Feed aggregator

[CVE-2015-3188] Apache Storm remote code execution vulnerability

BugTraq Latest Security Advisories - June 23, 2015 - 7:05am

Posted by P. Taylor Goetz on Jun 23

CVE-2015-3188: Apache Storm remote code execution vulnerability

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Apache Storm 0.10.0-beta

Description:
The UI daemon in Apache Storm 0.10.0-beta allows remote users to run
arbitrary code as the user running the web server. With kerberos
authentication this could allow impersonation of arbitrary users on other
systems, including HDFS and HBase.

Mitigation:...
Categories:

Bugtraq: [SECURITY] [DSA 3293-1] pyjwt security update

[SECURITY] [DSA 3293-1] pyjwt security update
Categories:

Bugtraq: [CVE-2015-3188] Apache Storm remote code execution vulnerability

[CVE-2015-3188] Apache Storm remote code execution vulnerability
Categories:

Bugtraq: Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability

Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability
Categories:

Bugtraq: Ebay Magento Bug Bounty #10 - Persistent Filename Vulnerability

Ebay Magento Bug Bounty #10 - Persistent Filename Vulnerability
Categories:

Bugtraq: Ebay Magento Bug Bounty #17 - Client Side Cross Site Scripting Web Vulnerability

Ebay Magento Bug Bounty #17 - Client Side Cross Site Scripting Web Vulnerability
Categories:

Bugtraq: ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability

ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability
Categories:

next-20150623: linux-next

Linux Kernel Updates - June 23, 2015 - 3:14am
Version:next-20150623 (linux-next) Released:2015-06-23