HP Security Bulletin HPSBGN03138 - A potential security vulnerability has been identified with HP Operations Analytics. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.
d2c8a68273b5d908b747dd246281eeb694499ac265b53b3dfe1649f854e5e958
HP Security Bulletin HPSBMU03133 - A potential security vulnerability has been identified with HP Enterprise Maps Virtual Appliance running the Bash Shell. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
f3d7edeb1d02e9729328450dcfc5c31cb9e6fb021df15dcefe1d8aa97c13b935
Bosch Security Systems DVR 630/650/670 series systems suffer from remote command execution as root and administrative password disclosure vulnerabilities.
18008cc1143109069e53b4f19c4566bfb1d2dddbb33961d180e4ec88b730836e
Red Hat Security Advisory 2014-1392-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file could possibly use this flaw to escalate their privileges on the system.
2d379835f8d8b30d2d5205e57ee447ccaebb299a17dcdeb38aa229c1a1b8d376
Red Hat Security Advisory 2014-1390-02 - Luci is a web-based high availability administration application. It was discovered that luci used eval() on inputs containing strings from the cluster configuration file when generating its web pages. An attacker with privileges to create or edit the cluster configuration could use this flaw to execute arbitrary code as the luci user on a host running luci. This issue was discovered by Jan Pokorny of Red Hat. These updated luci packages also include several bug fixes and multiple enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes.
59abfd8c62c0cb959b59f6ccf84b64b3b7fa6568f65a408c4437205ad1b30c7d
Red Hat Security Advisory 2014-1391-02 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. An out-of-bounds write flaw was found in the way the glibc's readdir_r() function handled file system entries longer than the NAME_MAX character constant. A remote attacker could provide a specially crafted NTFS or CIFS file system that, when processed by an application using readdir_r(), would cause that application to crash or, potentially, allow the attacker to execute arbitrary code with the privileges of the user running the application.
b3670bf99e729d8603ae71eacabbc18f59496e8dd9b47853146f872e46fc46ac
Red Hat Security Advisory 2014-1388-02 - CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. A cross-site scripting flaw was found in the CUPS web interface. An attacker could use this flaw to perform a cross-site scripting attack against users of the CUPS web interface. It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system.
f40db663647458b2845b3f1ac29ff57140997773dd6238d70c6eb62820776ebf
Red Hat Security Advisory 2014-1389-02 - Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application.
c2947ddb91d4200d6e969ec8c1740f81beee6d987fb797c219ac8a48d6353a72
Ubuntu Security Notice 2383-1 - Jouni Malinen discovered that the wpa_cli tool incorrectly sanitized strings when being used with action scripts. A remote attacker could possibly use this issue to execute arbitrary commands.
dbfd203da2ea58a90e3d9c51a8330c4fa80c392048e1e661ceaa5c6d90ba8c8b
Ubuntu Security Notice 2372-1 - Bobby Holley, Christian Holler, David Bolter, Byron Campen, Jon Coppeard, Carsten Book, Martijn Wargers, Shih-Chiang Chien, Terrence Cole and Jeff Walden discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Atte Kettunen discovered a buffer overflow during CSS manipulation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
08a723b0a299c9014e713edd4a285bd0be2b7aa5c1ccbb8d993433caf2e3dc41
Ubuntu Security Notice 2345-1 - Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
e2168b608e74216482f19d8d3fbb6ee19bcbadc27f4200f81ca46f0781e73812
Ubuntu Security Notice 2382-1 - Jakub Wilk discovered that Requests incorrectly reused authentication credentials after being redirected. An attacker could possibly use this issue to obtain authentication credentials intended for another site.
2918a2dfceb738f5a4d7113d0d96705d222fba54b50d8d710713f825637cec12
Red Hat Security Advisory 2014-1626-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. Several information leak flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to disclose potentially sensitive information.
52c798b288f957b92fc2c3ea0200bbe47e4a1ec242577983340841c0210a25ea
Red Hat Security Advisory 2014-1552-02 - OpenSSH is OpenBSD's SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record. It was found that OpenSSH did not properly handle certain AcceptEnv parameter values with wildcard characters. A remote attacker could use this flaw to bypass intended environment variable restrictions.
fb95bead5faf7e3d2a1535309cf11df56a72ffbadce90698ce7cfccc3976f3a0
Red Hat Security Advisory 2014-1606-02 - The "file" command is used to identify a particular file according to the type of data contained in the file. The command can identify various file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file parsed certain Composite Document Format files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file.
abe0ed469d7ae83d0ad40aebd791f00a02439feaa1060a6f6cfecd1c3806dafe
Red Hat Security Advisory 2014-1507-02 - TrouSerS is an implementation of the Trusted Computing Group's Software Stack specification. You can use TrouSerS to write applications that make use of your TPM hardware. TPM hardware can create, store and use RSA keys securely, verify a platform's software state using cryptographic hashes and more. A flaw was found in the way tcsd, the daemon that manages Trusted Computing resources, processed incoming TCP packets. A remote attacker could send a specially crafted TCP packet that, when processed by tcsd, could cause the daemon to crash. Note that by default tcsd accepts requests on localhost only.
e765dcadf5a2276e24da15a59513a3a71ec160296892652f3e7c465c088ed136
Red Hat Security Advisory 2014-1436-02 - The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an X11 server via a malicious X11 client could use either of these flaws to potentially escalate their privileges on the system.
9bc4b5a9aabf00bcff355671d5717e02f39198aa036cfa96c9e9b2205910a13d
The YourMembers plugin suffers from a remote blind SQL injection vulnerability.
34b180723f254743774b9845c02498d5a89abe04795b5f0daa2a0ea28a3c7a10
jom3aco suffers from remote SQL injection and file upload vulnerabilities.
eeef7c799a5d2166373fd06844883567dde5c06fa94cf8b3cbaba6cb51e114b5