9 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors. Múltiples vulnerabilidades de inyección SQL en BOINC, permiten a atacantes remotos ejecutar comandos SQL arbitrarios por medio de vectores no especificados. • http://www.openwall.com/lists/oss-security/2013/04/28/3 http://www.openwall.com/lists/oss-security/2013/04/29/11 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account. This attack appear to be exploitable via Specially crafted URL. This vulnerability appears to have been fixed in 1.0.3. Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code, en su versión 0.9-1.0.2, contiene una vulnerabilidad CWE-302: omisión de autenticación por datos que se asume que son inmutables en la página de "Website Terms of Service Acceptance" que puede resultar en el acceso a cualquier cuenta de usuario. Este ataque parece ser explotable mediante una URL especialmente manipulada. • https://github.com/BOINC/boinc/issues/2907 • CWE-287: Improper Authentication •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon. arpwatch v2.1a15, tal y como se usa en Red Hat, Debian, Fedora, y posiblemente otros, no libera correctamente los grupos complementarios, lo que podría permitir a un atacante obtener privilegios de superadministrador aprovechándose de otras vulnerabilidades en el demonio. • http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082553.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082565.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082569.html http://www.debian.org/security/2012/dsa-2481 http://www.mandriva.com/security/advisories?name=MDVSA-2012:113 http://www.openwall.com/lists/oss-security/2012/05/24/12 http://www.openwall.com/lists/oss-security/2012/05/24/13 http://www.openwall.com& •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 2

The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_decrypt function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. La función decrypt_public en lib/crypt.cpp en el cliente Berkeley Open Infrastructure for Network Computing (BOINC) v6.2.14 y v6.4.5, no comprueba adecuadamente el valor de retorno de la función OpenSSL RSA_public_decrypt, lo que permitiría a atacantes remotos evitar la validación en cadena de los certificados a través de una firma SSL/TLS malformada, una vulnerabilidad similar a CVE-2008-5077. • http://boinc.berkeley.edu/trac/changeset/16883 http://boinc.berkeley.edu/trac/ticket/823 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511521 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html http://openwall.com/lists/oss-security/2009/01/12/4 http://secunia.com/advisories/33806 http://secunia.com/advisories/33828 https://bugzilla.redhat.com/show_bug.cgi?id=479664 https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00034.html • CWE-287: Improper Authentication •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2

Multiple cross-site scripting (XSS) vulnerabilities in Boinc Forum 5.10.20 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to forum_forum.php, or the search_string parameter to forum_text_search_action.php in a (2) titles or (3) bodies search. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Boinc Forum 5.10.20 y versiones anteriores permiten a atacantes remotos inyectar scripts web o HTML de su elección a través del parámetro (1) id en forum_forum.php, ó search_string en forum_text_search_action.php en una búsqueda (2) títulos ó (3) cuerpos. • https://www.exploit-db.com/exploits/30575 https://www.exploit-db.com/exploits/30576 http://securityreason.com/securityalert/3139 http://www.securityfocus.com/archive/1/479182/100/0/threaded http://www.securityfocus.com/bid/25644 https://exchange.xforce.ibmcloud.com/vulnerabilities/36577 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •