BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 26 min 28 sec ago

[security bulletin] HPSBNS03635 rev.1 - HPE NonStop Servers OSS Script Languages running Perl and PHP, Multiple Local and Remote Vulnerabilities

August 22, 2016 - 4:22am

Posted by security-alert on Aug 22

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05240731

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05240731
Version: 1

HPSBNS03635 rev.1 - HPE NonStop Servers OSS Script Languages running Perl and
PHP, Multiple Local and Remote Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible....
Categories:

Path traversal vulnerability in WordPress Core Ajax handlers

August 22, 2016 - 4:05am

Posted by Summer of Pwnage on Aug 22

------------------------------------------------------------------------
Path traversal vulnerability in WordPress Core Ajax handlers
------------------------------------------------------------------------
Yorick Koster, July 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A path traversal vulnerability was found in the Core Ajax...
Categories:

Horizontal Privilege Escalation/Code Injection in ownCloud’s Windows Client

August 19, 2016 - 6:22am

Posted by Florian Bogner on Aug 19

Horizontal Privilege Escalation/Code Injection in ownCloud’s Windows Client

Metadata
===================================================
Release Date: 17-08-2016
Author: Florian Bogner @ Kapsch BusinessCom AG (https://www.kapsch.net/kbc)
Affected versions: up to ownCloud's Desktop client version 2.2.2
Tested on: Windows 7 64 bit
CVE : pending
URL: https://bogner.sh/2016/08/horizontal-privilege-escalation-in-ownclouds-windows-client/...
Categories:

[CVE-2016-6582] Doorkeeper gem does not revoke tokens & uses wrong auth/auth method

August 19, 2016 - 6:13am

Posted by Justin Bull on Aug 19

Good evening everyone,

A security bulletin for all of you.

Software:
--------
Doorkeeper (https://github.com/doorkeeper-gem/doorkeeper)

Description:
----------
Doorkeeper is an OAuth 2 provider for Rails written in Ruby.

Affected Versions:
---------------
1.2.0 - 4.1.0 (all versions but latest patch supporting token revocation)

Fixed Versions:
-------------
4.2.0 or apply this commit[0]

Problem:
--------
Doorkeeper failed to implement OAuth...
Categories:

[SYSS-2016-049] QNAP QTS - Persistent Cross-Site Scripting

August 18, 2016 - 3:02pm

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-049
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.0 Build 20160311 and Build 20160601
Tested Version(s): 4.2.0 Build 20160311 - 4.2.2 Build 20160812
Vulnerability Type: Persistent Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: unfixed
Manufacturer Notification: 2016-06-03
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS...
Categories:

[SYSS-2016-054] QNAP QTS - OS Command Injection

August 18, 2016 - 2:56pm

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-054
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.1 Build 20160601
Tested Version(s): 4.2.1 Build 20160601 - 4.2.2 Build 20160812
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: unfixed
Manufacturer Notification: 2016-06-07
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS GmbH)...
Categories:

[SYSS-2016-049] QNAP QTS - Persistent Cross-Site Scripting

August 18, 2016 - 2:48pm

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-049
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.0 Build 20160311 and Build 20160601
Tested Version(s): 4.2.0 Build 20160311 - 4.2.2 Build 20160812
Vulnerability Type: Persistent Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: unfixed
Manufacturer Notification: 2016-06-03
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS...
Categories:

[SYSS-2016-050] QNAP QTS - Persistent Cross-Site Scripting

August 18, 2016 - 2:42pm

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-050
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.0 Build 20160311 and Build 20160601
Tested Version(s): 4.2.0 Build 20160311 - 4.2.2 Build 20160812
Vulnerability Type: Persistent Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: unfixed
Manufacturer Notification: 2016-06-03
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS...
Categories:

[SYSS-2016-055] QNAP QTS - OS Command Injection

August 18, 2016 - 2:36pm

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-055
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.1 Build 20160601
Tested Version(s): 4.2.1 Build 20160601 - 4.2.2 Build 20160812
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: Unfixed
Manufacturer Notification: 2016-06-08
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS GmbH)...
Categories:

[SYSS-2016-048] QNAP QTS - OS Command Injection

August 18, 2016 - 2:29pm

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-048
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.0 Build 20160311 and Build 20160601
Tested Version(s): 4.2.0 Build 20160311 - 4.2.2 Build 20160812
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: unfixed
Manufacturer Notification: 2016-06-03
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS GmbH)...
Categories:

[SYSS-2016-051] QNAP QTS - Reflected Cross-Site Scripting

August 18, 2016 - 2:23pm

Posted by bugtraq on Aug 18

dvisory ID: SYSS-2016-051
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.1 Build 20160601
Tested Version(s): 4.2.1 Build 20160601 - 4.2.2 Build 20160812
Vulnerability Type: Reflected Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: unfixed
Manufacturer Notification: 2016-06-06
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS GmbH)...
Categories:

[SYSS-2016-054] QNAP QTS - OS Command Injection

August 18, 2016 - 2:13pm

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-054
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.1 Build 20160601
Tested Version(s): 4.2.1 Build 20160601 - 4.2.2 Build 20160812
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: unfixed
Manufacturer Notification: 2016-06-07
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS GmbH)...
Categories:

[SYSS-2016-048] QNAP QTS - OS Command Injection

August 18, 2016 - 2:05pm

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-048
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.0 Build 20160311 and Build 20160601
Tested Version(s): 4.2.0 Build 20160311 - 4.2.2 Build 20160812
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: unfixed
Manufacturer Notification: 2016-06-03
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS GmbH)...
Categories:

[SYSS-2016-050] QNAP QTS - Persistent Cross-Site Scripting

August 18, 2016 - 10:38am

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-050
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.0 Build 20160311 and Build 20160601
Tested Version(s): 4.2.0 Build 20160311 - 4.2.2 Build 20160812
Vulnerability Type: Persistent Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: unfixed
Manufacturer Notification: 2016-06-03
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS...
Categories:

[SYSS-2016-048] QNAP QTS - OS Command Injection

August 18, 2016 - 10:30am

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-048
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.0 Build 20160311 and Build 20160601
Tested Version(s): 4.2.0 Build 20160311 - 4.2.2 Build 20160812
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: unfixed
Manufacturer Notification: 2016-06-03
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS GmbH)...
Categories:

[SYSS-2016-053] QNAP QTS - Arbitrary File Overwrite

August 18, 2016 - 10:21am

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-053
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.1 Build 20160601
Tested Version(s): 4.2.1 Build 20160601 - 4.2.2 Build 20160812
Vulnerability Type: Arbitrary file overwrite (CWE-23)
Risk Level: High
Solution Status: unfixed
Manufacturer Notification: 2016-06-06
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS GmbH)...
Categories:

[SYSS-2016-052] QNAP QTS - OS Command Injection

August 18, 2016 - 10:13am

Posted by bugtraq on Aug 18

Advisory ID: SYSS-2016-052
Product: QNAP QTS
Manufacturer: QNAP
Affected Version(s): 4.2.1 Build 20160601
Tested Version(s): 4.2.1 Build 20160601 - 4.2.2 Build 20160812
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: unfixed
Manufacturer Notification: 2016-06-06
Solution Date: tbd.
Public Disclosure: 2016-08-18
CVE Reference: Not assigned
Author of Advisory: Sebastian Nerz (SySS GmbH)...
Categories:

Telus Actiontec T2200H Modem Input Validation Flaw Allows Elevated Shell Access

August 18, 2016 - 6:58am

Posted by Andrew Klaus on Aug 18

### Device Details
Vendor: Actiontec (Telus Branded)
Model: T2200H (but likely affecting other similar models of theirs)
Affected Firmware: T2200H-31.128L.03
Device Manual: http://static.telus.com/common/cms/files/internet/telus_t2200h_user_manual.pdf
Reported: November 2015
Status: Fixed on T2200H-31.128L.07
CVE: Not needed since update is pushed by the provider.

The Telus Actiontec T2200H is Telus’ standard bonded VDSL2 modem. It...
Categories:

[SECURITY] [DSA 3650-1] libgcrypt20 security update

August 18, 2016 - 6:52am

Posted by Salvatore Bonaccorso on Aug 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-3650-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 17, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libgcrypt20
CVE ID : CVE-2016-6313

Felix Doerre...
Categories:

[SECURITY] [DSA 3649-1] gnupg security update

August 18, 2016 - 6:43am

Posted by Salvatore Bonaccorso on Aug 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-3649-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 17, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : gnupg
CVE ID : CVE-2016-6313

Felix Doerre and...
Categories: