Kurt Seifried

**Name of the Vulnerable Software and Affected Versions** Openshift Enterprise (affected versions not specified) **Description** An input validation issue exists due to a direct mapping between tenants in Hawkular Metrics and projects/namespaces in OpenShift. This allows a new project with the same name as a previously deleted project to access the metrics stored from the original project instance. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** swfupload plugin for wordpress (affected versions not specified) **Description** The issue is related to an object injection vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Debian x11-common versions prior to 1:7.6+12 **Description** The init script in the Debian x11-common package is vulnerable to a symlink attack, which can lead to a privilege escalation during package installation. **Recommendations** For versions prior to 1:7.6+12, update to version 1:7.6+12 or later to resolve the issue. As a temporary workaround, consider restricting package installation privileges to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 3.1 **Description** The issue allows local users to obtain sensitive keystroke information via access to `/proc/interrupts`. This is due to a problem in `fs/proc/base.c` in the Linux kernel. **Recommendations** For Linux kernel versions through 3.1, consider restricting access to the `/proc/interrupts` API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** jclouds (affected versions not specified) **Description** A flaw was discovered in the jclouds scriptbuilder Statements class, which writes a temporary file to a predictable location. This could allow an attacker to access sensitive data, cause a denial of service, or perform other attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: OpenX Ad Server version 2.8.10 Description: A code execution issue exists due to a backdoor in the flowplayer-3.1.1.min.js library, potentially allowing a remote malicious user to execute arbitrary PHP code. Recommendations: For OpenX Ad Server version 2.8.10, consider removing or disabling the flowplayer-3.1.1.min.js library to prevent exploitation until a patch is available.

Name of the Vulnerable Software and Affected Versions: Magento versions prior to 1.7.0.2 Description: The issue concerns an information disclosure problem. Recommendations: For versions prior to 1.7.0.2, update to version 1.7.0.2 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: ZPanel versions prior to 10.1.0 Description: The issue allows for Remote Command Execution. Recommendations: For versions prior to 10.1.0, update to version 10.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Shaman version 1.0.9 **Description** The issue allows users to gain root privileges without entering the root password by adding the line `askforpwd=false` to the `shaman.conf` file. This configuration change enables root access the next time Shaman is run, even if the user never entered the root password. **Recommendations** For Shaman version 1.0.9, to resolve the issue, users should remove the line `askforpwd=false` from the `shaman.conf` file to ensure that root privileges are only granted after entering the root password. As a temporary workaround, consider restricting access to the `shaman.conf` file to prevent unauthorized modifications.

Name of the Vulnerable Software and Affected Versions: WordPress W3 Total Cache Plugin version 0.9.2.8 Description: The issue allows for remote PHP code execution. Recommendations: For WordPress W3 Total Cache Plugin version 0.9.2.8, update to a version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: Simple Machines Forum (SMF) versions through 2.0.5 Description: The issue affects Simple Machines Forum, allowing for cross-site scripting (XSS) attacks. Recommendations: For versions through 2.0.5, update to a version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: Basic webmail module versions 6.x-1.x before 6.x-1.2 Description: The issue allows remote authenticated users with the `access basic webmail` permission to read arbitrary users' email addresses. Recommendations: For Basic webmail module versions 6.x-1.x before 6.x-1.2, update to version 6.x-1.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** LinuxMint (affected versions not specified) **Description** The issue concerns temporary file creation vulnerabilities in the mintNanny component of LinuxMint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LinuxMint (affected versions not specified) **Description** The issue concerns temporary file creation vulnerabilities in the mintUpdate component of LinuxMint. As of 2012-03-19, LinuxMint is affected by this issue. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: WordPress Super Cache Plugin version 1.3 Description: The issue is related to a Cross-Site Scripting (XSS) problem. Recommendations: For WordPress Super Cache Plugin version 1.3, update to a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: OpenShift Origin (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart, specifically through the `download from url` function. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: py-bcrypt versions prior to 0.3 Description: The issue arises from improper handling of concurrent memory access in the py-bcrypt module, allowing attackers to bypass authentication. This is achieved through multiple authentication requests that trigger the password hash to be overwritten. Recommendations: For versions prior to 0.3, update to version 0.3 or later to resolve the issue. As a temporary workaround, consider implementing synchronization mechanisms to prevent concurrent access to the password hash. Restrict access to authentication endpoints to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Freeciv versions prior to 2.3.3 Description: The issue allows remote attackers to cause a denial of service via a crafted packet. Recommendations: For versions prior to 2.3.3, update to version 2.3.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** SMF versions through v2.0.3 **Description** The issue allows co-admins in shared SMF deployments to read arbitrary files on the filesystem, potentially gaining new privileges by accessing sensitive information such as database passwords stored in settings.php. This is particularly concerning in configurations where co-admins are not fully trusted. **Recommendations** For versions through v2.0.3, update to a version newer than v2.0.3 to resolve the issue. As a temporary workaround, consider restricting access to sensitive files such as settings.php to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** BrowserID (Mozilla Persona) module versions 7.x-1.x before 7.x-1.3 for Drupal **Description** The issue allows remote attackers to hijack the authentication of arbitrary users via the `audience identifier`. This is a problem where an attacker can take control of another user's authentication. **Recommendations** For BrowserID (Mozilla Persona) module versions 7.x-1.x before 7.x-1.3, update to version 7.x-1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the authentication mechanism until the update is applied.