Multiple security vulnerabilities have been discovered in the Tomcat
servlet and JSP engine, which may result in possible timing attacks to
determine valid user names, bypass of the SecurityManager, disclosure of
system properties, unrestricted access to global resources, arbitrary
file overwrites, and potentially escalation of privileges.
Monthly Archives: November 2016
Putty 0.67 Cleartext Password Storage
Putty version 0.67 suffers from a cleartext password storage vulnerability.
ScriptCase CSRF / XSS / SQL Injection
ScriptCase versions 8.1.053, 8.1.051, and 8.1.43.0 suffer from token bypass, user enumeration, local privilege escalation, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
HP Security Bulletin HPSBHF03675 1
HP Security Bulletin HPSBHF03675 1 – A potential security vulnerability was addressed by HPE Integrated Lights-Out 3 and 4. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of this advisory.
OpManager 12100 / 12200 Cross Site Scripting / Denial Of Service
OpManager versions 12100 and 12200 suffer from multiple cross site scripting and denial of service vulnerabilities.
Joomla K2 2.7.1 Shell Upload / Cross Site Request Forgery
Joomla K2 extension versions 2.5.0 through 2.7.1 suffer from cross site request forgery and remote shell upload vulnerabilities.
Slackware Security Advisory – mozilla-firefox Updates
Slackware Security Advisory – New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues.
Re: Stored Cross-Site Scripting in WP Canvas – Shortcodes WordPress Plugin
Posted by Summer of Pwnage on Nov 20
Hi Larry,
The entire advisories are posted to the oss-security mailing list.
Cheers,
Team Summer of Pwnage
Re: Stored Cross-Site Scripting in WP Canvas – Shortcodes WordPress Plugin
Posted by Larry W. Cashdollar on Nov 20
Hello All,
These are really great advisories, my only wish is that they were copied to the security lists in their entirety. This
way we aren’t relying on a single point of failure (your website) when looking for the data in the future.
Thanks!
Larry
Joomla plugin K2 RCE via CSRF or WCI
Posted by Anti Räis on Nov 20
K2 RCE via CSRF or WCI
######################
Information
===========
Name: K2 Joomla! Extension 2.5.0 – 2.7.1
Software: K2
Platform: Joomla 3.6.2
Homepage: https://getk2.org/, http://extensions.joomla.org/extension/k2
Vulnerability: RCE, arbitrary file upload, missing CSRF protection
Prerequisites: victim has to be authenticated user with administrator role
CVE: pending
Credit: Anti Räis
HTML version:…