Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.95.4 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
Monthly Archives: December 2014
CVE-2014-9087 (libskba)
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.
Sandbox Escape Bug in Adobe Reader Disclosed
Details and exploit code for a vulnerability in Adobe Reader have surfaced and the bug can be used to break out of the Reader sandbox and execute arbitrary code. The bug was discovered earlier this year by a member of Google’s Project Zero and reported to Adobe, which made a change to Reader that made it […]
[RT-SA-2014-011] EntryPass N5200 Credentials Disclosure
Posted by RedTeam Pentesting GmbH on Dec 01
Advisory: EntryPass N5200 Credentials Disclosure
EntryPass N5200 Active Network Control Panels allow the unauthenticated
downloading of information that includes the current administrative
username and password.
Details
=======
Product: EntryPass N5200 Active Network Control Panel
Affected Versions: unknown
Fixed Versions: not available
Vulnerability Type: Information Disclosure, Credentials Disclosure
Security Risk: high
Vendor URL:…
[RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire
Posted by RedTeam Pentesting GmbH on Dec 01
Advisory: Information Disclosure in TYPO3 Extension ke_questionnaire
The TYPO3 extension ke_questionnaire stores answered questionnaires in a
publicly reachable directory on the webserver with filenames that are
easily guessable.
Details
=======
Product: ke_questionnaire
Affected Versions: 2.5.2 (possibly all versions)
Fixed Versions: unknown
Vulnerability Type: Information Disclosure
Security Risk: medium
Vendor URL:…
[RT-SA-2014-007] Remote Code Execution in TYPO3 Extension ke_dompdf
Posted by RedTeam Pentesting GmbH on Dec 01
Advisory: Remote Code Execution in TYPO3 Extension ke_dompdf
During a penetration test RedTeam Pentesting discovered a remote code
execution vulnerability in the TYPO3 extension ke_dompdf, which allows
attackers to execute arbitrary PHP commands in the context of the
webserver.
Details
=======
Product: ke_dompdf TYPO3 extension
Affected Versions: 0.0.3<=
Fixed Versions: 0.0.5
Vulnerability Type: Remote Code Execution
Security Risk: high…
Drupal Memory Exhaustion
A vulnerability present in Drupal versions prior to 7.34 allows an attacker to send specially crafted requests resulting in CPU and memory exhaustion. This may lead to the site becoming unavailable or unresponsive (denial of service).
AVG’s Joanna Brace Appointed to MEF North and Latin America Board
MEF members elected ten new regional Board Directors during its recent MEF Global Forum in San Francisco. Among the new directors elected was AVG’s own Joanna Brace, VP Marketing & Product Marketing SMB.
Joanna leads AVG’s business global marketing, product management, product marketing, channels marketing, web marketing and partner enablement teams.
She brings understanding of the ever-changing SMB environment and the needs of todays’ mobile businesses to MEF. “The days when work was confined to an office with four walls and a locked door are gone. Thanks to mobile technology and popular cloud-based applications today’s start-ups are living in a world where doing business without walls is perfectly normal,” Joanna noted.
Judith Bitterli was elected to MEF’s Global Board in October. AVG has been an active MEF member in the policy working group which developed AppPrivacy, part of MEF’s Mobile Initiative, and sponsored exclusively MEF’s Global Consumer Trust Report in 2013 and 2014.
Red Hat Security Advisory 2014-1920-01
Red Hat Security Advisory 2014-1920-01 – Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails.
Ubuntu Security Notice USN-2429-1
Ubuntu Security Notice 2429-1 – It was discovered that ppp incorrectly handled certain options files. A local attacker could possibly use this issue to escalate privileges.