Cyber Intelligence Report News Feeds

News: Information Warfare



      News: HIPPA

      News: SCADA

      News: Cyber Laws & Legislation

      News: Computer Forensics

      Exploits

      CVE Advisories
      • CVE-2015-2790.
      • 2015-03-30
        Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image. (CVSS:4.3) (Last Update:2016-12-02)
      • CVE-2015-2789.
      • 2015-03-30
        Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. (CVSS:4.4) (Last Update:2016-12-02)
      • CVE-2015-2701.
      • 2015-03-25
        Cross-site request forgery (CSRF) vulnerability in CS-Cart 4.2.4 allows remote attackers to hijack the authentication of users for requests that change a user password via a request to profiles-update/. (CVSS:6.8) (Last Update:2016-12-02)
      • CVE-2015-2680.
      • 2015-03-23
        Cross-site request forgery (CSRF) vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request in the users page to gxadmin/index.php. (CVSS:6.8) (Last Update:2016-12-02)
      • CVE-2015-2679.
      • 2015-03-23
        Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php or (2) username parameter to gxadmin/login.php. (CVSS:7.5) (Last Update:2016-12-02)
      • CVE-2015-2678.
      • 2015-03-23
        Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php. (CVSS:4.3) (Last Update:2016-12-02)
      • CVE-2015-2564.
      • 2015-03-20
        SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php. (CVSS:6.5) (Last Update:2015-03-23)
      • CVE-2015-2275.
      • 2015-03-12
        Cross-site scripting (XSS) vulnerability in WoltLab Community Gallery 2.0 before 2014-12-26 allows remote attackers to inject arbitrary web script or HTML via the parameters[data][7][title] parameter in a saveImageData action to index.php/AJAXProxy. (CVSS:4.3) (Last Update:2016-12-02)
      • CVE-2015-2218.
      • 2015-03-05
        Multiple cross-site scripting (XSS) vulnerabilities in the wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) item[name] or (2) item[customcss] parameter in a wonderplugin_audio_save_item action to wp-admin/admin-ajax.php or the itemid parameter in the (3) wonderplugin_audio_show_item or (4) wonderplugin_audio_edit_item page to wp-admin/admin.php. (CVSS:4.3) (Last Update:2016-12-02)
      • CVE-2015-2216.
      • 2015-03-05
        SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prod_id parameter. (CVSS:7.5) (Last Update:2016-12-02)
      • CVE-2015-2208.
      • 2015-03-12
        The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter. (CVSS:7.5) (Last Update:2015-03-12)
      • CVE-2015-2199.
      • 2015-03-03
        Multiple SQL injection vulnerabilities in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow (1) remote authenticated users to execute arbitrary SQL commands via the item[id] parameter in a wonderplugin_audio_save_item action to wp-admin/admin-ajax.php or remote administrators to execute arbitrary SQL commands via the itemid parameter in the (2) wonderplugin_audio_show_item, (3) wonderplugin_audio_show_items, or (4) wonderplugin_audio_edit_item page to wp-admin/admin.php. (CVSS:6.5) (Last Update:2015-03-04)
      • CVE-2015-2198.
      • 2015-03-03
        Multiple cross-site scripting (XSS) vulnerabilities in edit_prefs.php in Beehive Forum 1.4.4 allow remote attackers to inject arbitrary web script or HTML via the (1) homepage_url, (2) pic_url, or (3) avatar_url parameter, which are not properly handled in an error message. (CVSS:4.3) (Last Update:2015-03-04)
      • CVE-2015-2196.
      • 2015-03-03
        SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php. (CVSS:7.5) (Last Update:2015-03-04)
      • CVE-2015-2184.
      • 2015-03-10
        ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to admin/, which calls the phpinfo function. (CVSS:5.0) (Last Update:2015-03-11)


      Advisories
      • Ubuntu Security Notice USN-3270-1.
      • Thu, 27 Apr 2017 23:47:18 GMT
        Ubuntu Security Notice 3270-1 - Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key. It was discovered that NSS incorrectly handled Base64 decoding. A remote attacker could use this flaw to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
      • Ubuntu Security Notice USN-3269-1.
      • Thu, 27 Apr 2017 15:38:07 GMT
        Ubuntu Security Notice 3269-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.55 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04 have been updated to MySQL 5.7.18. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
      • FreeBSD Security Advisory - FreeBSD-SA-17:04.ipfilter.
      • Thu, 27 Apr 2017 15:37:16 GMT
        FreeBSD Security Advisory - ipfilter(4), capable of stateful packet inspection, using the "keep state" or "keep frags" rule options, will not only maintain the state of connections, such as TCP streams or UDP communication, it also maintains the state of fragmented packets. When a packet fragments are received they are cached in a hash table (and linked list). When a fragment is received it is compared with fragments already cached in the hash table for a match. If it does not match the new entry is used to create a new entry in the hash table. If on the other hand it does match, unfortunately the wrong entry is freed, the entry in the hash table. This results in use after free panic (and for a brief moment prior to the panic a memory leak due to the wrong entry being freed). Carefully feeding fragments that are allowed to pass by an ipfilter(4) firewall can be used to cause a panic followed by reboot loop denial of service attack.
      • Gentoo Linux Security Advisory 201704-04.
      • Thu, 27 Apr 2017 15:37:10 GMT
        Gentoo Linux Security Advisory 201704-4 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 25.0.0.148 are affected.
      • Confluence 6.0.x Information Disclosure.
      • Wed, 26 Apr 2017 16:13:11 GMT
        The Confluence drafts diff rest resource made the current content of all blogs and pages in Confluence available without authentication. Attackers who can access the Confluence web interface of a vulnerable version can use this vulnerability to obtain the content of all blogs and pages inside Confluence. All versions of Confluence starting with version 6.0.0 but less than 6.0.7 (the fixed version for 6.0.x) are affected by this vulnerability.
      • Apache Hadoop DataNode Missed Validation.
      • Wed, 26 Apr 2017 16:07:49 GMT
        HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated. Apache Hadoop versions 2.6.x and earlier are affected.
      • Red Hat Security Advisory 2017-1162-01.
      • Wed, 26 Apr 2017 16:06:09 GMT
        Red Hat Security Advisory 2017-1162-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. The python27 Software Collection has been upgraded to version 2.7.13, which provides a number of bug fixes and enhancements over the previous version.
      • Red Hat Security Advisory 2017-1161-01.
      • Wed, 26 Apr 2017 16:05:26 GMT
        Red Hat Security Advisory 2017-1161-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. The httpd24 Software Collection has been upgraded to version 2.4.25, which provides a number of bug fixes and enhancements over the previous version.
      • Debian Security Advisory 3834-1.
      • Wed, 26 Apr 2017 16:04:50 GMT
        Debian Linux Security Advisory 3834-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.55, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes.
      • Samsung Smart TV Wi-Fi Direction Improper Authentication.
      • Wed, 26 Apr 2017 01:11:11 GMT
        Samsung Smart TV Wi-Fi allows for unfettered access to rogue devices by strictly whitelisting access via a mac address.
      • Ubuntu Security Notice USN-3266-2.
      • Tue, 25 Apr 2017 14:07:20 GMT
        Ubuntu Security Notice 3266-2 - USN-3266-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service.
      • Ubuntu Security Notice USN-3265-1.
      • Tue, 25 Apr 2017 14:07:15 GMT
        Ubuntu Security Notice 3265-1 - It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Andrey Konovalov discovered an out-of-bounds access in the IPv6 Generic Routing Encapsulation tunneling implementation in the Linux kernel. An attacker could use this to possibly expose sensitive information. Various other issues were also addressed.
      • Ubuntu Security Notice USN-3265-2.
      • Tue, 25 Apr 2017 14:07:08 GMT
        Ubuntu Security Notice 3265-2 - USN-3265-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
      • Ubuntu Security Notice USN-3266-1.
      • Tue, 25 Apr 2017 14:07:02 GMT
        Ubuntu Security Notice 3266-1 - Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service.
      • Ubuntu Security Notice USN-3264-2.
      • Tue, 25 Apr 2017 14:06:54 GMT
        Ubuntu Security Notice 3264-2 - USN-3264-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.


      Published Website Defacements

      Ethical Hacker job postings

      - ...

      Contact us for more information