Viprinet Multichannel VPN Router 300 CVE: CVE-2014-2045 Vendor: Viprinet Product: Multichannel VPN Router 300 Affected version: 2013070830/2013080900 Fixed version: 2014013131/2014020702 Reported by: Tim Brown Details: Th

[FD] CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver

2015-10-29 Thread Portcullis Advisories
Vulnerability title: Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver CVE: CVE-2015-7723 Vendor: AMD Product: fglrx-driver Affected version: 14.4.2 Fixed version: 15.7 Reported by: Tim Brown Details: It has been identified that the user

[FD] CVE-2015-7724 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver

2015-10-29 Thread Portcullis Advisories
Vulnerability title: Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver CVE: CVE-2015-7724 Vendor: AMD Product: fglrx-driver Affected version: 15.7 Fixed version: 15.9 Reported by: Tim Brown Details: In the process of validating the fix f

[FD] CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine

2015-09-25 Thread Portcullis Advisories
Vulnerability title: Cross-Site Request Forgery In X2Engine Inc. X2Engine CVE: CVE-2015-5075 Vendor: X2Engine Inc. Product: X2Engine Affected version: 4.2 Fixed version: 5.2 Reported by: Simone Quatrini Details: It was discovered that no protection against Cross-site Request Forgery attacks was i

[FD] CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine

2015-09-25 Thread Portcullis Advisories
Vulnerability title: Arbitrary File Upload In X2Engine Inc. X2Engine CVE: CVE-2015-5074 Vendor: X2Engine Inc. Product: X2Engine Affected version: 4.2 Fixed version: 5.2 Reported by: Simone Quatrini Details: It was discovered that authenticated users were able to upload files of any type providing

[FD] CVE-2015-5076 - Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine

2015-09-25 Thread Portcullis Advisories
Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine CVE: CVE-2015-5076 Vendor: X2Engine Inc. Product: X2Engine Affected version: 4.2 Fixed version: 5.2 Reported by: Simone Quatrini Details: It was discovered that the web application was vulnerable to reflective Cross-Site Scripting wher

[FD] CVE-2015-1438 - Arbitrary Code Execution [PSKMAD.sys] In Panda Security - Multiple Products

2015-07-13 Thread Portcullis Advisories
Vulnerability title: Arbitrary Code Execution [PSKMAD.sys] In Panda Security - Multiple Products CVE: CVE-2015-1438 Vendor: Panda Security Product: Multiple Products Affected version: 1.0.0.13 Fixed version: 15.1.0 Reported by: Kyriakos Economou Details: Panda Kernel Memory Access Driver doesn't

[FD] CVE-2015-3449 - Weak File Permissions In SAP Afaria XeService.exe

2015-07-13 Thread Portcullis Advisories
Vulnerability title: Weak File Permissions In SAP Afaria XeService.exe CVE: CVE-2015-3449 Vendor: SAP Product: Afaria XeService.exe Affected version: 7.0.6398.0 Fixed version: Latest Reported by: Russ Spooner Details: It was identified that the Afaria Windows client software was installed with we

[FD] CVE-2015-3621 - Privilege Escalation In SAP ECC

2015-07-13 Thread Portcullis Advisories
Vulnerability title: Privilege Escalation In SAP ECC CVE: CVE-2015-3621 Vendor: SAP Product: ECC Affected version: Unknown Fixed version: Latest Reported by: Tim Brown Details: It has been identified that binaries that are executed with elevated privileges (SetGID and SetUID programs) have been c

[FD] CVE-2015-4426 - SQL Injection In Pimcore CMS

2015-07-13 Thread Portcullis Advisories
Vulnerability title: SQL Injection In Pimcore CMS CVE: CVE-2015-4426 Vendor: Pimcore Product: Pimcore CMS Affected version: Build 3450 Fixed version: Build 3473 Reported by: Josh Foote Details: It was possible to inject arbitrary SQL into the application provided an administrative account with th

[FD] CVE-2015-4425 - Directory Traversal/Configuration Update In Pimcore CMS

2015-07-13 Thread Portcullis Advisories
Vulnerability title: Directory Traversal/Configuration Update In Pimcore CMS CVE: CVE-2015-4425 Vendor: Pimcore Product: Pimcore CMS Affected version: Build 3450 Fixed version: Build 3473 Reported by: Josh Foote Details: It is possible for an administrative user with the 'assets' permission to ov

[FD] CVE-2014-5370 - Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet

2015-04-17 Thread Portcullis Advisories
Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version: 7.1.1.18527 Reported by: Mike Westmacott Details: The CFChart servlet of BlueD

[FD] CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]

2014-12-10 Thread Portcullis Advisories
Vulnerability title: Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys] CVE: CVE-2014-7136 Vendor: K7 Computing Product: Multiple Products [K7FWFilt.sys] Affected version: Earlier and including 11.0.1.5 Fixed version: 14.0.1.16 Reported by: Kyriakos Economou Details: Latest, an

[FD] CVE-2014-8956 - Privilege Escalation In K7 Computing Multiple Products [K7Sentry.sys]

2014-12-10 Thread Portcullis Advisories
Vulnerability title: Privilege Escalation In K7 Computing Multiple Products [K7Sentry.sys] CVE: CVE-2014-8956 Vendor: K7 Computing Product: Multiple Products [K7Sentry.sys] Affected version: 12.8.0.110 Fixed version: 12.8.0.119 Reported by: Kyriakos Economou Details: Latest, and possibly earlier

[FD] CVE-2014-8608 - Null Pointer Dereference In K7 Computing Multiple Products [K7Sentry.sys]

2014-12-10 Thread Portcullis Advisories
Vulnerability title: Null Pointer Dereference In K7 Computing Multiple Products [K7Sentry.sys] CVE: CVE-2014-8608 Vendor: K7 Computing Product: Multiple Products [K7Sentry.sys] Affected version: 12.8.0.104 Fixed version: 12.8.0.119 Reported by: Kyriakos Economou Details: Latest and possibly earli

[FD] CVE-2014-5462 - Multiple Authenticated SQL Injections In OpenEMR

2014-12-05 Thread Portcullis Advisories
Vulnerability title: Multiple Authenticated SQL Injections In OpenEMR CVE: CVE-2014-5462 Vendor: OpenEMR Product: OpenEMR Affected version: 4.1.2(7) and earlier Fixed version: N/A Reported by: Jerzy Kramarz Details: SQL injection has been found and confirmed within the software as an authenticate

[FD] CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM

2014-11-19 Thread Portcullis Advisories
Vulnerability title: Multiple SQL Injections in Dolibarr ERP & CRM CVE: CVE-2014-7137 Vendor: Dolibarr ERP & CRM Product: Dolibarr ERP & CRM Affected version: 3.5.3 Fixed version: 3.6.1 Reported by: Jerzy Kramarz Details: SQL injection has been found and confirmed within the software as an authe

[FD] CVE-2014-2630 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in Compaq/Hewlett Packard Glance for Linux

2014-11-19 Thread Portcullis Advisories
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in Compaq/Hewlett Packard Glance for Linux CVE: CVE-2014-2630 Vendor: Compaq/Hewlett Packard Product: Glance for Linux Affected version: 11.00 and subsequent Fixed version: HPSBMU03086 rev.3 Reported by: Tim

[FD] CVE-2014-8600 - Insufficient Input Validation By IO Slaves In KDE e.V. KDE

2014-11-19 Thread Portcullis Advisories
Vulnerability title: Insufficient Input Validation By IO Slaves In KDE e.V. KDE CVE: CVE-2014-8600 Vendor: KDE e.V. Product: KDE Affected version: kwebkitpart <= 1.3.4, kde-runtime <= 4.14.3, kio-extras <= 5.1.1 Fixed version: Contact distribution vendor Reported by: T. Brown and D. Burton Details

[FD] CVE-2014-2382 - Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise

2014-11-19 Thread Portcullis Advisories
Vulnerability title: Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise CVE: CVE-2014-2382 Vendor: Faronics Product: Deep Freeze Standard and Enterprise Affected version: Before and including v8.10 Fixed version: N/A Reported by: Kyriakos Economou Details: The latest, and ea

[FD] CVE-2014-5387 - Multiple Authenticated SQL Injections in EllisLab ExpressionEngine Core

2014-11-03 Thread Portcullis Advisories
Vulnerability title: Multiple Authenticated SQL Injections in EllisLab ExpressionEngine Core CVE: CVE-2014-5387 Vendor: EllisLab Product: ExpressionEngine Core Affected version: Versions earlier than 2.9.0 Fixed version: 2.9.1 Reported by: Jerzy Kramarz and Alex Murillo Moya Details: SQL inject

[FD] CVE-2014-6033 - XML External Entity Injection in F5 Networks Big-IP

2014-10-30 Thread Portcullis Advisories
Vulnerability title: XML External Entity Injection in F5 Networks Big-IP CVE: CVE-2014-6033 Vendor: F5 Networks Product: Big-IP Affected version: 11.3.0.39.0 Fixed version: N/A Reported by: Oliver Gruskovnjak Details: F5 Networks Big-IP is vulnerable to an XML External Entity injection attack. T

[FD] CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP

2014-10-30 Thread Portcullis Advisories
Vulnerability title: XML External Entity Injection in F5 Networks Big-IP CVE: CVE-2014-6032 Vendor: F5 Networks Product: Big-IP Affected version: 11.3.0.39.0 Fixed version: N/A Reported by: Oliver Gruskovnjak Details: F5 Networks Big-IP is vulnerable to an XML External Entity injection attack. T

[FD] CVE-2014-7178 - Remote Command Execution in Enalean Tuleap

2014-10-28 Thread Portcullis Advisories
Vulnerability title: Tuleap <= 7.4.99.5 Remote Command Execution in Enalean Tuleap CVE: CVE-2014-7178 Vendor: Enalean Product: Tuleap Affected version: 7.4.99.5 and earlier Fixed version: 7.5 Reported by: Jerzy Kramarz Details: Tuleap does not validate the syntax of the requests submitted to SVN

[FD] CVE-2014-7177 - External XML Entity Injection in Enalean Tuleap

2014-10-28 Thread Portcullis Advisories
Vulnerability title: Tuleap <= 7.2 External XML Entity Injection in Enalean Tuleap CVE: CVE-2014-7177 Vendor: Enalean Product: Tuleap Affected version: 7.2 and earlier Fixed version: 7.4.99.5 Reported by: Jerzy Kramarz Details: A multiple XML External Entity Injection has been found and confirme

[FD] CVE-2014-7176 - Authenticated Blind SQL Injection in Enalean Tuleap

2014-10-28 Thread Portcullis Advisories
Vulnerability title: Tuleap <= 7.4.99.5 Authenticated Blind SQL Injection in Enalean Tuleap CVE: CVE-2014-7176 Vendor: Enalean Product: Tuleap Affected version: 7.4.99.5 and earlier Fixed version: 7.5 Reported by: Jerzy Kramarz Details: SQL injection has been found and confirmed within the softw

[FD] CVE-2014-4974 - Kernel Memory Leak in ESET Multiple Windows Products

2014-10-28 Thread Portcullis Advisories
Vulnerability title: Kernel Memory Leak in ESET Multiple Windows Products CVE: CVE-2014-4974 Vendor: ESET Product: Multiple Windows Products Affected version: 5.0 - 7.0 Fixed version: Build 1212 Reported by: Kyriakos Economou Details: The latest, and earlier versions, of ESET Smart Security and E

[FD] CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink

2014-10-01 Thread Portcullis Advisories
Vulnerability title: Multiple SQL Injection Vulnerabilities in TestLink CVE: CVE-2014-5308 Vendor: Testlink Product: TestLink Affected version: 1.9.11 Fixed version: Fixed in SVN commit number 7a09973 Reported by: Jerzy Kramarz Details: Two SQL injection vulnerabilities have been found and confir

[FD] CVE-2014-6389 - Remote Command Execution in PHPCompta/NOALYSS

2014-10-01 Thread Portcullis Advisories
Vulnerability title: Remote Command Execution in PHPCompta/NOALYSS CVE: CVE-2014-6389 Vendor: PHPCompta Product: PHPCompta/NOALYSS Affected version: 6.7.1 5638 Fixed version: 6.7.2 Reported by: Jerzy Kramarz Details: PhpCompta 6.7.1-2 does not validate the syntax of the commands when processing

[FD] CVE-2014-5307 - Privilege Escalation in Panda Security Products

2014-08-20 Thread Portcullis Advisories
Vulnerability title: Privilege Escalation in Panda Security CVE: CVE-2014-5307 Vendor: Panda Security Product: Multiple Affected version: Panda 2014 Products Fixed version: Hotfix hft131306s24_r1 Reported by: Kyriakos Economou Details: Latest, and possibly earlier builds, of the PavTPK.sys kernel

[FD] CVE-2014-4973 - Privilege Escalation in ESET Windows Products

2014-08-20 Thread Portcullis Advisories
Vulnerability title: Privilege Escalation in ESET Windows Products CVE: CVE-2014-4973 Vendor: ESET Product: ESET Windows Products Affected version: v5.0 - 7.0 (Firewall Module Build 1183 (20140214) and earlier) Fixed version: v6 - v7 (Firewall Module Build 1212 (20140609)) Reported by: Kyriakos Eco

[FD] CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall

2014-08-04 Thread Portcullis Advisories
Vulnerability title: Authentication Bypass in Barracuda Web Application Firewall CVE: CVE-2014-2595 Vendor: Barracuda Product: Web Application Firewall Affected version: Firmware v7.8.1.013 Fixed version: N/A Reported by: Nick Hayes Details: It is possible to re-use a link which includes a non-ex

[FD] CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX

2014-07-08 Thread Portcullis Advisories
Vulnerability title: Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX CVE: CVE-2014-3074 Vendor: IBM Product: AIX Affected version: AIX 6.1 and 7.1 and VIOS 2.2.* Reported by: Tim Brown Details: It has been identified that the runtime linker allows privilege escalati

[FD] CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux)

2014-06-25 Thread Portcullis Advisories
Vulnerability title: Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) CVE: CVE-2014-2385 Vendor: Sophos Product: Antivirus Affected version: 9.5.1 Fixed version: 9.6.1 Reported by: Pablo Catalina Details: The Configuration Console of Sophos Antivirus 9.5.1 (Linux) d

[FD] CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014

2014-06-25 Thread Portcullis Advisories
Vulnerability title: Arbitrary Code Execution in G Data TotalProtection 2014 CVE: CVE-2014-3752 Vendor: G Data Product: TotalProtection 2014 Affected version: v24.0.2.1 Fixed version: N/A Reported by: Kyriakos Economou Details: G Data TotalProtection 2014 v24.0.2.1 and possibly earlier versions a

[FD] CVE-2014-3977 - Privilege Escalation in IBM AIX

2014-06-11 Thread Portcullis Advisories
Vulnerability title: Privilege Escalation in IBM AIX CVE: CVE-2014-3977 Vendor: IBM Product: AIX Affected version: 6.1.8 and later Fixed version: N/A Reported by: Tim Brown Details: It has been identified that libodm allows privilege escalation via arbitrary file writes with elevated privileges (

[FD] CVE-2014-0907 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2

2014-06-03 Thread Portcullis Advisories
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2 CVE: CVE-2014-0907 Vendor: IBM Product: DB2 Affected version: V9.1, V9.5, V9.7, V10.1 and V10.5 Fixed version: V9.7 FP9a, V10.1 FP3a, V10.1 FP4 and V10.5 FP3a Reported by: Tim Brown Details: It ha

[FD] CVE-2014-3445 - Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages

2014-05-27 Thread Portcullis Advisories
Vulnerability title: Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages CVE: CVE-2014-3445 Vendor: HandsomeWeb Product: SOS Webpages Affected version: 1.1.11 and earlier Fixed version: 1.1.12 Reported by: Freakyclown Details: The default setup allows an unauthenticated use

[FD] CVE-2014-3450 - Privilege Escalation in Panda Security

2014-05-20 Thread Portcullis Advisories
Vulnerability title: Privilege Escalation in Panda Security CVE: CVE-2014-3450 Vendor: Panda Product: Security Affected version: See below Fixed version: See below Reported by: Kyriakos Economou Details: All users of the following (and possibly earlier) versions of Panda security products for Win

[FD] CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS

2014-05-20 Thread Portcullis Advisories
Vulnerability title: Unauthenticated Blind SQL Injection in BSS Continuity CMS CVE: CVE-2014-3446 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: he following URL and parameters have been confirmed to suffer from Blind SQL i

[FD] CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS

2014-05-20 Thread Portcullis Advisories
Vulnerability title: Remote Denial Of Service in BSS Continuity CMS CVE: CVE-2014-3447 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: By repeatedly calling node enumeration script, a remote unauthenticated attacker can over

[FD] CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS

2014-05-20 Thread Portcullis Advisories
Vulnerability title: Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS CVE: CVE-2014-3448 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: The ASPX executable which is responsible for handling file u

[FD] CVE-2014-3449 - Insufficient ACLs in BSS Continuity CMS

2014-05-20 Thread Portcullis Advisories
Vulnerability title: Insufficient ACLs in BSS Continuity CMS CVE: CVE-2014-3449 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: 4.2.22640.0 Hotfix Reported by: Jerzy Kramarz Details: The following URL was found to expose the administrative interface of the CMS to

[FD] CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211

2014-05-13 Thread Portcullis Advisories
Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A Reported by: Jerzy Kramarz Details: By sending a crafted PO

[FD] CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive

2014-04-23 Thread Portcullis Advisories
Vulnerability title: Unrestricted file upload in Livetecs Timelive CVE: CVE-2014-2042 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.5.1 Reported by: Richard Hatch Details: It was discovered that it was possible for low-level TimeLive application users to upload files

[FD] CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive

2014-04-23 Thread Portcullis Advisories
Vulnerability title: Unauthenticated access to sensitive information and functionality in Livetecs Timelive CVE: CVE-2014-1217 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.2.8 Reported by: Richard Hatch Details: It was possible to access a URL that allowed unauthent

[FD] CVE-2014-2383 - Arbitrary file read in dompdf

2014-04-23 Thread Portcullis Advisories
Vulnerability title: Arbitrary file read in dompdf CVE: CVE-2014-2383 Vendor: dompdf Product: dompdf Affected version: v0.6.0 Fixed version: v0.6.1 (partial fix) Reported by: Alejo Murillo Moyas Details: An arbitrary file read vulnerability is present on dompdf.php file that allows remote or local

[FD] CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server

2014-04-16 Thread Portcullis Advisories
Vulnerability title: Denial of Service in PCNetSoftware RAC Server CVE: CVE-2014-2597 Vendor: PCNetSoftware Product: RAC Server Affected version: 4.0.4, 4.0.5 Fixed version: N/A Reported by: Kyriakos Economou Details: Latest and possibly earlier versions of RAC Server software are vulnerable to lo

[FD] CVE-2014-2591 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in BMC Patrol for AIX

2014-04-14 Thread Portcullis Advisories
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in BMC Patrol for AIX CVE: CVE-2014-2591 Vendor: BMC Product: Patrol for AIX Affected version: 3.9.00 Fixed version: N/A Reported by: Tim Brown Details: It has been identified that binaries that are executed

[FD] CVE-2013-6216 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in multiple HP products on Linux

2014-04-14 Thread Portcullis Advisories
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in HP Array Configuration Utility, HP Array Diagnostics Utility, HP ProLiant Array Diagnostics and SmartSSD Wear Gauge Utility Running on Linux CVE: CVE-2013-6216 Vendor: HP Product: HP Array Configuration Uti

[FD] CVE-2014-2384 - Invalid Pointer Dereference in VMware Workstation and Player

2014-04-11 Thread Portcullis Advisories
Vulnerability title: Invalid Pointer Dereference in VMware Workstation and Player CVE: CVE-2014-2384 Vendor: VMware Product: Workstation, Player Affected version: VMware WorkStation v10.0.1 build-1379776 and VMware Player v6.0.1 build-1379776 Fixed version: N/A Reported by: Kyriakos Economou Detai