displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) session_id or (2) template_id parameter, related to the command_line variable.
Monthly Archives: October 2014
CVE-2014-4766
IBM Sametime Classic Meeting Server 8.0.x and 8.5.x allows remote attackers to obtain sensitive information by reading an exported Record and Playback (RAP) file.
CVE-2014-3828
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 allow remote attackers to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid parameter to views/graphs/GetXmlTree.php, (3) the session_id parameter to views/graphs/graphStatus/displayServiceStatus.php, (4) the mnftr_id parameter to configuration/configObject/traps/GetXMLTrapsForVendor.php, or (5) the index parameter to common/javascript/commandGetArgs/cmdGetExample.php in include/.
DSA-3055 pidgin – security update
Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol
instant messaging client:
Vuln: Apple Mac OS X CVE-2014-4350 Buffer Overflow Vulnerability
Apple Mac OS X CVE-2014-4350 Buffer Overflow Vulnerability
Vuln: Apple QuickTime 'mvhd' Atom Heap Memory Corruption Vulnerability
Apple QuickTime ‘mvhd’ Atom Heap Memory Corruption Vulnerability
Vuln: Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
Vuln: Apple Mac OS X QuickTime CVE-2014-4351 'm4a' File Handling Buffer Overflow Vulnerability
Apple Mac OS X QuickTime CVE-2014-4351 ‘m4a’ File Handling Buffer Overflow Vulnerability
Ubuntu Security Notice USN-2387-1
Ubuntu Security Notice 2387-1 – The pollinate package bundles the certificate for entropy.ubuntu.com. This update refreshes the certificate to match the one currently used on the server.
Bugtraq: FreeBSD Security Advisory FreeBSD-SA-14:21.routed
FreeBSD Security Advisory FreeBSD-SA-14:21.routed