Monthly Archive: November 2015

The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages. Date...

Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtain sensitive information or possibly gain...

XML external entity (XXE) vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used...

Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protection tokens, which makes it easier for remote attackers to bypass the CSRF protection mechanism via a brute force...

The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request. Date published : 2015-11-25 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 https://access.redhat.com/errata/RHSA-2016:0070

OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error. Date published : 2015-11-25...

OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python module when loading metadata, which allows remote authenticated users to execute arbitrary code via a crafted extended attribute (xattrs). Date published...

The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619. Date published :...

SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274. Date...

Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive information, cause a...

Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered device. Date...

Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via...

The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows remote administrators to obtain sensitive information or cause a denial of service via a crafted message. Date published :...

Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file. Date published : 2015-11-24 http://www.securityfocus.com/archive/1/536961/100/0/threaded http://packetstormsecurity.com/files/134513/Steam-2.10.91.91-Weak-File-Permissions-Privilege-Escalation.html