the original cloud security
Showing 1 - 25 of 524 RSS Feed

Files

Debian Security Advisory 2613-1
Posted Jan 31, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2613-1 - Lawrence Pit discovered that Ruby on Rails, a web development framework, is vulnerable to a flaw in the parsing of JSON to YAML. Using a specially crafted payload attackers can trick the backend into decoding a subset of YAML.

tags | advisory, web, ruby
systems | linux, debian
advisories | CVE-2013-0333
MD5 | 1bde4a6db8d50c770481ca03d0018698
Ubuntu Security Notice USN-1713-1
Posted Jan 31, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1713-1 - It was discovered that squid's cachemgr.cgi was vulnerable to excessive resource use. A remote attacker could exploit this flaw to perform a denial of service attack on the server and other hosted services. It was discovered that the patch for CVE-2012-5643 was incorrect. A remote attacker could exploit this flaw to perform a denial of service attack.

tags | advisory, remote, denial of service, cgi
systems | linux, ubuntu
advisories | CVE-2012-5643, CVE-2013-0189, CVE-2012-5643, CVE-2013-0189
MD5 | 58b069f12dab8e67f0c2d6a0e5ef412e
Red Hat Security Advisory 2013-0207-01
Posted Jan 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0207-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. The GUI installer created a world-readable auto-install XML file containing both the JBoss Enterprise Web Platform administrator password and the sucker password for the selected messaging system in plain text. A local user able to access the directory where the GUI installer for JBoss Enterprise Web Platform 5.1.2 was run could use this flaw to gain administrative access to the JBoss Enterprise Web Platform instance.

tags | advisory, java, web, local
systems | linux, redhat
advisories | CVE-2013-0218
MD5 | abae61c0e18d243e003f02ec5fc548d7
Red Hat Security Advisory 2013-0209-01
Posted Jan 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0209-01 - These packages provide a service that acts as a registry for virtual machine images. It was found that when the OpenStack Glance front-end communicated with an OpenStack Swift endpoint, the operator credentials could be logged in plain text when certain errors occurred during new image creation. An authenticated user could use this flaw to gain administrative access to an OpenStack Swift endpoint. This issue was discovered by Dan Prince of Red Hat.

tags | advisory, registry
systems | linux, redhat
advisories | CVE-2013-0212
MD5 | c5bf57b8bb82d262bc1d63fcfbc45e82
Red Hat Security Advisory 2013-0210-01
Posted Jan 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0210-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Red Hat will discontinue the extended subscription services provided through the Extended Lifecycle Support Add-On for Red Hat Enterprise Linux 3 on January 30, 2014. After that date, critical impact security fixes and urgent-priority bug fixes will no longer be available for the following products: Red Hat Enterprise Linux AS 3 Red Hat Enterprise Linux ES 3 After January 30, 2014, technical support through Red Hat’s Global Support Services will no longer be provided for these products.

tags | advisory
systems | linux, redhat
MD5 | a66692606dd7021b3ffacbdbaedf648f
Red Hat Security Advisory 2013-0206-01
Posted Jan 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0206-01 - JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. The GUI installer created a world-readable auto-install XML file containing both the JBoss Enterprise Application Platform administrator password and the sucker password for the selected messaging system in plain text. A local user able to access the directory where the GUI installer for JBoss Enterprise Application Platform 5.1.2 was run could use this flaw to gain administrative access to the JBoss Enterprise Application Platform instance.

tags | advisory, java, local
systems | linux, redhat
advisories | CVE-2013-0218
MD5 | 27adf80631e3257ef9734ca5059addee
Red Hat Security Advisory 2013-0208-01
Posted Jan 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0208-01 - The openstack-nova packages provide OpenStack Compute, a cloud computing fabric controller. The openstack-nova packages have been upgraded to upstream version 2012.2.2, which provides a number of bug fixes over the previous version. This update also fixes the following security issues: It was found that the boot-from-volume feature in nova-volume did not correctly validate if the user attempting to boot an image was permitted to do so. An authenticated user could use this flaw to bypass intended restrictions, allowing them to boot images they would otherwise not have access to, exposing data stored in other users' images. This issue did not affect configurations using the Cinder block storage mechanism, which is the default in Red Hat OpenStack.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-5625, CVE-2013-0208
MD5 | 04cab86910ad28c9e9f9b3d047d3dfb9
Ubuntu Security Notice USN-1712-1
Posted Jan 31, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1712-1 - It was discovered that Inkscape incorrectly handled XML external entities in SVG files. If a user were tricked into opening a specially-crafted SVG file, Inkscape could possibly include external files in drawings, resulting in information disclosure. It was discovered that Inkscape attempted to open certain files from the /tmp directory instead of the current directory. A local attacker could trick a user into opening a different file than the one that was intended. This issue only applied to Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10. Various other issues were also addressed.

tags | advisory, local, info disclosure
systems | linux, ubuntu
advisories | CVE-2012-5656, CVE-2012-6076, CVE-2012-5656, CVE-2012-6076
MD5 | ea8004c86e1fa051925e86afe6fbb2b1
Secunia Security Advisory 51925
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Marcela Benetrix has discovered a vulnerability in the WordPress Poll plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | d2d4fe7090b8f0194456223eb8994561
Secunia Security Advisory 51968
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 964b478314b60a8b3bde1a5056d2cb7f
Secunia Security Advisory 51998
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been discovered in the Simple History plugin for WordPress, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | d8ecf066f72e216b3c4fb39948b68c5c
Secunia Security Advisory 51942
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the WordPress Poll plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | ed899d23676694d814e58fa7de0d261a
Secunia Security Advisory 51948
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IRCD-Hybrid, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 4974802e11b44de676f6ebe84c2335e3
Secunia Security Advisory 52000
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libvirt. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
MD5 | 6a648f7af7d7fd4d54948f6e4aa00087
Secunia Security Advisory 51995
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VLC Media Player, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
MD5 | da88ce0ff236cced6cd45911794985fc
Secunia Security Advisory 52022
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM InfoSphere Information Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | b4cc8563b9831745409ceaaf14d1d665
Secunia Security Advisory 51985
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM InfoSphere Information Server, which can be exploited by malicious, local user to disclose potentially sensitive information and gain escalated privileges, by malicious users to bypass certain security restrictions, and by malicious people to conduct spoofing and cross-site scripting attacks and compromise a vulnerable system.

tags | advisory, local, spoof, vulnerability, xss
MD5 | 382dd79bcf345dc542b85b608a3c06e8
Secunia Security Advisory 51994
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Samba, which can be exploited by malicious people to conduct clickjacking attacks.

tags | advisory
MD5 | b63a26edd999e99aec2bb77c8a02e6b0
Secunia Security Advisory 52005
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Opera, where one has an unknown impact and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 44b4d47bcf0729a91a66fe437a3bdba8
Secunia Security Advisory 51963
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OpenStack Compute (Nova), which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | 1ac542e93466f4e62323df79b0d406ba
Secunia Security Advisory 51957
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in OpenStack Glance, which can be exploited by malicious users to disclose certain sensitive information.

tags | advisory
MD5 | abf8a8b339e035cc3c11dfc78d2d7c5c
Secunia Security Advisory 52016
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Network Admission Control (NAC), which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | cisco
MD5 | 055ddda971953ad3c27ad402f20fc984
Secunia Security Advisory 51916
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Devise, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | a6574d2c1095c10d766e6705ea08616d
Secunia Security Advisory 52020
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in IBM InfoSphere Information Server, which can be exploited by malicious users and malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | e8a7a665315f4c778a1c6489bd0150e7
Secunia Security Advisory 51990
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for glance. This fixes a security issue, which can be exploited by malicious users to disclose certain sensitive information.

tags | advisory
systems | linux, ubuntu
MD5 | 2632e3705bf30ac19c1a31679cc7d9fb
Page 1 of 21
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Even Pokemon Go Was Used By Russia To Meddle In The Election
Posted Oct 13, 2017

tags | headline, government, usa, russia, cyberwar
US Voices Frustration With Warrant-Proof Encryption
Posted Oct 13, 2017

tags | headline, government, privacy, usa, cryptography
An Unknown Hacker Stole Sensitive Data On Australia's War Planes
Posted Oct 13, 2017

tags | headline, hacker, government, australia, data loss, cyberwar
Legacy Office Feature Used In Novel Document Attacks
Posted Oct 13, 2017

tags | headline, hacker, malware, microsoft, flaw
Equifax Rival TransUnion Also Sends Site Visitors To Malicious Pages
Posted Oct 12, 2017

tags | headline, malware
The Myth Of Responsible Encryption: Experts Say It Can't Work
Posted Oct 12, 2017

tags | headline, government, backdoor, cryptography
Equifax Removes Webpage After Malware Issue
Posted Oct 12, 2017

tags | headline, malware, fraud, flaw, adobe
Malware Checks Into Hyatt Hotels Again
Posted Oct 12, 2017

tags | headline, privacy, malware, bank, cybercrime, data loss, fraud
Rick And Morty Episode? Nope, Another CoinMiner
Posted Oct 12, 2017

tags | headline, fraud, cryptography
Judge Says US Government Has No Right To Rummage Through Anti-Trump Protest Website Logs
Posted Oct 12, 2017

tags | headline, government, privacy, usa, fraud
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close