Remote Code Execution – Page 6 – Computer Security Articles

SSD Advisory – Serviio Media Server Multiple Vulnerabilities

May 2, 2017 admin Cross Site Scripting, Information Disclosure, Privilege Escalation, Remote Code Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: Maor Schwartz| Date: Tue, 02 May 2017 10:58:33 +0000

Vulnerabilities Summary The following advisory describes a five (5) vulnerabilities found in Serviio Media Server. Affected version: 1.8.0.0 PRO, 1.7.1, 1.7.0, 1.6.1. Serviio is a free media server. It allows you to stream your media files (music, video or images) to renderer devices (e.g. a TV set, Bluray player, games console or mobile phone) on … Continue reading SSD Advisory – Serviio Media Server Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – CloudBees Jenkins Unauthenticated Code Execution

May 1, 2017 admin Deserialization of untrusted data, Remote Code Execution, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Mon, 01 May 2017 06:28:11 +0000

Vulnerability Summary The following advisory describes Java deserialization vulnerability found in CloudBees Jenkins version 2.32.1 that leads to a Remote Code Execution. Jenkins helps to automate the non-human part of the whole software development process with now common things like continuous integration and by empowering teams to implement the technical aspects of continuous delivery. It … Continue reading SSD Advisory – CloudBees Jenkins Unauthenticated Code Execution

Independent Securiteam

SSD Advisory – SquirrelMail Remote Code Execution

April 25, 2017 admin Remote Code Execution, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Tue, 25 Apr 2017 05:24:06 +0000

Vulnerability Summary The following advisory describes Remote Code Execution found in SquirrelMail version 1.4.22. SquirrelMail is a standards-based webmail package written in PHP. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers. It has very … Continue reading SSD Advisory – SquirrelMail Remote Code Execution

Independent Securiteam

SSD Advisory – Linksys PPPoE Multiple Vulnerabilities

April 19, 2017 admin Buffer Overflow, Remote Code Execution, Remote Command Execution, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Wed, 19 Apr 2017 13:52:33 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Linksys EA, XAC and AC series devices. The vulnerabilities has been found in the way the Linksys devices (EA, XAC and AC series) handle the Point-to-point protocol over Ethernet (PPPoE) Discovery (PPPoED) process allowing an unprivileged active attacker on the same network segment (layer2) … Continue reading SSD Advisory – Linksys PPPoE Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Horde Groupware Webmail Multiple Remote Code Execution Vulnerabilities

April 9, 2017 admin Code Execution, Remote Code Execution, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Sun, 09 Apr 2017 10:28:46 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Horde Groupware Webmail. Horde Groupware Webmail Edition is a free, enterprise ready, browser based communication suite. Users can read, send and organize email messages and manage and share calendars, contacts, tasks, notes, files, and bookmarks with the standards compliant components from the Horde Project. … Continue reading SSD Advisory – Horde Groupware Webmail Multiple Remote Code Execution Vulnerabilities

Independent Securiteam

SSD Advisory – Oracle Knowledge Management XXE Leading to a RCE

March 19, 2017 admin Commentary, Directory Traversal, External Entity (XXE), Remote Code Execution

Credit to Author: Maor Schwartz| Date: Sun, 19 Mar 2017 08:05:05 +0000

Vulnerability Summary The following advisory describe Information Disclosure found in Oracle Knowledge Management version 8.5.1. By enabling searches across a wide variety of sources, Oracle’s InQuira knowledge management products offer simple and convenient ways for users to access knowledge that was once hidden in the myriad systems, applications, and databases used to store enterprise content. … Continue reading SSD Advisory – Oracle Knowledge Management XXE Leading to a RCE →