The Ambassador

The Ambassador is both warrior and diplomat. He listens to the words of those who deserve influence and guides those in his care as he guides himself. He acts not selfishly but for the betterment of all.

CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive

Posted by Portcullis Advisories on Apr 23

Vulnerability title: Unrestricted file upload in Livetecs Timelive
CVE: CVE-2014-2042
Vendor: Livetecs
Product: Timelive
Affected version: 6.2.71
Fixed version: 6.5.1
Reported by: Richard Hatch

Details:
It was discovered that it was possible for low-level TimeLive
application users to upload
files (by using the "My Projects".."Manage Project" functionality).
There was no restriction on
file types that could be uploaded and...


AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability

Posted by Vulnerability Lab on Apr 23

Document Title:
===============
AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1258

Release Date:
=============
2014-04-22

Vulnerability Laboratory ID (VL-ID):
====================================
1258

Common Vulnerability Scoring System:
====================================
8.7

Product & Service Introduction:...


CVE-2014-2383 - Arbitrary file read in dompdf

Posted by Portcullis Advisories on Apr 23

Vulnerability title: Arbitrary file read in dompdf
CVE: CVE-2014-2383
Vendor: dompdf
Product: dompdf
Affected version: v0.6.0
Fixed version: v0.6.1 (partial fix)
Reported by: Alejo Murillo Moyas

Details:
An arbitrary file read vulnerability is present on dompdf.php file that
allows remote or local attackers to read local files using a special
crafted argument. This vulnerability requires the configuration flag
DOMPDF_ENABLE_PHP to be enabled...


CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive

Posted by Portcullis Advisories on Apr 23

Vulnerability title: Unauthenticated access to sensitive information and
functionality in Livetecs Timelive
CVE: CVE-2014-1217
Vendor: Livetecs
Product: Timelive
Affected version: 6.2.71
Fixed version: 6.2.8
Reported by: Richard Hatch

Details:
It was possible to access a URL that allowed unauthenticated access
to sensitive configuration change functionality, and also revealed the
database connection
string (including authentication credentials)...


SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances

Posted by SEC Consult Vulnerability Lab on Apr 23

SEC Consult Vulnerability Lab Security Advisory < 20140423-0 >
=======================================================================
title: Path Traversal/Remote Code Execution
product: WD Arkeia Virtual Appliance (AVA)
vulnerable version: All Arkeia Network Backup releases (ASA/APA/AVA) since 7.0.3.
fixed version: 10.2.9
CVE number: CVE-2014-2846
impact: critical
homepage:...


[SECURITY] [DSA 2808-2] openjpeg regression update

Posted by Raphael Geissert on Apr 23

-------------------------------------------------------------------------
Debian Security Advisory DSA-2808-2 security () debian org
http://www.debian.org/security/ Raphael Geissert
April 22, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : openjpeg

A regression in the decoding of chroma-subsampled...


[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information

Posted by security-alert on Apr 23

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04260385

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04260385
Version: 1

HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running
OpenSSL, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible....


[security bulletin] HPSBST03015 rev.1 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information

Posted by security-alert on Apr 23

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04261644

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04261644
Version: 1

HPSBST03015 rev.1 - HP 3PAR OS running OpenSSL, Remote Disclosure of
Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-04-22
Last...


APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3

Posted by Apple Product Security on Apr 23

APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3

AirPort Base Station Firmware Update 7.7.3 is now available and
addresses the following:

Available for:
AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact: An attacker in a privileged network position may obtain
memory contents
Description: An out-of-bounds read issue existed in the OpenSSL
library when handling TLS heartbeat extension packets. An...


[security bulletin] HPSBST03000 rev.1 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information

Posted by security-alert on Apr 23

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04260637

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04260637
Version: 1

HPSBST03000 rev.1 - HP StoreEver ESL G3 Tape Library and Enterprise Library
LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted...