Feed aggregator

Bugtraq: CVE-2014-7953 Android backup agent code execution

CVE-2014-7953 Android backup agent code execution
Categories:

Bugtraq: CVE-2014-7951 adb backup archive path traversal file overwrite

CVE-2014-7951 adb backup archive path traversal file overwrite
Categories:

Bugtraq: CVE-2014-7954 MTP path traversal vulnerability in Android

CVE-2014-7954 MTP path traversal vulnerability in Android
Categories:

Bugtraq: 112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges

112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges
Categories:

More rss feeds from SecurityFocus

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Categories:

Bugtraq: TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367
Categories:

Bugtraq: TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325
Categories:

Bugtraq: Facebook BB #18 - IDOR Issue & Privacy Vulnerability

Facebook BB #18 - IDOR Issue & Privacy Vulnerability
Categories:

Bugtraq: Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability

Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability
Categories:

CVE-2014-7953 Android backup agent code execution

BugTraq Latest Security Advisories - April 17, 2015 - 9:55am

Posted by Imre RAD on Apr 17

Android backup agent arbitrary code execution
---------------------------------------------

The Android backup agent implementation was vulnerable to privilege
escalation and race condition. An attacker with adb shell access could
run arbitrary code as the system (1000) user (or any other valid
package). The attack is tested on Android OS 4.4.4.

The main problem is inside bindBackupAgent method in the
ActivityManagerService.
This method is...
Categories:

CVE-2014-7951 adb backup archive path traversal file overwrite

BugTraq Latest Security Advisories - April 17, 2015 - 9:45am

Posted by Imre RAD on Apr 17

ADB backup archive path traversal file overwrite
------------------------------------------------

Using adb one can create a backup of his/her Android device and store it
on the PC. The backup archive is based on the tar file format.

By modifying tar headers to contain ../../ like patterns it is possible
to overwrite files owned by the system user on writeable partitions.

An example pathname in the tar header:...
Categories:

CVE-2014-7954 MTP path traversal vulnerability in Android

BugTraq Latest Security Advisories - April 17, 2015 - 9:37am

Posted by Imre RAD on Apr 17

MTP path traversal vulnerability in Android 4.4
-----------------------------------------------

doSendObjectInfo() method of the MtpServer class implemented in
frameworks/av/media/mtp/MtpServer.cpp does not validate the name
parameter of the incoming MTP packet at all.

It is possible to upload files outside of the sdcard using a specially
crafted MTP request:

root () testpc:~/mtp-test# ./mtp-mysend sdf.txt \...
Categories:

Bugtraq: Lychee 2.7.1 remote code execution

Security Focus Latest Security Advisories - April 17, 2015 - 9:00am
Lychee 2.7.1 remote code execution
Categories:

Bugtraq: Wolf CMS 0.8.2 Arbitrary File Upload Vulnerability

Security Focus Latest Security Advisories - April 17, 2015 - 9:00am
Wolf CMS 0.8.2 Arbitrary File Upload Vulnerability
Categories:

Bugtraq: [SECURITY] [DSA 3228-1] ppp security update

Security Focus Latest Security Advisories - April 17, 2015 - 9:00am
[SECURITY] [DSA 3228-1] ppp security update
Categories:

112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges

BugTraq Latest Security Advisories - April 17, 2015 - 7:45am

Posted by Pierre Kim on Apr 17

## Advisory Information

Title: 112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable
with RCE with root privileges
Advisory URL: https://pierrekim.github.io/advisories/2015-iptime-0x00.txt.asc
Date published: 2015-04-17
Vendors contacted: KrCERT, ipTIME
Release mode: Released
CVE: no current CVE

## Product Description

EFMNetworks ipTIME is the largest Korean brand of SOHO/small/middle
entreprise Routers/WiFi APs/Modems/Firewalls in...
Categories:

Bugtraq: [CVE-2014-5361][CVE-2014-5362]Landesk Management Suite RFI & CSRF Security Vulnerabilities

Security Focus Latest Security Advisories - April 17, 2015 - 7:45am
[CVE-2014-5361][CVE-2014-5362]Landesk Management Suite RFI & CSRF Security Vulnerabilities
Categories:

Lychee 2.7.1 remote code execution

BugTraq Latest Security Advisories - April 16, 2015 - 12:27pm

Posted by Filippo Cavallarin on Apr 16

Advisory ID: SGMA15-002
Title: Lychee remote code execution
Product: Lychee
Version: 2.7.1 and probably prior
Vendor: lychee.electerious.com
Vulnerability type: Remote Code Execution
Risk level: High
Credit: Filippo Cavallarin - segment.technology
CVE: N/A
Vendor notification: 2015-04-12
Vendor fix: 2015-04-13
Public disclosure: 2015-04-15

Details

Lychee version 2.7.1 and probably below suffers from remote code execution vulnerability....
Categories:

Bugtraq: Secunia Research: Oracle Outside In ibpsd2.dll PSD File Processing Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - April 16, 2015 - 11:00am
Secunia Research: Oracle Outside In ibpsd2.dll PSD File Processing Buffer Overflow Vulnerability
Categories:

Wolf CMS 0.8.2 Arbitrary File Upload Vulnerability

BugTraq Latest Security Advisories - April 16, 2015 - 8:23am

Posted by prathan . ptr on Apr 16

,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'

Exploit Title : Wolf CMS Arbitrary File Upload Exploit
Date : 16 April...
Categories: