BenTasker.co.uk

Home
Blog
Whitepapers
Documentation
Videos
Shop
Feeds
Photography

Home / Blog / Security

Latest Posts

Asus Nexus 7 Charger Port Repair
Saab 9-3: Front Brake Pads and Disc Replacement
Building and running your own DNS-over-HTTPS Server
Saab 9-3: Reading Brake Replacement Codes
Solution to my April 2016 Puzzle

Security

A guide to designing Account Security Mechanisms	26 March 2017
Don't Use Web2Tor/Tor2Web (especially Onion.cab)	04 March 2017
The State of Mobile Banking (in the UK)	21 June 2016
The DVLA is routinely sending sensitive details via email	28 December 2014
Understanding Password Storage	22 June 2014
My Own Little HeartBleed Headache	19 April 2014
Why You Shouldn't be using SHA1 or MD5 to Store Passwords	07 June 2013
Darkleech Apache attacks on the rise, but is it really that hard to detect?	02 May 2013
Do We Take Security and Safety for Granted?	18 November 2011
Computrend Powergrid 902 Powerline Adaptors	25 May 2011

Page 1 of 3

Start
Prev
1
2
3
Next
End

Recent CVEs

CVE-2003-0367 (debian_linux, gzip)
CVE-2007-1072 (unified_ip_phone_firmware_7906g, unified_ip_phone_firmware_7911g, unified_ip_phone_firmware_7941g, unified_ip_phone_firmware_7961g, unified_ip_phone_firmware_7970g, unified_ip_phone_firmware_7971g)
CVE-2007-1087 (db2)
CVE-2007-1088 (db2)
CVE-2007-1864 (debian_linux, enterprise_linux_server, enterprise_linux_workstation, php, ubuntu_linux)
CVE-2015-9287 (the_university_of_cambridge_web_authentication_system_apache_authentication_agent)
CVE-2016-10245
CVE-2016-10750 (hazelcast)
CVE-2016-10751
CVE-2016-10752

Return to listing

CVE-2003-0367 (debian_linux, gzip)

znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CVE-2007-1072 (unified_ip_phone_firmware_7906g, unified_ip_phone_firmware_7911g, unified_ip_phone_firmware_7941g, unified_ip_phone_firmware_7961g, unified_ip_phone_firmware_7970g, unified_ip_phone_firmware_7971g)

The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.

CVE-2007-1087 (db2)

IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow.

CVE-2007-1088 (db2)

Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows local users to execute arbitrary code via a long string in unspecified environment variables.

CVE-2007-1864 (debian_linux, enterprise_linux_server, enterprise_linux_workstation, php, ubuntu_linux)

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

CVE-2015-9287 (the_university_of_cambridge_web_authentication_system_apache_authentication_agent)

Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The key identification field ("kid") of the IdP's HTTP response message ("WLS-Response") can be manipulated by an attacker. The "kid" field is not signed like the rest of the message, and manipulation is therefore trivial. The "kid" field should only ever represent an integer. However, it is possible to provide any string value. An attacker could use this to their advantage to force the application agent to load the RSA public key required for message integrity checking from an unintended location.

CVE-2016-10245

Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection.

CVE-2016-10750 (hazelcast)

In Hazelcast before 3.11, the cluster join procedure is vulnerable to remote code execution via Java deserialization. If an attacker can reach a listening Hazelcast instance with a crafted JoinRequest, and vulnerable classes exist in the classpath, the attacker can run arbitrary code.

CVE-2016-10751

osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter. This is exploitable for remote PHP code execution because an administrator can upload an image that contains PHP code in the EXIF data via index.php?page=ajax&action=ajax_upload.

CVE-2016-10752

serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename.

Latest Posts

Asus Nexus 7 Charger Port Repair
Saab 9-3: Front Brake Pads and Disc Replacement
Building and running your own DNS-over-HTTPS Server
Saab 9-3: Reading Brake Replacement Codes
Solution to my April 2016 Puzzle

License Details
Privacy Policy
Cookies
Stored Data
Sitemap

Donations BTC: 14hJYqCNLi7yJH8QkUqB2VEg3jx4pXBN5X / https://paypal.me/BTasker

Based on a template by JoomSpirit, customised by B Tasker

JoomSpirit

About this template