BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 8 min 3 sec ago

PayPal Inc Bug Bounty #113 - Client Side Cross Site Scripting Vulnerability

April 21, 2015 - 8:02am

Posted by Vulnerability Lab on Apr 21

Document Title:
===============
PayPal Inc Bug Bounty #113 - Client Side Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1453

Video: http://www.vulnerability-lab.com/get_content.php?id=1454

View: https://www.youtube.com/watch?v=v5egy9V_Bs0

Release Date:
=============
2015-04-18

Vulnerability Laboratory ID (VL-ID):
====================================
1453...
Categories:

Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability

April 21, 2015 - 7:54am

Posted by Vulnerability Lab on Apr 21

Document Title:
===============
Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1228

Release Date:
=============
2015-03-25

Vulnerability Laboratory ID (VL-ID):
====================================
1228

Common Vulnerability Scoring System:
====================================
4

Product & Service Introduction:
===============================...
Categories:

Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability

April 21, 2015 - 7:44am

Posted by Vulnerability Lab on Apr 21

Document Title:
===============
Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1227

Release Date:
=============
2015-03-24

Vulnerability Laboratory ID (VL-ID):
====================================
1227

Common Vulnerability Scoring System:
====================================
3.9

Product & Service Introduction:...
Categories:

Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability

April 21, 2015 - 7:36am

Posted by Vulnerability Lab on Apr 21

Document Title:
===============
Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1215

Release Date:
=============
2015-03-23

Vulnerability Laboratory ID (VL-ID):
====================================
1215

Common Vulnerability Scoring System:
====================================
4.1

Product & Service Introduction:...
Categories:

Photo Manager Pro v4.4.0 iOS - File Include Vulnerability

April 21, 2015 - 7:28am

Posted by Vulnerability Lab on Apr 21

Document Title:
===============
Photo Manager Pro v4.4.0 iOS - File Include Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1445

Release Date:
=============
2015-03-12

Vulnerability Laboratory ID (VL-ID):
====================================
1445

Common Vulnerability Scoring System:
====================================
6.9

Product & Service Introduction:...
Categories:

Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability

April 21, 2015 - 7:20am

Posted by Vulnerability Lab on Apr 21

Document Title:
===============
Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1447

Release Date:
=============
2015-03-13

Vulnerability Laboratory ID (VL-ID):
====================================
1447

Common Vulnerability Scoring System:
====================================
6.3

Product & Service Introduction:...
Categories:

Mobile Drive HD v1.8 - File Include Web Vulnerability

April 21, 2015 - 7:11am

Posted by Vulnerability Lab on Apr 21

Document Title:
===============
Mobile Drive HD v1.8 - File Include Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1446

Release Date:
=============
2015-03-11

Vulnerability Laboratory ID (VL-ID):
====================================
1446

Common Vulnerability Scoring System:
====================================
6.4

Product & Service Introduction:...
Categories:

Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability

April 21, 2015 - 7:01am

Posted by Vulnerability Lab on Apr 21

Document Title:
===============
Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1444

Release Date:
=============
2015-03-10

Vulnerability Laboratory ID (VL-ID):
====================================
1444

Common Vulnerability Scoring System:
====================================
8.6

Product & Service Introduction:...
Categories:

[security bulletin] HPSBMU03321 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code

April 21, 2015 - 6:12am

Posted by security-alert on Apr 21

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04636829

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04636829
Version: 1

HPSBMU03321 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial
of Service (DoS), Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as
soon as...
Categories:

[SECURITY] [DSA 3230-1] django-markupfield security update

April 20, 2015 - 4:26am

Posted by Alessandro Ghedini on Apr 20

-------------------------------------------------------------------------
Debian Security Advisory DSA-3230-1 security () debian org
http://www.debian.org/security/ Alessandro Ghedini
April 20, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : django-markupfield
CVE ID : CVE-2015-0846

James P....
Categories:

[SECURITY] [DSA 3229-1] mysql-5.5 security update

April 20, 2015 - 2:48am

Posted by Salvatore Bonaccorso on Apr 20

-------------------------------------------------------------------------
Debian Security Advisory DSA-3229-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
April 19, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mysql-5.5
CVE ID : CVE-2015-0433 CVE-2015-0441...
Categories:

Security Audit Notes - OpenSSL v1.0.2a (latest) Issues - Advanced Information Security Corporation

April 20, 2015 - 2:41am

Posted by lem . nikolas on Apr 20

-=[Advanced Information Security Corp]=-

Author: Nicholas Lemonias
Report Date: 2/4/2015
Email: lem.nikolas (at) gmail (dot) com [email concealed]

Introduction
==========
During a source-code audit of the OpenSSL v1.0.2a (Latest)
implementation for linux; conducted internally by the Advanced
Information Security
Group, instances of insecure function use were observed, which could
lead to a number of attacks.

Software Overview...
Categories:

CVE-2014-7953 Android backup agent code execution

April 17, 2015 - 9:55am

Posted by Imre RAD on Apr 17

Android backup agent arbitrary code execution
---------------------------------------------

The Android backup agent implementation was vulnerable to privilege
escalation and race condition. An attacker with adb shell access could
run arbitrary code as the system (1000) user (or any other valid
package). The attack is tested on Android OS 4.4.4.

The main problem is inside bindBackupAgent method in the
ActivityManagerService.
This method is...
Categories:

CVE-2014-7951 adb backup archive path traversal file overwrite

April 17, 2015 - 9:45am

Posted by Imre RAD on Apr 17

ADB backup archive path traversal file overwrite
------------------------------------------------

Using adb one can create a backup of his/her Android device and store it
on the PC. The backup archive is based on the tar file format.

By modifying tar headers to contain ../../ like patterns it is possible
to overwrite files owned by the system user on writeable partitions.

An example pathname in the tar header:...
Categories:

CVE-2014-7954 MTP path traversal vulnerability in Android

April 17, 2015 - 9:37am

Posted by Imre RAD on Apr 17

MTP path traversal vulnerability in Android 4.4
-----------------------------------------------

doSendObjectInfo() method of the MtpServer class implemented in
frameworks/av/media/mtp/MtpServer.cpp does not validate the name
parameter of the incoming MTP packet at all.

It is possible to upload files outside of the sdcard using a specially
crafted MTP request:

root () testpc:~/mtp-test# ./mtp-mysend sdf.txt \...
Categories: