Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the post parameter to wp-admin/post-new.php.
Monthly Archives: May 2015
CVE-2015-4066 (gigpress)
Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) show_artist_id or (2) show_venue_id parameter in an add action in the gigpress.php page to wp-admin/admin.php.
[Onapsis Security Advisory 2015-006] SAP HANA Information Disclosure via SQL IMPORT FROM statement
Posted by Onapsis Research Labs on May 27
Onapsis Security Advisory ONAPSIS-2015-006: SAP HANA Information
Disclosure via SQL IMPORT FROM statement
1. Impact on Business
=====================
Under certain conditions some SAP HANA Database commands could be
abused by a remote authenticated attacker to access information which
is restricted.
This could be used to gain access to confidential information.
Risk Level: Medium
2. Advisory Information
=======================
– Public…
[Onapsis Security Advisory 2015-007] SAP HANA Log Injection Vulnerability
Posted by Onapsis Research Labs on May 27
Onapsis Security AdvisoryONAPSIS-2015-007: SAP HANA Log Injection
Vulnerability
1. Impact on Business
=====================
Under certain conditions the SAP HANA XS engine is vulnerable to
arbitrary log
injection, allowing remote authenticated attackers to write arbitrary
information in log files.
This could be used to corrupt log files or add fake content misleading
an administrator.
Risk Level: Medium
2. Advisory Information…
Chamilo integration – Less Critical – Open Redirect – SA-CONTRIB-2015-115
- Advisory ID: DRUPAL-SA-CONTRIB-2015-115
- Project: Chamilo integration (third-party module)
- Version: 7.x
- Date: 2015-May-27
- Security risk: 8/25 ( Less Critical) AC:Basic/A:User/CI:None/II:None/E:Theoretical/TD:All
- Vulnerability: Open Redirect
Description
Chamilo integration module integrates Drupal with Chamilo LMS.
The module has an Open Redirect vulnerability, it doesn’t sufficiently check passed parameters in the URL. An attacker could trick users to visit malicious sites without realizing it.
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- Chamilo integration 7.x-1.x versions prior to 7.x-1.2
Drupal core is not affected. If you do not use the contributed Chamilo integration module, there is nothing you need to do.
Solution
- If you use the Chamilo integration module for Drupal 7.x, upgrade to Chamilo integration 7.x-1.2
Also see the Chamilo integration project page.
Reported by
- Pere Orga of the Drupal Security Team
Fixed by
- Yannick Warnier the module maintainer
- Fernando Paredes García the module maintainer
Coordinated by
- Pere Orga of the Drupal Security Team
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version:
Storage API – Moderately Critical – Access Bypass – SA-CONTRIB-2015-114
- Advisory ID: DRUPAL-SA-CONTRIB-2015-114
- Project: Storage API (third-party module)
- Version: 7.x
- Date: 2015-May-27
- Security risk: 13/25 ( Moderately Critical) AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon
- Vulnerability: Access bypass
Description
The Storage API module creates an underlying agnostic storage layer for Drupal using many different underlying storage methods. Storage API can be used to create fields for entities to hold data.
The module failed to restrict access to the Storage API fields attached to entities that are not nodes.
This is mitigated by the fact that only entities with fields using storage classes that have access restrictions are affected (they don’t have by default).
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- Storage API 7.x-1.x versions prior to 7.x-1.8.
Drupal core is not affected. If you do not use the contributed Storage API module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the Storage API module for Drupal 7.x, upgrade to Storage API 7.x-1.8
Also see the Storage API project page.
Reported by
Fixed by
Coordinated by
- Pere Orga of the Drupal Security Team
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version:
DbNinja Flash 3.2.6 Cross Site Scripting
DbNinja Flash version 3.2.6 suffers from multiple cross site scripting vulnerabilities.
CentOS-7 beta candidate for AArch64 platforms
We are pleased to announce the public beta release of CentOS Linux 7 for AArch64 compatible hardware. We've addressed a number of issues discovered from the previous 2 weeks of alpha testing, and feel that the release is stable enough to transition to beta. Improvements from Alpha ======================= Improved package selection: A number of additional packages have been added, including libreoffice, evolution, abrt, and more. Updated kernel: Some non-fatal kernel errors have been address by moving to a 4.1rc based kernel version. This also adds ACPI functionality to the platform. Improved Group selection: The installer now offers a larger group selection from the previous minimal-only install. Installation ============ Installation guides and documentation will be provided via the CentOS wiki, at http://wiki.centos.org/SpecialInterestGroup/AltArch/AArch64 Download ======== The full (unsigned) install tree is available at http://buildlogs.centos.org/centos/7/os/aarch64/ ============ Contributing The AArch64 effort is meant to be a community effort as part of the AltArch SIG (http://wiki.centos.org/SpecialInterestGroup/AltArch), and we welcome enthusiasts and vendors to contribute patches, fixes, documentation, etc. In the AArch64 Extras repository, we have provided the mock package and dependencies so that community members can more easily contribute, as well as testing their own builds locally. Please submit patches, fixes, etc to the Arm-Dev list (http://lists.centos.org/mailman/listinfo/arm-dev) for discussion and acceptance. We encourage vendors to come and join this effort, we have a loose organization focused on the alternative architectures build process and welcome interaction at the group level. Please get in touch with me (jperrin< at >centos.org) or K Singh ( kbsingh< at >centos.org ) to find out more details. The wider CentOS Ecosystem is also welcome to engage with us, both at the project and code level. If you are working with a project that interfaces, manages or develops on top of CentOS, specially in the virtualization, cloud, container and infrastructure management areas - we would love to have you guys get involved. While we don't have a lot of resources, we are working with a few vendors to build up a community resource pool that we would encourage other projects to share their development, testing and delivery around CentOS Linux for aarch64.
CEBA-2015:1033 CentOS 6 glibc BugFix Update
CentOS Errata and Bugfix Advisory 2015:1033 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1033.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: a193dd5a810304800b3c6c8c6ebe9cf7c812405c2c90c91a8d5e2f55c2808259 glibc-2.12-1.149.el6_6.9.i686.rpm a49df2dc9eb6106ed952593c72b1454e26eca771c68c659b426f458c3efb7a7b glibc-common-2.12-1.149.el6_6.9.i686.rpm f7c136221d3f6fb8d4c25ba4c1e4e49f052529608b350e29e5b2863275f29b33 glibc-devel-2.12-1.149.el6_6.9.i686.rpm afca31eff6e38e5a7b95e8737be5baff927d5b70b20bd93751148befa2745b02 glibc-headers-2.12-1.149.el6_6.9.i686.rpm 8ff405369f9bbc106364df0b169337c677fedcc1a501b8a92c86c9b9fb21fb14 glibc-static-2.12-1.149.el6_6.9.i686.rpm 70ddf8e976e4a4721ccfced10c5d1e07858afcb04b2fb00198c7641135daa295 glibc-utils-2.12-1.149.el6_6.9.i686.rpm 1c395ae1da4e73c7d60dc3ff4b372ea6d881d8102a15bb76f127a4ffea367cf2 nscd-2.12-1.149.el6_6.9.i686.rpm x86_64: a193dd5a810304800b3c6c8c6ebe9cf7c812405c2c90c91a8d5e2f55c2808259 glibc-2.12-1.149.el6_6.9.i686.rpm 712f9c468fa39edcb974433852db80d5cb6ce6cacb6d24f2050c04de62c834e3 glibc-2.12-1.149.el6_6.9.x86_64.rpm 62c09f50b6bb09105f34733e0ddf68f7313925c08b736e364fb4f9ee3ff6e137 glibc-common-2.12-1.149.el6_6.9.x86_64.rpm f7c136221d3f6fb8d4c25ba4c1e4e49f052529608b350e29e5b2863275f29b33 glibc-devel-2.12-1.149.el6_6.9.i686.rpm 3705c8079805449b4a01aa97aa6a7d8f467fedbf2ac88e5e9c3d58ebf15fc23e glibc-devel-2.12-1.149.el6_6.9.x86_64.rpm 9910a446ca5782bf4c8745abe63357ab368b6d36d8723a4ce978fec49064262d glibc-headers-2.12-1.149.el6_6.9.x86_64.rpm 8ff405369f9bbc106364df0b169337c677fedcc1a501b8a92c86c9b9fb21fb14 glibc-static-2.12-1.149.el6_6.9.i686.rpm ef0c6146fc033accef8e61c4821114d264db034643a254e2d2676b89f80f2cbf glibc-static-2.12-1.149.el6_6.9.x86_64.rpm 097fea253a97bdfc5bbf1114986cedfd24cc1bd3548c206b3986ee96175fad26 glibc-utils-2.12-1.149.el6_6.9.x86_64.rpm 74af55bb1cca30aa6e682230be1db3f6478cf8d0eff46b89e14ab93bdd4edd9a nscd-2.12-1.149.el6_6.9.x86_64.rpm Source: 707d103e880ad41fb7996eaa7f74575c942601b85cbbbec47363384619e1e869 glibc-2.12-1.149.el6_6.9.src.rpm
SOPHOS WAF JSON Filter Bypass
SOPHOS WAF fails to mitigate SQL injection attacks leveraged via JSON.