The Vulnerability Laboratory Core Research Team discovered a restriction filter bypass in the official PayPal Inc Mobile API for Apple iOS.
It was discovered that the HipChat For JIRA plugin had a resource that combined user input into a velocity template source and subsequently rendered it. Authenticated attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of the HipChat For JIRA plugin enabled. To exploit this issue attackers need to be able to access the JIRA web interface and log into JIRA. All versions of JIRA from 6.3.5 before 6.4.11 are affected by this vulnerability. All versions of HipChat For JIRA plugin from 1.3.2 before 6.30.0 are affected by this vulnerability.
A vulnerability within the xrvkp module allows an attacker to inject memory they control into an arbitrary location they define. This vulnerability can be used to overwrite function pointers in HalDispatchTable resulting in an elevation of privilege.
Vulnerabilities within the srvkp module allows an attacker to inject memory they control into an arbitrary location they define or cause memory corruption. IOCTL request codes 0x96002400 and 0x96002404 have been demonstrated to trigger these vulnerabilities. These vulnerabilities can be used to obtain control of code flow in a privileged process and ultimately be used to escalate the privilege of an attacker. Version affected is 22.214.171.12430.
FortiClient drivers are prone to multiple attacks and expose a wide surface that allows users to easily get SYSTEM privileges.
HP Security Bulletin HPSBMU03339 1 - A potential security vulnerability has been identified with HP LoadRunner Controller. The vulnerability could be exploited locally to allow execution of arbitrary code. Revision 1 of this advisory.
Red Hat Security Advisory 2015-1700-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. A command injection flaw was found in the pcsd web UI. An attacker able to trick a victim that was logged in to the pcsd web UI into visiting a specially crafted URL could use this flaw to execute arbitrary code with root privileges on the server hosting the web UI. A race condition was found in the way the pcsd web UI backend performed authorization of user requests. An attacker could use this flaw to send a request that would be evaluated as originating from a different user, potentially allowing the attacker to perform actions with permissions of a more privileged user.
Ubuntu Security Notice 2727-1 - It was discovered that GnuTLS incorrectly handled parsing CRL distribution points. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. Kurt Roeckx discovered that GnuTLS incorrectly handled a long DistinguishedName (DN) entry in a certificate. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
Red Hat Security Advisory 2015-1699-01 - Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks.
This archive contains 227 exploits that were added to Packet Storm in August, 2015.
HP Security Bulletin HPSBGN03403 1 - A potential security vulnerability has been identified in HP Virtualization Performance Viewer. The RC4 stream cipher vulnerability in SSL/TLS known as "Bar Mitzvah" could be exploited remotely to allow unauthorized disclosure of information. Revision 1 of this advisory.