Информационная безопасность
[RU] switch to English


Подмена содержимого в perl-Module-Signature
дополнено с 5 мая 2015 г.
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14444
Тип:библиотека
Уровень опасности:
5/10
Описание:Неподписанное содержимое может быть интерпретировано как подписанное.
Затронутые продукты:PERL : perl-Module-Signature 0.730
CVE:CVE-2015-3409 (Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.)
 CVE-2015-3408 (Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.)
 CVE-2015-3407 (Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files.)
 CVE-2015-3406
Оригинальный текстdocumentUBUNTU, [USN-2607-1] Module::Signature vulnerabilities (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:207 ] perl-Module-Signature (05.05.2015)

Межсайтовый скриптинг в Fortinet FortiAnalyzer и FortiManager
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14476
Тип:удаленная
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг в Web-интерфейсе.
Затронутые продукты:FORTINET : FortiManager 5.2
 FORTINET : FortiAnalyzer 5.2
CVE:CVE-2015-3620 (Cross-site scripting (XSS) vulnerability in the advanced dataset reports page in Fortinet FortiAnalyzer 5.0.0 through 5.0.10 and 5.2.0 through 5.2.1 and FortiManager 5.0.3 through 5.0.10 and 5.2.0 through 5.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Оригинальный текстdocumentVulnerability Lab, Fortinet FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Vulnerability (12.05.2015)

Обратный путь в каталогах NetworkManager
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14477
Тип:локальная
Уровень опасности:
5/10
Описание:Доступ к файлам при работе с устройством модема.
Затронутые продукты:UBUNTU : Ubuntu network-manager 0.9
CVE:CVE-2015-1322 (Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or ready arbitrary files via a .. (dot dot) in the file name in a request to read modem device contexts (com.canonical.NMOfono.ReadImsiContexts).)
Оригинальный текстdocumentUBUNTU, [USN-2581-1] NetworkManager vulnerability (12.05.2015)

Межсайтовый скриптинг в Open-Xchange
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14478
Тип:клиент
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг через вложения электронной почты.
Затронутые продукты:OPENXCHANGE : Open-Xchange 7.6
CVE:CVE-2015-1588
Оригинальный текстdocumentOPENXCHANGE, Open-Xchange Security Advisory 2015-04-27 (12.05.2015)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14479
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:ENCAPS : Encaps PHP/Flash Gallery 2.3
 MANAGEENGINE : Manage Engine Firewall Analyzer 8.3
 MANAGEENGINE : Manage Engine Event Log Analyzer 10
 WOLFCMS : Wolf CMS 0.8
 LANDESK : Landesk Management Suite 9.5
 GLPI : GLPI 0.84
 ZEND : ZendFramework 1.12
 MANAGEENGINE : Manage Engine Desktop Central 9
 ATLASSIAN : Comalatech Comala Workflows 4.6
 GOAUTODIAL : GoAutoDial 3.3
 PHPTRAFFICA : phpTrafficA 2.3
 APACHE : Flex 4.14
 MEDIAWIKI : MediaWiki 1.24
 PHPMYADMIN : phpmyadmin 4.3
 APACHE : Cassandra 2.1
 MARKUPFIELDS : django-markupfield 1.3
 LYCHEE : Lechee 2.7
 MOVABLETYPE : MovableType 5.1
 DRUPAL : drupal 7.34
 EGROUPWARE : eGroupware 1.8
 WSO2 : WSO2 Identity Server 5.0
CVE:CVE-2015-2940 (Cross-site request forgery (CSRF) vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors.)
 CVE-2015-2939 (Cross-site scripting (XSS) vulnerability in the Scribunto extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a function name, which is not properly handled in a Lua error backtrace.)
 CVE-2015-2938 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a custom JavaScript file, which is not properly handled when previewing the file.)
 CVE-2015-2937 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM or Zend PHP, allows remote attackers to cause a denial of service ("quadratic blowup" and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, a different vulnerability than CVE-2015-2942.)
 CVE-2015-2936 (MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing, allows remote attackers to cause a denial of service (CPU consumption) via a long password.)
 CVE-2015-2935 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to bypass the SVG filtering and obtain sensitive user information via a mixed case @import in a style element in an SVG file, as demonstrated by "@imporT.")
 CVE-2015-2934 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 does not properly handle when the Zend interpreter xml_parse function does not expand entities, which allows remote attackers to inject arbitrary web script or HTML via a crafted SVG file.)
 CVE-2015-2933 (Cross-site scripting (XSS) vulnerability in the Html class in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a LanguageConverter substitution string when using a language variant.)
 CVE-2015-2932 (Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an animated href XLink element.)
 CVE-2015-2931 (Incomplete blacklist vulnerability in includes/upload/UploadBase.php in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an application/xml MIME type for a nested SVG with a data: URI.)
 CVE-2015-2845 (The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.)
 CVE-2015-2844 (The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1420434000 allows remote attackers to execute arbitrary commands via the $action portion of the PATH_INFO.)
 CVE-2015-2843 (Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the (1) user_name or (2) user_pass parameter in go_login.php or the PATH_INFO to (3) go_login/validate_credentials/admin/ or (4) index.php/go_site/go_get_user_info/.)
 CVE-2015-2842 (Unrestricted file upload vulnerability in go_audiostore.php in the audiostore (Voice Files) upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in sounds/.)
 CVE-2015-2781 (Cross-site scripting (XSS) vulnerability in cgi-bin/hotspotlogin.cgi in Hotspot Express hotEx Billing Manager 73 allows remote attackers to inject arbitrary web script or HTML via the reply parameter.)
 CVE-2015-2750
 CVE-2015-2749
 CVE-2015-2690
 CVE-2015-2560
 CVE-2015-2559 (Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL.)
 CVE-2015-2206 (libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.)
 CVE-2015-2172 (DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permission for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API.)
 CVE-2015-1773 (Cross-site scripting (XSS) vulnerability in asdoc/templates/index.html in Apache Flex before 4.14.1 allows remote attackers to inject arbitrary web script or HTML by providing a crafted URI to JavaScript code generated by the asdoc component.)
 CVE-2015-0845 (Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related to localization of templates.)
 CVE-2015-0225 (The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.)
 CVE-2014-9258 (SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.)
 CVE-2014-9253 (The default file type whitelist configuration in conf/mime.conf in the Media Manager in DokuWiki before 2014-09-29b allows remote attackers to execute arbitrary web script or HTML by uploading an SWF file, then accessing it via the media parameter to lib/exe/fetch.php.)
 CVE-2014-8764 (DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind.)
 CVE-2014-8763 (DokuWiki before 2014-05-05b, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a password starting with a null (\0) character and a valid user name, which triggers an unauthenticated bind.)
 CVE-2014-8762 (The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter.)
 CVE-2014-8761 (inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call.)
 CVE-2014-8360 (Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .._ (dot dot underscore) in an item type to the getItemForItemtype, as demonstrated by the itemtype parameter in ajax/common.tabs.php.)
 CVE-2014-8089
 CVE-2014-5362
 CVE-2014-5361 (Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk Management Suite 9.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) start, (2) stop, or (3) restart services via a request to remote/serverServices.aspx.)
 CVE-2014-5032 (GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.)
 CVE-2014-5022 (Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field.)
 CVE-2014-5021 (Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label.)
 CVE-2014-5020 (The File module in Drupal 7.x before 7.29 does not properly check permissions to view files, which allows remote authenticated users with certain permissions to bypass intended restrictions and read files by attaching the file to content with a file field.)
 CVE-2014-5019 (The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause a denial of service via a crafted HTTP Host header, related to determining which configuration file to use.)
 CVE-2014-4914
 CVE-2014-3704 (The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.)
 CVE-2014-2983 (Drupal 6.x before 6.31 and 7.x before 7.27 does not properly isolate the cached data of different anonymous users, which allows remote anonymous users to obtain sensitive interim form input information in opportunistic situations via unspecified vectors.)
 CVE-2014-2685 (The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote attackers to bypass authentication by leveraging an assertion from an OpenID provider.)
 CVE-2014-2684 (The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 does not verify that the openid_op_endpoint value identifies the same Identity Provider as the provider used in the association handle, which allows remote attackers to bypass authentication and spoof arbitrary OpenID identities by using a malicious OpenID Provider that generates OpenID tokens with arbitrary identifier and claimed_id values.)
 CVE-2014-2683 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0 allow remote attackers to cause a denial of service (CPU consumption) via (1) recursive or (2) circular references in an XML entity definition in an XML DOCTYPE declaration, aka an XML Entity Expansion (XEE) attack. NOTE: this issue exists because of an incomplete fix for CVE-2012-6532.)
 CVE-2014-2682 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0, when PHP-FPM is used, does not properly share the libxml_disable_entity_loader setting between threads, which might allow remote attackers to conduct XML External Entity (XXE) attacks via an XML external entity declaration in conjunction with an entity reference. NOTE: this issue exists because of an incomplete fix for CVE-2012-5657.)
 CVE-2014-2681 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and memory consumption) via an XML External Entity (XXE) attack. NOTE: this issue exists because of an incomplete fix for CVE-2012-5657.)
 CVE-2014-2027 (eGroupware before 1.8.006.20140217 allows remote attackers to conduct PHP object injection attacks, delete arbitrary files, and possibly execute arbitrary code via the (1) addr_fields or (2) trans parameter to addressbook/csv_import.php, (3) cal_fields or (4) trans parameter to calendar/csv_import.php, (5) info_fields or (6) trans parameter to csv_import.php in (a) projectmanager/ or (b) infolog/, or (7) processed parameter to preferences/inc/class.uiaclprefs.inc.php.)
Оригинальный текстdocumentUBUNTU, [USN-2558-1] Mailman vulnerability (12.05.2015)
 documentBartlomiej Balcerek, WSO2 Identity Server multiple vulnerabilities (12.05.2015)
 documentMANDRIVA, Manage Engine Desktop Central 9 - CVE-2015-2560 - Unauthorised administrative password reset (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:087 ] egroupware (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:097 ] php-ZendFramework (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:167 ] glpi (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:181 ] drupal (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:185 ] dokuwiki (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:186 ] phpmyadmin (12.05.2015)
 documentAPACHE, [SECURITY ANNOUNCEMENT] CVE-2015-0225 (12.05.2015)
 documentbhadresh.patel_(at)_helpag.com, HotExBilling Manager Cross-site scripting (XSS) vulnerability (12.05.2015)
 documentAPACHE, CVE-2015-1773 Apache Flex reflected XSS vulnerability (12.05.2015)
 documentSecurify B.V., Reflected Cross-Site Scripting vulnerability in asdoc generated documentation (12.05.2015)
 documentSecurify B.V., Reflected Cross-Site Scripting vulnerability in asdoc generated documentation (12.05.2015)
 documentDaniel Geerts, [CVE-2015-2926] XSS vuln in phpTrafficA (12.05.2015)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20150409-0 :: Multiple XSS & XSRF vulnerabilities in Comalatech Comala Workflows (12.05.2015)
 documentMANDRIVA, [ MDVSA-2015:200 ] mediawiki (12.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3227-1] movabletype-opensource security update (12.05.2015)
 documentalex_haynes_(at)_outlook.com, [CVE-2014-5361][CVE-2014-5362]Landesk Management Suite RFI & CSRF Security Vulnerabilities (12.05.2015)
 documentprathan.ptr_(at)_gmail.com, Wolf CMS 0.8.2 Arbitrary File Upload Vulnerability (12.05.2015)
 documentFilippo Cavallarin, Lychee 2.7.1 remote code execution (12.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3230-1] django-markupfield security update (12.05.2015)
 documentJouko Pynnonen, Google Analytics by Yoast stored XSS #2 (12.05.2015)
 documentroot_(at)_localhost.com, GoAutoDial 3.3 multiple vulnerabilities (12.05.2015)
 documentkkulkarni_(at)_controlcase.com, Reflected XSS Vulnerability In Manage Engine Firewall Analyzer (12.05.2015)
 documentHigh-Tech Bridge Security Research, Multiple Cross-Site Scripting (XSS) in FreePBX (12.05.2015)
 documentZoRLu Bugrahan, Avsarsoft Matbaa Script - Multiple Vulnerabilities (12.05.2015)
 documentZoRLu Bugrahan, Encaps PHP/Flash Gallery 2.3.22s Database Puffing Up Exploit (12.05.2015)

Обратный путь в каталогах Battle of Wesnoth
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14480
Тип:клиент
Уровень опасности:
5/10
Описание:Обратный путь в каталогах при загрузке карт.
Затронутые продукты:WESNOTH : Battle for Wesnoth 1.12
CVE:CVE-2015-0844 (The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3218-1] wesnoth-1.10 security update (12.05.2015)

Раскрытие информации в EMC Documentum xCelerated Management System
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14481
Тип:удаленная
Уровень опасности:
5/10
Описание:Пароль сервиса сохранен в .bat-файле.
Затронутые продукты:EMC : Documentum xCelerated Management System 1.1
CVE:CVE-2015-0527 (EMC Documentum xCelerated Management System (xMS) 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform (xCP) provisioning, which allows local users to obtain sensitive information by reading a file.)
Оригинальный текстdocumentEMC, ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability (12.05.2015)

Повышение приуилегий в EMC Isilon OneFS
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14482
Тип:локальная
Уровень опасности:
5/10
Описание:Локальный доступ к файлам.
Затронутые продукты:EMC : Isilon OneFS 7.1
CVE:CVE-2015-0528 (The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7.1.0 before 7.1.0.6, 7.1.1 before 7.1.1.2, and 7.2.0 before 7.2.0.1 allows local users to gain privileges by leveraging an ability to modify system files.)
Оригинальный текстdocumentEMC, ESA-2015-049: EMC Isilon OneFS Privilege Escalation Vulnerability (12.05.2015)

Уязвимости безопасности в GoAhead Web Server
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14483
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера, обратный путь в каталогах.
Затронутые продукты:EMBEDTHIS : GoAhead 3.4
CVE:CVE-2014-9707 (EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path segments starting with a . (dot), which allows remote attackers to conduct directory traversal attacks, cause a denial of service (heap-based buffer overflow and crash), or possibly execute arbitrary code via a crafted URI.)
Оригинальный текстdocumentMatthew Daley, Advisory: CVE-2014-9707: GoAhead Web Server 3.0.0 - 3.4.1 (12.05.2015)

DoS против web-сервера Appweb
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14484
Тип:удаленная
Уровень опасности:
5/10
Описание:Обращение по нулевому указателю при разборе заголовка Range:.
Затронутые продукты:EMBEDTHIS : Appweb 5.2
CVE:CVE-2014-9708 (Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".)
Оригинальный текстdocumentMatthew Daley, Advisory: CVE-2014-9708: Appweb Web Server (12.05.2015)

Межсайтовый скриптинг в Palo Alto Traps Server
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14485
Тип:удаленная
Уровень опасности:
5/10
Описание:Хранимый XSS через журнал.
Затронутые продукты:PALOALTO : Traps Server 3.1
CVE:CVE-2015-2223 (Multiple cross-site scripting (XSS) vulnerabilities in Palo Alto Networks Traps (formerly Cyvera Endpoint Protection) 3.1.2.1546 allow remote attackers to inject arbitrary web script or HTML via the (1) Arguments, (2) FileName, or (3) URL parameter in a SOAP request.)
Оригинальный текстdocumentmichael.hendrickx_(at)_helpag.com, CVE-2015-2223: Palo Alto Traps Server Stored XSS (12.05.2015)

Выполнение кода в Novell ZenWorks Configuration Management
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14486
Тип:удаленная
Уровень опасности:
6/10
Описание:Выполнение кода через вебинтерфейс.
Затронутые продукты:NOVELL : ZENworks Configuration Management 11.3
CVE:CVE-2015-0779 (Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323 and CVE-2010-5324.)
Оригинальный текстdocumentPedro Ribeiro, [CVE-2015-0779]: Novell ZenWorks Configuration Management remote code execution (12.05.2015)

Выполнение кода в mercurial
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14487
Тип:удаленная
Уровень опасности:
6/10
Описание:Инъекция кода через команду clone.
Затронутые продукты:MERCURIAL : Mercurial 3.2
CVE:CVE-2014-9462 (The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3257-1] mercurial security update (12.05.2015)

Инъекция SQL в quassel
Опубликовано:12 мая 2015 г.
Источник:
SecurityVulns ID:14488
Тип:удаленная
Уровень опасности:
6/10
Описание:Инъекция SQL через сообщения.
Затронутые продукты:QUASSEL : Quassel IRC 0.9
CVE:CVE-2015-3427 (Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422.)
 CVE-2013-4422 (SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3258-1] quassel security update (12.05.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород