SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express

2015-07-16 Thread SEC Consult Vulnerability Lab
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory < 20150716-0 > === title: Permanent Cross-Site Scripting product: Oracle Application Express vuln

Elasticsearch CVE-2015-5531

2015-07-16 Thread Kevin Kluge
Summary: Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack that allows an attacker to retrieve files that are readable by the Elasticsearch JVM process. We have been assigned CVE-2015-5531 for this issue. Fixed versions: Versions 1.6.1 and 1.7.0 addres

Elasticsearch CVE-2015-5377

2015-07-16 Thread Kevin Kluge
Summary: Elasticsearch versions prior to 1.6.1 are vulnerable to an engineered attack on its transport protocol that enables remote code execution. This issue is related to the Groovy announcement in CVE-2015-3253. Deployments are vulnerable even when Groovy dynamic scripting is disabled.

ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability

2015-07-16 Thread Security Alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability ESA Identifier: ESA-2015-123 CVE Identifier: CVE-2015-4529 Severity Rating: CVSS v2 Base Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N) Affected products: • EMC Documentum WebTop ver

ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability

2015-07-16 Thread Security Alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability EMC Identifier: ESA-2015-122 CVE Identifier: CVE-2015-4528 Severity Rating: CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P) Affected products: • EMC Documentu

Re: [FD] 15 TOTOLINK router models vulnerable to multiple RCEs

2015-07-16 Thread Joshua Wright
> Title: 15 TOTOLINK router models vulnerable to multiple RCEs > Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x00.txt > Blog URL: > https://pierrekim.github.io/blog/2015-07-16-15-TOTOLINK-products-vulnerable-to-multiple-RCEs.html > Date published: 2015-07-16 > Vendors contac

[CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure

2015-07-16 Thread Cédric Champeau
Severity: Important Vendor: The Apache Software Foundation Versions Affected: All unsupported versions ranging from 1.7.0 to 2.4.3. Impact Remote execution of untrusted code, DoS Description When an application has Groovy on classpath and that it uses standard Java serialization mechanims to

Backdoor and RCE found in 8 TOTOLINK router models

2015-07-16 Thread Pierre Kim
Hello, Please find a text-only version below sent to security mailing-lists. The complete version on analysing the backdoor in TOTOLINK products is posted here: https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html === text-version of the advisory