News aggregator

Bugtraq: Webmin v1.850 Remote Code Execution (hyp3rlinx / apparitionsec)

SecurityFocus Vulnerabilities - Mon, 11/06/2017 - 12:20
Webmin v1.850 Remote Code Execution (hyp3rlinx / apparitionsec)
Categories: Security News

CVE-2017-15039

National Vulnerability Database - Mon, 11/06/2017 - 03:29
Cross-site scripting (XSS) exists in Zurmo 3.2.1.57987acc3018 via a data: URL in the redirectUrl parameter to app/index.php/meetings/default/createMeeting.
Categories: Security News

CVE-2017-16524

National Vulnerability Database - Mon, 11/06/2017 - 03:29
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing Local File Read Vulnerability referenced as CVE-2015-8279, which allows remote attackers to read the web-interface credentials via a request for the cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.
Categories: Security News

CVE-2017-16563

National Vulnerability Database - Mon, 11/06/2017 - 03:29
Cross-Site Request Forgery (CSRF) in the Basic Settings screen on Vonage (Grandstream) HT802 devices allows attackers to modify settings, related to cgi-bin/update.
Categories: Security News

CVE-2017-16564

National Vulnerability Database - Mon, 11/06/2017 - 03:29
Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on Vonage (Grandstream) HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field (P148).
Categories: Security News

CVE-2017-16565

National Vulnerability Database - Mon, 11/06/2017 - 03:29
Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandstream) HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests.
Categories: Security News

CVE-2017-16569

National Vulnerability Database - Mon, 11/06/2017 - 03:29
An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 via an http: URL in the redirectUrl parameter to app/index.php/meetings/default/createMeeting.
Categories: Security News

CVE-2017-16570

National Vulnerability Database - Mon, 11/06/2017 - 03:29
KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF bypass by removing the CSRF parameter and value, aka SecureLayer7 issue number SL7_KEYJS_03. In other words, it fails to reject requests that lack an x-csrf-token header.
Categories: Security News

CVE-2017-16547

National Vulnerability Database - Mon, 11/06/2017 - 00:29
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.
Categories: Security News

CVE-2017-16548

National Vulnerability Database - Mon, 11/06/2017 - 00:29
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.
Categories: Security News

Vuln: GNU Emacs CVE-2017-1000383 Local Information Disclosure Vulnerability

SecurityFocus Vulnerabilities - Mon, 11/06/2017 - 00:00
GNU Emacs CVE-2017-1000383 Local Information Disclosure Vulnerability
Categories: Security News

Vuln: Foxit Reader CVE-2017-10948 Use After Free Remote Code Execution Vulnerability

SecurityFocus Vulnerabilities - Mon, 11/06/2017 - 00:00
Foxit Reader CVE-2017-10948 Use After Free Remote Code Execution Vulnerability
Categories: Security News

Vuln: Avaya IP Office Contact Center CVE-2017-12969 Remote Buffer Overflow Vulnerability

SecurityFocus Vulnerabilities - Mon, 11/06/2017 - 00:00
Avaya IP Office Contact Center CVE-2017-12969 Remote Buffer Overflow Vulnerability
Categories: Security News

Vuln: OpenSSL CVE-2017-3736 Information Disclosure Vulnerability

SecurityFocus Vulnerabilities - Mon, 11/06/2017 - 00:00
OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
Categories: Security News

CVE-2017-16545

National Vulnerability Database - Sun, 11/05/2017 - 17:29
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image.
Categories: Security News

CVE-2017-16546

National Vulnerability Database - Sun, 11/05/2017 - 17:29
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.
Categories: Security News

CVE-2017-16542

National Vulnerability Database - Sun, 11/05/2017 - 12:29
Zoho ManageEngine Applications Manager 13 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
Categories: Security News

CVE-2017-16543

National Vulnerability Database - Sun, 11/05/2017 - 12:29
Zoho ManageEngine Applications Manager 13 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field.
Categories: Security News

CVE-2017-16540

National Vulnerability Database - Sat, 11/04/2017 - 15:29
OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR site to an arbitrary attacker-controlled MySQL server via vectors involving a crafted state parameter.
Categories: Security News

CVE-2017-16541

National Vulnerability Database - Sat, 11/04/2017 - 14:29
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.
Categories: Security News

Pages