Feed aggregator

Bugtraq: Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting

Security Focus Latest Security Advisories - June 19, 2017 - 11:00am
Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting
Categories:

Bugtraq: ESA-2017-041: EMC VNX1 and VNX2 Family Multiple Vulnerabilities in VNX Control Station

Security Focus Latest Security Advisories - June 19, 2017 - 11:00am
ESA-2017-041: EMC VNX1 and VNX2 Family Multiple Vulnerabilities in VNX Control Station
Categories:

4.12-rc6: mainline

Linux Kernel Updates - June 19, 2017 - 9:19am
Version:4.12-rc6 (mainline) Released:2017-06-19 Source:linux-4.12-rc6.tar.gz Patch:full (incremental)

Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting

BugTraq Latest Security Advisories - June 19, 2017 - 8:04am

Posted by ghasseminia on Jun 19

# Vulnerability type: Cross Site Scripting
# Vendor: Ektron
# Product: Ektron Content Management System
# Affected version: 9.10SP1(Build 9.1.0.184)
# Patched version: 9.1.0.184SP3(9.1.0.184.3.127)
# Credit: Siyavash Ghasseminia
# CVE ID: CVE-2016-6201

# PROOF OF CONCEPT

Vulnerable URL:
/WorkArea/content.aspx?id=0&action=ViewContentByCategory&LangType=1033&ContType=zjgsa&SubType=0

# VULNERABLE PARAMETERS:
- ContType

# SAMPLE...
Categories:

Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting

BugTraq Latest Security Advisories - June 19, 2017 - 7:48am

Posted by ghasseminia on Jun 19

# Vulnerability type: Cross Site Scripting
# Vendor: Ektron
# Product: Ektron Content Management System
# Affected version: 9.10SP1(Build 9.1.0.184)
# Patched version: 9.1.0.184SP3(9.1.0.184.3.127)
# Credit: Siyavash Ghasseminia
# CVE ID: CVE-2016-6133

# PROOF OF CONCEPT

Vulnerable URL:
/WorkArea/SelectUserGroup.aspx?action=Report&rptStatus

# VULNERABLE PARAMETERS:
- rptStatus

# SAMPLE PAYLOAD
-...
Categories:

Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting

BugTraq Latest Security Advisories - June 19, 2017 - 7:34am

Posted by ghasseminia on Jun 19

# Vulnerability type: Cross Site Scripting
# Vendor: Ektron
# Product: Ektron Content Management System
# Affected version: 9.10SP1(Build 9.1.0.184)
# Patched version: 9.1.0.184SP3(9.1.0.184.3.127)
# Credit: Siyavash Ghasseminia, Edmund Goh
# CVE ID: CVE-2016-6133

# PROOF OF CONCEPT

Vulnerable URL:
/WorkArea/workarea.aspx?page=content.aspx&action=ViewContentByCategory&folder_id=0&LangType=1033

# VULNERABLE PARAMETERS:
- folder_id...
Categories:

Bugtraq: June 2017 - Bamboo - Critical Security Advisory

June 2017 - Bamboo - Critical Security Advisory
Categories:

Bugtraq: [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege

[security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege
Categories:

Bugtraq: [SECURITY] [DSA 3882-1] request-tracker4 security update

[SECURITY] [DSA 3882-1] request-tracker4 security update
Categories:

next-20170619: linux-next

Linux Kernel Updates - June 19, 2017 - 3:16am
Version:next-20170619 (linux-next) Released:2017-06-19

Vuln: GNU GRUB CVE-2017-9763 Remote Denial Of Service Vulnerability

Security Focus Latest Security Advisories - June 18, 2017 - 11:00pm
GNU GRUB CVE-2017-9763 Remote Denial Of Service Vulnerability
Categories:

Vuln: Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability

Security Focus Latest Security Advisories - June 18, 2017 - 11:00pm
Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
Categories:

Vuln: IBM WebSphere MQ CVE-2017-1117 Denial of Service Vulnerability

Security Focus Latest Security Advisories - June 18, 2017 - 11:00pm
IBM WebSphere MQ CVE-2017-1117 Denial of Service Vulnerability
Categories:

Vuln: Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability

Security Focus Latest Security Advisories - June 18, 2017 - 11:00pm
Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability
Categories:

Vuln: Apache HTTP Server CVE-2017-3169 Denial of Service Vulnerability

Security Focus Latest Security Advisories - June 18, 2017 - 11:00pm
Apache HTTP Server CVE-2017-3169 Denial of Service Vulnerability
Categories:

Vuln: Apache HTTP Server CVE-2017-7659 Denial of Service Vulnerability

Security Focus Latest Security Advisories - June 18, 2017 - 11:00pm
Apache HTTP Server CVE-2017-7659 Denial of Service Vulnerability
Categories:

Vuln: Microsoft Windows Uniscribe CVE-2017-0283 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - June 18, 2017 - 11:00pm
Microsoft Windows Uniscribe CVE-2017-0283 Remote Code Execution Vulnerability
Categories:

Vuln: PAX Linux CVE-2017-1000377 Security Bypass Vulnerability

Security Focus Latest Security Advisories - June 18, 2017 - 11:00pm
PAX Linux CVE-2017-1000377 Security Bypass Vulnerability
Categories:

Vuln: Linux Kernel CVE-2017-1000371 Local Security Bypass Vulnerability

Security Focus Latest Security Advisories - June 18, 2017 - 11:00pm
Linux Kernel CVE-2017-1000371 Local Security Bypass Vulnerability
Categories:

Vuln: Linux Kernel CVE-2017-1000364 Local Memory Corruption Vulnerability

Security Focus Latest Security Advisories - June 18, 2017 - 11:00pm
Linux Kernel CVE-2017-1000364 Local Memory Corruption Vulnerability
Categories: