Security News

Bugtraq: [security bulletin] HPSBGN03564 rev.1 - HPE Release Control using Java Deserialization, Remote Code Execution

Security Focus Vulnerabilities - 23 May, 2016 - 14:55
[security bulletin] HPSBGN03564 rev.1 - HPE Release Control using Java Deserialization, Remote Code Execution

[RCESEC-2016-002] XenAPI v1.4.1 for XenForo Multiple Unauthenticated SQL Injections

Bug Traq - 23 May, 2016 - 14:32

Posted by Julien Ahrens on May 23

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: XenAPI for XenForo
Vendor URL: github.com/Contex/XenAPI
Type: SQL Injection [CWE-89]
Date found: 2016-05-20
Date published: 2016-05-23
CVSSv3 Score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVE: -

2. CREDITS
==========
This vulnerability was discovered and researched by Julien Ahrens from
RCE...

poisoning / hijacking DNS locally of a third party domain: in shared and custom web hosting and in ISP, in automated /custom control panel software

Full Disclosure - 23 May, 2016 - 11:11

Posted by Bipin Gautam on May 23

Hi,

vulnerability summary : a design / process flaw

Severity : Moderate / High

In most automated control pannel software, for shared and custom web
hosting and in ISP, anyone can register / signup any domain after you
have a paid account for website hosting

- and the dns record of the added domain gets synced indiscriminately
in the local / ISP master DNS name server /resolver (for that
webhosting and ISP locally)

when any local website in...

MediaLink router MWN-WAPR300N - Several Vulnerabilities

Full Disclosure - 23 May, 2016 - 11:11

Posted by David Spector on May 23

*MediaLink router MWN-WAPR300N - Several Vulnerabilities*

The vulnerabilities reported here are for the firmware version currently
being shipped by Amazon.com. This is hardware version 2.0, firmware
version V5.07.51_en_MDL01 . I have no knowledge of the behavior of
previous versions of this router. U.S. CERT/CC states that the
vulnerabilities I am reporting here have not previously been reported to
them.

*About*

The MediaLink wireless...

[RCESEC-2016-001] Postfix Admin v2.93 Generic POST Cross-Site Request Forgeries

Full Disclosure - 23 May, 2016 - 11:11

Posted by Julien Ahrens on May 23

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Postfix Admin
Vendor URL: sourceforge.net/projects/postfixadmin/
Type: Cross-Site Request Forgery [CWE-253]
Date found: 2016-04-23
Date published: 2016-05-21
CVSSv3 Score: 4.6 (AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N)
CVE: -

2. CREDITS
==========
This vulnerability was discovered and researched by Julien...

Multiple Reflected XSS vulnerabilities in Infobae Website

Full Disclosure - 23 May, 2016 - 11:11

Posted by Niemand Nie on May 23

ADVISORY INFORMATION

===================

Title: Multiple Reflected XSS vulnerabilities in Infobae Website
Date published: 2016-20-05
Vendors contacted: No answer received
Vendors website: http://www.infobae.com/
Discovered by: Joel Noguera [Independent Security Researcher]
Severity: Medium

AFFECTED PRODUCT

===================
Infobae it is a website of a famous newspaper from Argentina. It is well
known and has thousand of readers per day....

Linknat VOS2009/VOS3000 SQL injection

Full Disclosure - 23 May, 2016 - 11:11

Posted by Osama Khalid on May 23

A SQL injection was found in Linknat VOS3000/VOS2009, a popular VoIP
softswitch, that could allow remote attackers to gain access to the
credentials stored in plain-text.

Application: Linknat VOS3000/VOS2009
Versions Affected: 2.1.1.5, 2.1.1.8, 2.1.2.0
Vendor URL: http://www.linknat.com/
Bug: SQLi (with DBA privileges)
Type: Remote
Resolution: Fixed, upgrade to 2.1.2.4
Reference: WooYun-2015-145458 -...

[ERPSCAN-16-011] SAP NetWeaver AS JAVA – SQL injection vulnerability

Full Disclosure - 23 May, 2016 - 11:08

Posted by ERPScan inc on May 23

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5

Vendor URL: http://SAP.com

Bugs: SQL injection

Send: 04.12.2015

Reported: 04.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2101079

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP NetWeaver AS JAVA – SQL injection vulnerability

Advisory...

[ERPSCAN-16-010] SAP NetWeaver AS JAVA – information disclosure vulnerability

Full Disclosure - 23 May, 2016 - 11:08

Posted by ERPScan inc on May 23

Application:SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5

Vendor URL: http://SAP.com

Bugs: information disclosure

Sent: 15.09.2015

Reported: 15.09.2015

Vendor response: 16.09.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2256846

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP NetWeaver AS JAVA – information disclosure vulnerability

Advisory...

Bugtraq: [SECURITY] [DSA 3584-1] librsvg security update

Security Focus Vulnerabilities - 23 May, 2016 - 03:00
[SECURITY] [DSA 3584-1] librsvg security update

Bugtraq: [SEARCH-LAB advisory] LG NAS N1A1 multiple vulnerabilities in Familycast

Security Focus Vulnerabilities - 23 May, 2016 - 03:00
[SEARCH-LAB advisory] LG NAS N1A1 multiple vulnerabilities in Familycast

Bugtraq: [ERPSCAN-16-011] SAP NetWeaver AS JAVA â?? SQL injection vulnerability

Security Focus Vulnerabilities - 23 May, 2016 - 03:00
[ERPSCAN-16-011] SAP NetWeaver AS JAVA â?? SQL injection vulnerability

[SECURITY] [DSA 3585-1] wireshark security update

Bug Traq - 23 May, 2016 - 02:53

Posted by Moritz Muehlenhoff on May 23

-------------------------------------------------------------------------
Debian Security Advisory DSA-3585-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
May 22, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : wireshark
CVE ID : CVE-2016-4006 CVE-2016-4079...

[RCESEC-2016-001] Postfix Admin v2.93 Generic POST Cross-Site Request Forgeries

Bug Traq - 23 May, 2016 - 02:45

Posted by Julien Ahrens on May 23

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Postfix Admin
Vendor URL: sourceforge.net/projects/postfixadmin/
Type: Cross-Site Request Forgery [CWE-253]
Date found: 2016-04-23
Date published: 2016-05-21
CVSSv3 Score: 4.6 (AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N)
CVE: -

2. CREDITS
==========
This vulnerability was discovered and researched by Julien...

[slackware-security] curl (SSA:2016-141-01)

Bug Traq - 23 May, 2016 - 02:35

Posted by Slackware Security Team on May 23

[slackware-security] curl (SSA:2016-141-01)

New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/curl-7.49.0-i486-1_slack14.1.txz: Upgraded.
Fixed a TLS certificate check bypass with mbedTLS/PolarSSL.
For more information, see:
https://curl.haxx.se/docs/adv_20160518.html...

Bugtraq: [ERPSCAN-16-010] SAP NetWeaver AS JAVA â?? information disclosure vulnerability

Security Focus Vulnerabilities - 19 May, 2016 - 14:45
[ERPSCAN-16-010] SAP NetWeaver AS JAVA â?? information disclosure vulnerability

Bugtraq: TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4

Security Focus Vulnerabilities - 19 May, 2016 - 14:45
TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4

[security bulletin] HPSBGN03564 rev.1 - HPE Release Control using Java Deserialization, Remote Code Execution

Bug Traq - 19 May, 2016 - 14:42

Posted by security-alert on May 19

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05063986

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05063986
Version: 1

HPSBGN03564 rev.1 - HPE Release Control using Java Deserialization, Remote
Code Execution

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-03-29...

[SECURITY] [DSA 3584-1] librsvg security update

Bug Traq - 19 May, 2016 - 14:25

Posted by Salvatore Bonaccorso on May 19

-------------------------------------------------------------------------
Debian Security Advisory DSA-3584-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
May 19, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : librsvg
CVE ID : CVE-2015-7558 CVE-2016-4347...

Bugtraq: [SECURITY] [DSA 3583-1] swift-plugin-s3 security update

Security Focus Vulnerabilities - 19 May, 2016 - 06:45
[SECURITY] [DSA 3583-1] swift-plugin-s3 security update
Syndicate content