[FD] MSA-2016-01: PowerFolder Remote Code Execution Vulnerability

2016-05-24 Thread Advisories Advisories
Mogwai Security Advisory MSA-2016-01 -- Title: PowerFolder Remote Code Execution Vulnerability Product:PowerFolder Server Affected versions: 10.4.321 (Linux/Windows) (Other version might be also affe

[FD] LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection

2015-11-30 Thread advisories
ory URL: https://www.lsexperts.de/advisories/lse-2015-10-14.txt Advisory Status: Public CVE-Number: CVE URL: --- Impact == Enables to read and modify the HumHub Mysql Database. Issue Description = While conducting an internal software evaluation, LSE Leading Security Experts GmbH disco

[FD] LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues

2014-06-02 Thread advisories
g Security Experts GmbH employee Eric Sesterhenn Advisory URL: https://www.lsexperts.de/advisories/lse-2014-05-22.txt Advisory Status: Public CVE-Number: CVE-2014-3875, CVE-2014-3876, CVE-2014-3877 Impact == It is possible to attack user sessions and to execute JavaScript in another users browser.

[FD] LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification

2014-08-25 Thread advisories
== Vulnerability Type: Weak Pin Verification Technical Risk: high Likelihood of Exploitation: medium Vendor: Granding Vendor URL: http://www.granding.com/productdetail/46/.aspx Credits: LSE Leading Security Experts GmbH Eric Sesterhenn Advisory URL: https://www.lsexperts.de/advisories/lse-2014

[FD] Mogwai Security Advisory MSA-2014-01: ManageEngine EventLog Analyzer Multiple Vulnerabilities

2014-08-31 Thread Advisories
w privileged accounts like "guest". Advisory URL: -- https://www.mogwaisecurity.de/en/lab/advisories/ References -- [1] evilarc https://github.com/ptoomey3/evilarc

[FD] LSE Leading Security Experts GmbH - LSE-2014-06-10 - Perl CORE - Deep Recursion Stack Overflow

2014-09-25 Thread advisories
Risk: high Likelihood of Exploitation: low Vendor: Perl Vendor URL: http://www.perl.org Credits: LSE Leading Security Experts GmbH employee Markus Vervier Advisory URL: https://www.lsexperts.de/advisories/lse-2014-06-10.txt Advisory Status: Public CVE-Number: CVE-2014-4330 CVE URL: http

[FD] MSA-2014-02: Typo3 Extension dmmjobcontrol Multiple Vulnerabilities (typo3-ext-sa-2014-012)

2014-09-25 Thread Advisories
Mogwai Security Advisory MSA-2014-02 -- Title:              JobControl (dmmjobcontrol) Multiple Vulnerabilities Product:            dmmjobcontrol (Typo3 Extension) Affected versions:  2.14.0 Impact:             high Remote:       

[FD] MSA-2015-01: Wordpress Plugin Pixabay Images Multiple Vulnerabilities

2015-01-20 Thread Advisories
Mogwai Security Advisory MSA-2015-01 -- Title: WP Pixarbay Images Multiple Vulnerabilities Product:Pixarbay Images (Wordpress Plugin) Affected versions: 2.3 Impact: high Remote: yes

[FD] MSA-2015-02: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass

2015-02-03 Thread Advisories
Mogwai Security Advisory MSA-2015-02 -- Title: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass CVE-ID: CVE-2014-7883 Product:Hewlett-Packard Universal CMDB (UCMDB) Aff

[FD] MSA-2015-03: iPass Mobile Client Service Local Privilege Escalation

2015-03-12 Thread Advisories
Mogwai Security Advisory MSA-2015-03 -- Title: iPass Mobile Client service local privilege escalation Product:Hewlett-Packard Universal CMDB (UCMDB) Affected versions: iPass Mobile Client 2.4.2.1512

Re: [FD] MSA-2015-03: iPass Mobile Client Service Local Privilege Escalation

2015-03-12 Thread Advisories
Small correction (copy & paste error), sorry for that: Mogwai Security Advisory MSA-2015-03 -- Title: iPass Mobile Client service local privilege escalation Product:iPass Mobile Client Affected versions:

[FD] CVE-2017-7185 - Mongoose OS - Use-after-free / Denial of Service

2017-04-04 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/en/research/advisories/ # # # # Product: Mongoose OS # Vendor: Cesanta # CVE ID: CVE-2017-7185 # CSNC ID: CSNC

[FD] Sunell IPR54/14AKDN(II)/13 IP Camera - Stored Cross-Site Scripting

2017-05-24 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # # Product: Sunell IPR54/14AKDN(II)/13 [1] # Vendor: Shenzhen Sunell Technology

[FD] Sunell IPR54/14AKDN(II)/13 IP Camera - Reflected Cross-Site Scripting

2017-05-24 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # # Product: Sunell IPCAMERA IPR54/14AKDN(II)/13 [1] # Vendor: Shenzhen Sunell

[FD] Sunell IPR54/14AKDN(II)/13 IP Camera - Session ID Enumeration

2017-05-24 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # # Product: Sunell IPCAMERA IPR54/14AKDN(II)/13 [1] # Vendor: Shenzhen Sunell

[FD] QuantaStor Software Define Storage mmultiple vulnerabilities

2017-08-15 Thread advisories
1. --- Advisory details --- Title: QuantaStor Software Define Storage mmultiple vulnerabilities Advisory ID: VVVSEC-2017-6943 Advisory URL: http://www.vvvsecurity.com/advisories/vvvsecurity-advisory-2017-6943.txt Date published: 12/08/2017 CVEs: CVE-2017-9978 "Brute force

[FD] CSNC-2017-023: Buffer Overflow in Mongoose MQTT Broker

2017-09-21 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/en/research/advisories/ # # # # Product: Mongoose Embedded Web Server Library

[FD] [CORE-2010-0010] - D-Link Central WiFiManager Software Controller Multiple

2018-10-04 Thread advisories
://www.coresecurity.com/advisories/d-link-central-wifimanager-software-controller-multiple-vulnerabilities Date published: 2018-10-04 Date of last update: 2018-10-04 Vendors contacted: D-Link Release mode: Coordinated release 2. *Vulnerability Information* Class: Unrestricted Upload of File with

[FD] [CORE-2018-0005] - ASRock Drivers Elevation of Privilege Vulnerabilities

2018-10-26 Thread advisories
SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ ASRock Drivers Elevation of Privilege Vulnerabilities 1. *Advisory Information* Title: ASRock Drivers Elevation of Privilege Vulnerabilities Advisory ID: CORE-2018-0005 Advisory URL: https://www.secureauth.com/labs/advisories

[FD] [CORE-2018-0011] - Cisco WebEx Meetings Elevation of Privilege Vulnerability

2018-11-27 Thread advisories
/advisories/cisco-webex-meetings-elevation-privilege-vulnerability Date published: 2018-11-27 Date of last update: 2018-11-27 Vendors contacted: Cisco Release mode: Coordinated release 2. *Vulnerability Information* Class: OS command injection [CWE-78] Impact: Code execution Remotely Exploitable: No

[FD] [CORE-2017-0012] - ASUS Drivers Elevation of Privilege Vulnerabilities

2018-12-21 Thread advisories
SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ ASUS Drivers Elevation of Privilege Vulnerabilities *1. *Advisory Information** Title: ASUS Drivers Elevation of Privilege Vulnerabilities Advisory ID: CORE-2017-0012 Advisory URL: http://www.secureauth.com/labs/advisories/asus

[FD] [CORE-2018-0007] - GIGABYTE Driver Elevation of Privilege Vulnerabilities

2018-12-21 Thread advisories
SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ GIGABYTE Drivers Elevation of Privilege Vulnerabilities *1. *Advisory Information** Title: GIGABYTE Drivers Elevation of Privilege Vulnerabilities Advisory ID: CORE-2018-0007 Advisory URL: http://www.secureauth.com/labs/advisories

[FD] [SAUTH-2019-0001] - Micro Focus Filr Multiple Vulnerabilities

2019-02-21 Thread advisories
SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ Micro Focus Filr Multiple Vulnerabilities 1. *Advisory Information* Title: Micro Focus Filr Multiple Vulnerabilities Advisory ID: SAUTH-2019-0001 Advisory URL: https://www.secureauth.com/labs/advisories/micro-focus-filr-multiple

[FD] [CORE-2018-0012] - Cisco WebEx Meetings Elevation of Privilege Vulnerability Version 2

2019-03-01 Thread advisories
://www.secureauth.com/labs/advisories/cisco-webex-meetings-elevation-privilege-vulnerability-version-2 Date published: 2019-02-27 Date of last update: 2019-02-27 Vendors contacted: Cisco Release mode: Coordinated release 2. *Vulnerability Information* Class: OS command injection [CWE-78] Impact: Code execution

[FD] CVE-2020-1113 - Windows Task Scheduler - Security Feature Bypass

2020-05-15 Thread Advisories
# # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # Product: Windows Task Scheduler # Vendor

[FD] CVE-2019-19935 - DOM XSS in Froala WYSIWYG HTML Editor

2020-07-03 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # # Product: Froala WYSIWYG HTML Editor # Vendor: Froala # CSNC ID: CSNC-2020-004

[FD] CSNC-2020-005 - Checkmk Local Privilege Escalation

2020-10-02 Thread Advisories
# # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # Product: Checkmk # Vendor: tribe29 GmbH

[FD] CVE-2020-12676 - FusionAuth SAML v2.0 bindings in Java using JAXB - Signature Exclusion Attack

2020-10-02 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # # Product: SAML v2.0 bindings in Java using JAXB # Vendor: FusionAuth # CSNC ID

[FD] CVE-2021-3145: Biometric Authentication Bypass in Ionic Identity Vault

2021-09-07 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # # Product: Identity Vault # Vendor: Ionic # CSNC ID: CSNC-2021-001 # CVE ID

[FD] openvpn-monitor Authorization Bypass

2021-09-24 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # # Product: openvpn-monitor # Vendor: https://github.com/furlongm/openvpn-monitor

[FD] openvpn-monitor OpenVPN Management Socket Command Injection

2021-09-24 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # # Product: openvpn-monitor # Vendor: https://github.com/furlongm/openvpn-monitor

[FD] openvpn-monitor Cross-Site Request Forgery (CSRF)

2021-09-24 Thread Advisories
# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # # # # Product: openvpn-monitor # Vendor: https://github.com/furlongm/openvpn-monitor

[FD] CVE-2015-5076 - Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine

2015-09-25 Thread Portcullis Advisories
/contacts/controllers/ContactsController.php:581: echo $_POST['id']; An attacker could create a malicious link with the following URL: http://localhost/x2engine/index.php/profile/getEvents?lastEventId=&lastTimestamp=1408631575&profileId=3&myProfileId=3 Further details at: h

[FD] CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine

2015-09-25 Thread Portcullis Advisories
; However, there is another common (not present in regexp) that allow PHP execution: .PHT. It is therefore possible to execute any PHP code on the remote system. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-5074/ Copyright: Co

[FD] CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine

2015-09-25 Thread Portcullis Advisories
implemented, resulting in an attacker being able to able to force the creation of a new administrative account. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-5075/ Copyright: Copyright (c) Portcullis Computer Security Limited

[FD] CVE-2015-7724 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver

2015-10-29 Thread Portcullis Advisories
/security-research-and-downloads/security-advisories/cve-2015-7724/ Copyright: Copyright (c) Portcullis Computer Security Limited 2015, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way

[FD] CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver

2015-10-29 Thread Portcullis Advisories
fchmod(). This can be useful if the symlink target already exists: mov $0x1b6,%esi ; $esi (mode) = 0666 mov %eax,%edi callq 209058 Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-7723/ Copyright: Copyright (c) Portcullis

[FD] Security Advisories

2016-02-03 Thread Portcullis Advisories
amples of how this attack might be performed, and the it is believed that both the `old' and `new' web applications are systemically vulnerable to this. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisori

[FD] Redaxo CMS contains multiple vulnerabilities

2016-02-16 Thread LSE-Advisories
://www.redaxo.org/ Tested version: Redaxo CMS v5.0.0 Credits: LSE Leading Security Experts GmbH employee Tim Herres Advisory URL: https://www.lsexperts.de/advisories/lse-2016-01-18.txt Advisory Status: Public CVE-Number: na Impact == Redaxo is an easy to use open source content management system. A user can

[FD] LSE Leading Security Experts GmbH - LSE-2016-01-01 - Wordpress ProjectTheme - Multiple Vulnerabilities

2016-03-08 Thread LSE-Advisories
Technical Risk: high Likelihood of Exploitation: low Vendor: http://sitemile.com/ Credits: LSE Leading Security Experts GmbH employee Tim Herres Advisory: https://www.lsexperts.de/advisories/lse-2016-01-01.txt Advisory Status: public CVE-Number: [NA yet] Problem Impact == During an

[FD] LSE Leading Security Experts GmbH - LSE-2016-02-03 - OXID eShop Path Traversal Vulnerability

2016-05-03 Thread LSE-Advisories
://www.lsexperts.de/advisories/lse-2016-02-03.txt Advisory Status: Public CVE-Number: NA CVE URL: NA OVE-ID:OVE-20160419-0002 OVI-ID:OVI-2016-7988 CWE-ID: CWE-22 CVSS 2.0: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N) Impact == A missing file path validation allows an authenticated user with permission to add or edit

[FD] [FOXMOLE SA 2016-07-20] Lupusec XT1 Alarm System - Multiple Issues

2016-10-28 Thread FOXMOLE Advisories
Dilger, Tim Herres, Sascha Kettler Advisory URL: https://www.foxmole.com/advisories/foxmole-2016-07-20.txt Advisory Status: Private CVE-Number: NA CVE URL: NA OVE-ID: OVE-20160808-0001 OVI-ID: NA CWE-ID: CWE-671 CVSS 2.0: 7.9 (AV:A/AC:M/Au:N/C:C/I:C/A:C) Impact == The system uses an unencrypted

[FD] [FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues

2016-12-01 Thread FOXMOLE Advisories
== Vulnerability Type: Multiple Vulnerabilities Technical Risk: medium Likelihood of Exploitation: medium Vendor: e107 Vendor URL: http://www.e107.org Credits: FOXMOLE employee Tim Herres Advisory URL: https://www.foxmole.com/advisories/foxmole-2016-05-02.txt Advisory Status: Public CVE-Number: NA

[FD] [FOXMOLE SA 2016-07-05] ZoneMinder - Multiple Issues

2017-02-02 Thread FOXMOLE Advisories
Site Scripting, Session Fixation, No CSRF Protection Technical Risk: high Likelihood of Exploitation: medium Vendor: Zoneminder Vendor URL: https://zoneminder.com/ Credits: FOXMOLE employee Tim Herres Advisory URL: https://www.foxmole.com/advisories/foxmole-2016-07-05.txt Advisory Status: Public

[FD] CVE-2014-2384 - Invalid Pointer Dereference in VMware Workstation and Player

2014-04-11 Thread Portcullis Advisories
oads/security-advisories/cve-2014-2384/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consen

[FD] CVE-2013-6216 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in multiple HP products on Linux

2014-04-14 Thread Portcullis Advisories
runs with privileges that the attacker does not have. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2013-6216/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is

[FD] CVE-2014-2591 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in BMC Patrol for AIX

2014-04-14 Thread Portcullis Advisories
, leading to privilege escalation in instances where the program runs with privileges that the attacker does not have. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2591/ Copyright: Copyright (c) Portcullis Computer Security

[FD] CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server

2014-04-16 Thread Portcullis Advisories
access violation inside the kernel address space when the input buffer is too big, because the vulnerable function will attempt to read outside the module itself. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2597

[FD] CVE-2014-2383 - Arbitrary file read in dompdf

2014-04-23 Thread Portcullis Advisories
le=php://filter/read=convert.base64-encode/resource= Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2383/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is

[FD] CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive

2014-04-23 Thread Portcullis Advisories
identified by entering "timelive default credentials" into the Google Internet search engine. At time of writing the URL was revealed by the first result returned by Google. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve

[FD] CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive

2014-04-23 Thread Portcullis Advisories
ng the TimeLive application run "TaskMgr" 9. Browse to http://MyTimeLiveURL/Uploads/1/1/run-cacl.aspx 10. Observe "calc.exe" running as "NETWORK_SERVICE" in the Task manager Note: Depending on the configuration of the TimeLive application used for testing it may be ne

[FD] CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211

2014-05-13 Thread Portcullis Advisories
/security-research-and-downloads/security-advisories/cve-2014-2046/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without

[FD] CVE-2014-3449 - Insufficient ACLs in BSS Continuity CMS

2014-05-20 Thread Portcullis Advisories
unauthenticated users: /wcm/system/pages/newui/admin.aspx Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3449/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide

[FD] CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS

2014-05-20 Thread Portcullis Advisories
-downloads/security-advisories/cve-2014-3448/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written

[FD] CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS

2014-05-20 Thread Portcullis Advisories
'fix paths' script, which attempts to connect to every node in the system and reiterate its properties via database update function. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3447/ Copyright: Copyright (c)

[FD] CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS

2014-05-20 Thread Portcullis Advisories
-and-downloads/security-advisories/cve-2014-3446/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express

[FD] CVE-2014-3450 - Privilege Escalation in Panda Security

2014-05-20 Thread Portcullis Advisories
Security 2014 v19.01.01 Panda AV Pro 2014 v13.01.01 Hotfixes for these products have been released. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3450/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights

[FD] CVE-2014-3445 - Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages

2014-05-27 Thread Portcullis Advisories
n the administrators password and gain further control over the site. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide

[FD] CVE-2014-0907 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2

2014-06-03 Thread Portcullis Advisories
'/db2/db2gpp/sqllib/adm/db2iclean' SUIDFILELS='-r-sr-x--- 1 root dbgppadm 23157 25 May 2013 /db2/db2gpp/sqllib/adm/db2iclean' RPATH='.' RPATHRELATIVE=yes RPATHLS=N/A RAPTHEXISTS=N/A ISBAD=yes SUIDFILE='/hpadmin/swrepo/sqllib/adm/db2iclean' SUIDFILELS='-r

[FD] CVE-2014-3977 - Privilege Escalation in IBM AIX

2014-06-11 Thread Portcullis Advisories
rking directory to the target file under hoping that the link will be added after the check has been made that ODMTRACE0 does not exist. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3977/ Copyright: Copyright (c)

[FD] CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014

2014-06-25 Thread Portcullis Advisories
example, a pointer to another function of the same module could be used through another IOCTL, if that pointer is stored to a known address such as in the range of the driver module itself. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve

[FD] CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux)

2014-06-25 Thread Portcullis Advisories
newListList:ExcludeFilesystems newListList:ExcludeMountPaths http://localhost:8081/notification/configure text:EmailServer newListList:Email Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2385/ Copyright: Copyright (c

[FD] CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX

2014-07-08 Thread Portcullis Advisories
MALLOCBUCKETS su - In instances where the output file exists, then the report_allocations output will be appended to the existing file and the permissions preserved. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3074/ Copyright

[FD] CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall

2014-08-04 Thread Portcullis Advisories
er details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is

[FD] CVE-2014-4973 - Privilege Escalation in ESET Windows Products

2014-08-20 Thread Portcullis Advisories
m/security-research-and-downloads/security-advisories/cve-2014-4973/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way w

[FD] CVE-2014-5307 - Privilege Escalation in Panda Security Products

2014-08-20 Thread Portcullis Advisories
resident without touching the disk later. All Panda Security products using the faulty driver were found to be vulnerable. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5307/ Copyright: Copyright (c) Portcullis Computer

[FD] Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw

2014-09-18 Thread VSR Advisories
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Advisory Name: Apple Foundation NSXMLParser XML eXternal Entity (XXE) Fl

[FD] CVE-2014-6389 - Remote Command Execution in PHPCompta/NOALYSS

2014-10-01 Thread Portcullis Advisories
ortcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6389/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or

[FD] CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink

2014-10-01 Thread Portcullis Advisories
oit aforementioned SQL injections without prior knowledge of the authentication details.' Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5308/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights

[FD] CVE-2014-4974 - Kernel Memory Leak in ESET Multiple Windows Products

2014-10-28 Thread Portcullis Advisories
-research-and-downloads/security-advisories/cve-2014-4974/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the

[FD] CVE-2014-7176 - Authenticated Blind SQL Injection in Enalean Tuleap

2014-10-28 Thread Portcullis Advisories
position to access '/plugins/docman/' URN. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7176/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is here

[FD] CVE-2014-7177 - External XML Entity Injection in Enalean Tuleap

2014-10-28 Thread Portcullis Advisories
bug -12077103611061 Content-Disposition: form-data; name="Create" Créer -12077103611061-- 2) The server will respond giving back a 'tracker number' in the response. The response contain link to specific "tracker"

[FD] CVE-2014-7178 - Remote Command Execution in Enalean Tuleap

2014-10-28 Thread Portcullis Advisories
details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7178/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this informatio

[FD] CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP

2014-10-30 Thread Portcullis Advisories
login%0Atomcat:x:91:91:Apache%20Tomcat:/usr/share/tomcat:/sbin/nologin%0Antp:x:38:38::/etc/ntp:/sbin/nologin%0Anamed:x:25:25:Named:/var/named:/bin/false%0A HTTP/1.1" 200 - 0.0013 Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2

[FD] CVE-2014-6033 - XML External Entity Injection in F5 Networks Big-IP

2014-10-30 Thread Portcullis Advisories
ecurity.com/security-research-and-downloads/security-advisories/cve-2014-6033/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altere

[FD] CVE-2014-5387 - Multiple Authenticated SQL Injections in EllisLab ExpressionEngine Core

2014-11-03 Thread Portcullis Advisories
9522964 Content-Disposition: form-data; name="allow_comments" y -317032379522964 Content-Disposition: form-data; name="pages__pages_uri" /asd -317032379522964 Content-Disposition: form-data; name="pages__pages_template_id&quo

[FD] CVE-2014-2382 - Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise

2014-11-19 Thread Portcullis Advisories
full mathematical expression [ESI+EAX*4+38] and as such we have full control over the EIP redirection. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2382/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014

[FD] CVE-2014-8600 - Insufficient Input Validation By IO Slaves In KDE e.V. KDE

2014-11-19 Thread Portcullis Advisories
"$proto://hhdhdhhdhdhdh.google.com/\">alert(\"$proto\"+document.domain);" done Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8600/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All righ

[FD] CVE-2014-2630 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in Compaq/Hewlett Packard Glance for Linux

2014-11-19 Thread Portcullis Advisories
in/xglance-bin' RPATH='-L/lib64' RPATHRELATIVE=yes RPATHLS=N/A RAPTHEXISTS=N/A ISBAD=yes Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2630/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All

[FD] CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM

2014-11-19 Thread Portcullis Advisories
/liste.php?search_code=5&search_societe=5&search_ligne=5&search_bon=5&button_search.x=1&button_search.y=1 http://[IP]/dolibarr/compta/prelevement/liste.php?search_code=5&search_societe=5&search_ligne=5&search_bon=5&button_search.x=1&button_search.y=1 http://[

[FD] CVE-2014-5462 - Multiple Authenticated SQL Injections In OpenEMR

2014-12-05 Thread Portcullis Advisories
00-00+00%3a00%3a00&i2effective_date=-00-00&i2subscriber_DOB=-00-00&i2subscriber_postal_code=SW1A+1AA&form_genericname2=asdasd&form_genericname1=asasd&i1group_number=5&i2subscriber_mname=boom&i2accept_assignment=FALSE&i1subscriber_em ployer=5&i3sub

[FD] CVE-2014-8608 - Null Pointer Dereference In K7 Computing Multiple Products [K7Sentry.sys]

2014-12-10 Thread Portcullis Advisories
6 je K7Sentry+0xc7e1 (b9d087e1) b9d087db 8935 mov dword ptr ds:[0],esi - if found write esi to [0] leading to system crash Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8608/ Copyright: Copyright (c) Portcullis Computer Sec

[FD] CVE-2014-8956 - Privilege Escalation In K7 Computing Multiple Products [K7Sentry.sys]

2014-12-10 Thread Portcullis Advisories
that we fully control and overwrite other data and function pointers used by other functions. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8956/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All righ

[FD] CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]

2014-12-10 Thread Portcullis Advisories
and-downloads/security-advisories/cve-2014-7136/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the expr

[FD] CVE-2014-5370 - Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet

2015-04-17 Thread Portcullis Advisories
/security-advisories/cve-2014-5370/ Copyright: Copyright (c) Portcullis Computer Security Limited 2015, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent

[FD] CVE-2015-4425 - Directory Traversal/Configuration Update In Pimcore CMS

2015-07-13 Thread Portcullis Advisories
mission to overwrite system configuration files via exploiting a directory traversal vulnerability. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-4425/ Copyright: Copyright (c) Portcullis Computer Security Limited 2015,

[FD] CVE-2015-4426 - SQL Injection In Pimcore CMS

2015-07-13 Thread Portcullis Advisories
the 'assets' privilege. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-4426/ Copyright: Copyright (c) Portcullis Computer Security Limited 2015, All rights reserved worldwide. Permission is hereby granted for the

[FD] CVE-2015-3621 - Privilege Escalation In SAP ECC

2015-07-13 Thread Portcullis Advisories
compiled in manner that means they searched for libraries in insecure locations. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-3621/ Copyright: Copyright (c) Portcullis Computer Security Limited 2015, All rights reserved

[FD] CVE-2015-3449 - Weak File Permissions In SAP Afaria XeService.exe

2015-07-13 Thread Portcullis Advisories
weak default permissions that granted read and write permissions to the Everyone group to the install folder. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-3449/ Copyright: Copyright (c) Portcullis Computer Security Limited

[FD] CVE-2015-1438 - Arbitrary Code Execution [PSKMAD.sys] In Panda Security - Multiple Products

2015-07-13 Thread Portcullis Advisories
more precision, and control the EIP via a hijacked function pointer. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-1438/ Copyright: Copyright (c) Portcullis Computer Security Limited 2015, All rights reserved worldwide. Permi

[FD] [FOXMOLE SA 2017-01-25] inoERP - Multiple Issues

2017-03-27 Thread FOXMOLE Advisories
Request Forgery, Session Fixation Technical Risk: critical Likelihood of Exploitation: medium Vendor: inoERP Vendor URL: http://inoideas.org/ / https://github.com/inoerp/inoERP Credits: FOXMOLE employee Tim Herres Advisory URL: https://www.foxmole.com/advisories/foxmole-2017-01-25.txt Advisory

[FD] [FOXMOLE SA 2017-02-23] Dolibarr ERP & CRM - Multiple Issues

2017-05-10 Thread FOXMOLE Advisories
Hash Algorithm without Salt, Weak Password Change Method Technical Risk: critical Likelihood of Exploitation: medium Vendor: Dolibarr Vendor URL: https://www.dolibarr.org/ Credits: FOXMOLE employees Tim Herres and Stefan Pietsch Advisory URL: https://www.foxmole.com/advisories/foxmole-2017-02-23

[FD] Bomgar Remote Support - Local Privilege Escalation (CVE-2017-5996)

2017-10-27 Thread VSR Advisories
: CVE-2017-5996     Reference: https://www.vsecurity.com/download/advisories/20171026-1.txt =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Product Description ~-~ From Bomgar's website [1]: "The fastest, most secure way for experts to

[FD] [SAUTH-2019-0002] - Pydio 8 Multiple Vulnerabilities

2019-03-29 Thread SecureAuth Advisories
SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ Pydio 8 Multiple Vulnerabilities 1. *Advisory Information* Title: Pydio 8 Multiple Vulnerabilities Advisory ID: SAUTH-2019-0002 Advisory URL: https://www.secureauth.com/labs/advisories/pydio-8-multiple-vulnerabilities Date

[FD] [CSA-2021-001] Cross-Site Request Forgery in Apache MyFaces

2021-02-19 Thread Certitude - Advisories
~ ~Ceritude Securiy Advisory - CSA-2021-001 ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ PRODUCT : Apache MyFaces VENDOR : The Apache

[FD] [CSA-2021-002] DP API ineffective in Windows containers

2021-03-16 Thread Certitude - Advisories
reduces the potential use-cases of DP API with containers. References -- https://certitude.consulting/blog/en/windows-docker-dp-api-vulnerability-cve-2021-1645/ https://certitude.consulting/advisories/CSA_2021_002_Windows_Docker_DP_API_Design_Vulnerability.md.txt https://msrc.microsoft.co

[FD] [CSA-2021-003] Remote Code Execution in GridPro Request Management for Windows Azure Pack

2021-10-22 Thread Certitude - Advisories
~ ~Certitude Securtiy Advisory - CSA-2021-003 ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ PRODUCT : GridPro Request Management for Windows Azure

[FD] [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities

2015-09-01 Thread CORE Advisories Team
1. Advisory Information Title: FortiClient Antivirus Multiple Vulnerabilities Advisory ID: CORE-2015-0013 Advisory URL: http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities Date published: 2015-09-01 Date of last update: 2015-09-01 Vendors contacted: Fortinet

[FD] [CORE-2015-0014] - Microsoft Windows Media Center link file incorrectly resolved reference

2015-12-09 Thread CORE Advisories Team
1. Advisory Information Title: Microsoft Windows Media Center link file incorrectly resolved reference Advisory ID: CORE-2015-0014 Advisory URL: http://www.coresecurity.com/advisories/microsoft-windows-media-center-link-file-incorrectly-resolved-reference Date published: 2015-12-08 Date of last

[FD] [CVE-2014-3260] Crypto implementation flaws in Pacom GMS System

2015-12-09 Thread XPD Advisories Team
ure Policy: https://xpd.se/advisories/xpd-disclosure-policy-01.txt Permanent URL: https://xpd.se/advisories/XPD-2015-001.txt = Summary: The Pacom 1000 CCU and controllers (RTU) is used in security alarm installations all over

  1   2   >