Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

Exim < 4.86.2 - Privilege Escalation Vulnerability

Description: CVE-2016-1531: Exim before 4.86.2, when installed as setuid root, allows local users to gain privileges via the perl_startup argument. Impact: When Exim installation has been compiled with Perl support and contains a  perl_startup configuration variable it can be exploited by malicious local  attackers to gain root privileges. Mitigation: Vendor...

Read more

0
06 Mar 2017
in Security Advisories & Alerts

Zimbra Collaboration Server 7.2.2 / 8.0.2 – Local File Inclusion Vulnerability

Description: CVE-2013-7091: Directory traversal vulnerability on /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the skin parameter. NOTE: This can be leveraged to execute arbitrary code by obtaining LDAP credentials and accessing the service/admin/soap API. Impact: An attacker can...

Read more

0
06 Mar 2017
in Security Advisories & Alerts

Linux Kernel 4.4.1 – REFCOUNT Overflow/Use-After-Free in Keyrings Privilege Escalation vulnerability

Description: CVE-2016-0728: The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. Impact: Local attackers may exploit this issue to...

Read more

0
06 Mar 2017
in Security Advisories & Alerts

Apache Struts – Dynamic Method Invocation – Remote Code Execution

Description: CVE-2016-3081: Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2 and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled allows remote attackers to execute arbitrary code via method: prefix, related to chained expressions. Impact: Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context...

Read more

0
06 Mar 2017
in Security Advisories & Alerts

Apache 2.4.23 (mod_http2) – Denial of Service

Description: CVE-2016-8740: The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request. Impact: Apache HTTPD Server...

Read more

0
06 Mar 2017
in Security Advisories & Alerts

PHPMailer < 5.2.20 - Remote Code Execution

Description: CVE-2016-10033: The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \” (backslash double quote) in a crafted Sender property. CVE-2016-10045: The isMail transport in PHPMailer before 5.2.20 might...

Read more

0
06 Mar 2017
in Security Advisories & Alerts

Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize -> Arbitrary Write File

Description: CVE-2016-4010: Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data. Impact:  Magento e-commerce platform is vulnerable to an unauthenticated arbitrary file write vulnerability. Attackers can exploit this issue to gain administrative access...

Read more

0
06 Mar 2017
in Security Advisories & Alerts

Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation vulnerability

Description: CVE-2016-8869: The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site. CVE-2016-8870: The register method in the UsersModelRegistration class in controllers/user.php in the Users...

Read more

0
06 Mar 2017
Page 30 of 32« First...1020...2829303132