Feed aggregator

SEC Consult SA-20160422-1 :: Multiple vulnerabilities in Digitalstrom Konfigurator

BugTraq Latest Security Advisories - April 22, 2016 - 6:05am

Posted by SEC Consult Vulnerability Lab on Apr 22

SEC Consult Vulnerability Lab Security Advisory < publishing date 20160422-1 >
=======================================================================
title: Multiple vulnerabilities in Digitalstrom Konfigurator
product: Digitalstrom Konfigurator
vulnerable version: 1.10.0
fixed version: 1.10.4
CVE number: -
impact: High
homepage: http://www.digitalstrom.com/...
Categories:

SEC Consult SA-20160422-0 :: Insecure credential storage in my devolo Android app

BugTraq Latest Security Advisories - April 22, 2016 - 5:57am

Posted by SEC Consult Vulnerability Lab on Apr 22

SEC Consult Vulnerability Lab Security Advisory < 20160422-0 >
=======================================================================
title: Insecure data storage
product: my devolo - android application - air.de.devolo.my.devolo
vulnerable version: 1.2.8
fixed version:
CVE number:
impact: High
homepage: http://www.devolo.com/
found: 2015-10-30...
Categories:

Bugtraq: CVE-2016-3074: libgd: signedness vulnerability

Security Focus Latest Security Advisories - April 22, 2016 - 5:00am
CVE-2016-3074: libgd: signedness vulnerability
Categories:

Bugtraq: exploit CVE-2016-2203

Security Focus Latest Security Advisories - April 22, 2016 - 5:00am
exploit CVE-2016-2203
Categories:

[SECURITY] [DSA 3553-1] varnish security update

BugTraq Latest Security Advisories - April 22, 2016 - 3:42am

Posted by Sebastien Delafond on Apr 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3553-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
April 22, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : varnish
CVE ID : CVE-2015-8852
Debian Bug :...
Categories:

Bugtraq: OpenTSDB RCE

Security Focus Latest Security Advisories - April 22, 2016 - 3:00am
OpenTSDB RCE
Categories:

next-20160422: linux-next

Linux Kernel Updates - April 22, 2016 - 12:32am
Version:next-20160422 (linux-next) Released:2016-04-22

[SECURITY] [DSA 3554-1] xen security update

BugTraq Latest Security Advisories - April 21, 2016 - 11:42pm

Posted by Salvatore Bonaccorso on Apr 21

-------------------------------------------------------------------------
Debian Security Advisory DSA-3554-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
April 21, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : xen
CVE ID : CVE-2016-3158 CVE-2016-3159...
Categories:

Bugtraq: Webutler CMS 3.2 - Cross-Site Request Forgery

Security Focus Latest Security Advisories - April 21, 2016 - 11:00pm
Webutler CMS 3.2 - Cross-Site Request Forgery
Categories:

CVE-2016-3074: libgd: signedness vulnerability

BugTraq Latest Security Advisories - April 21, 2016 - 1:23pm

Posted by Hans Jerry Illikainen on Apr 21

Overview
========

libgd [1] is an open-source image library. It is perhaps primarily used
by the PHP project. It has been bundled with the default installation
of PHP since version 4.3 [2].

A signedness vulnerability (CVE-2016-3074) exist in libgd 2.1.1 which
may result in a heap overflow when processing compressed gd2 data.

Details
=======

4 bytes representing the chunk index size is stored in a signed integer,
chunkIdx[i].size, by...
Categories:

exploit CVE-2016-2203

BugTraq Latest Security Advisories - April 21, 2016 - 1:12pm

Posted by karim reda Fakhir on Apr 21

# Exploit Title: Symantec Brightmail ldap credential Grabber
# Date: 18/04/2016
# Exploit Author: Fakhir Karim Reda
# Vendor Homepage:
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year&suid=20160418_00
# Version: 10.6.0-7 and earlier
# Tested on: Linux, Unox Windows
# CVE : CVE-2016-2203

#Symantec Brightmail 10.6.0-7 and earlier save the AD password
somewhere in...
Categories:

OpenTSDB RCE

BugTraq Latest Security Advisories - April 21, 2016 - 11:43am

Posted by gsoc on Apr 21

The paramenter wxh needs some sanitation before being used by opentsdb.

See example url:

http://opentsdb.com:4242/q?start=2016/04/13-10:21:00&ignore=2&m=sum:jmxdata.cpu&o=&yrange=[0:]&key=out%20right%20top&wxh=1900x770%60id%60&style=linespoint&png

Results in RCE unfortunately

More parameters:

wxh
start
m
o
key
style

Payload:
%60id%60

Affects all current versions of opentsdb.
Categories: