Splunk version 6.6.x suffers from a local privilege escalation vulnerability. Splunk can be configured to run as a non-root user. However, that user owns the configuration file that specifies the user to run as, so it can trivially gain root privileges.
927ecfe19fe31d3c7e09dd53fc3c4d83c00e61f2fd48f776a815cc3fefe9be2cDebian Linux Security Advisory 4015-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in impersonation of Kerberos services, denial of service, sandbox bypass or HTTP header injection.
05931432fc88d655f4b2cd845ab81c58a2e1806d1213ccb724e51f1214d6a6b8TorBrowser versions 7.0.8 and below for Mac OS X and Linux are affected by a critical security issue. According to the Tor Project, further details will be released in the near future. Due to a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address. Once an affected user navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser.
98ad8fa1e2be0c10bbbb3b46fcb9cb4ff3e65dec0ce7c05e95e2dbb0691343c0Ipswitch WS_FTP Professional versions prior to 12.6.0.3 local buffer overflow SEH exploit.
6251e99643355dfce8158d85ccce36a17dc15e2814768c499352c915ae361095This Metasploit module exploits an arbitrary command execution vulnerability in tnftp's handling of the resolved output filename - called "savefile" in the source - from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the last component of the requested resource. If the output filename begins with a "|" character, tnftp will pass the fetched resource's output to the command directly following the "|" character through the use of the popen() function.
cb3ce61975554a3297a24930dd020c04ec845fcbd5d8eef10ec56929627059beWP Mobile Detector Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /wp-content/plugins/wp-mobile-detector/resize.php script does contains a remote file include for files not cached by the system already. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the attacker to execute the script with the privileges of the web server.
78c713af652be903f93b72d84bd37300ff88c13c97f655448730f42c48f8d6a6Attackers who can send SOAP messages to a Ladon webservice via the HTTP interface of the Ladon webservice can exploit an XML external entity expansion vulnerability and read local files, forge server side requests or overload the service with exponentially growing memory payloads. Versions 0.9.40 and below are affected.
ed8acdbe74a60413ec64bf7ee626907c637009037aa099593ef2ffdb4b694c81WordPress JTRT Responsive Tables plugin version 4.1 suffers from a remote SQL injection vulnerability.
a1f25b1c18c3daec7d835741053221d7028b919fcb427404e5f48ed8fc918d25GraphicsMagick suffers from memory disclosure and heap overflow vulnerabilities.
1ceae2893354ae8766e467b9dfa2dd7ac16088ecf0efee28ed81a3309833aea2Oracle PeopleSoft Enterprise PeopleTools versions prior to 8.55 suffer from a remote code execution vulnerability.
e7ca7f1dfaf0427d15e6728d2323dfd98cf6d0d01d7466ab23ceea3a1e534852
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed