Exploit the possiblities
Showing 1 - 25 of 174 RSS Feed

Files

Debian Security Advisory 2747-1
Posted Aug 31, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2747-1 - Two vulnerabilities were discovered in Cacti, a web interface for graphing of monitoring systems.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2013-5588, CVE-2013-5589
MD5 | 2529d2bb29e016c50d57268145a966ce
Microsoft Internet Explorer Protected Mode Sandbox Bypass
Posted Aug 30, 2013
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a memory corruption error in the IE broker process when copying certain data, which could be exploited by remote attackers to bypass IE Protected Mode sandbox and execute arbitrary code with Medium integrity permissions.

tags | advisory, remote, arbitrary
MD5 | b4cd495fe88af28f76b0dc4dd627d0ef
Microsoft Internet Explorer "ReplaceAdjacentText" Use-After-Free
Posted Aug 30, 2013
Authored by Alexandre Pelletier, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the MSHTML "SlayoutRun::GetCharacters()" function when replacing a text adjacent to an element, which could be exploited by remote attackers to compromise a vulnerable system.

tags | advisory, remote
MD5 | 8c4344194f6ec36ff3585d9f6be72702
Microsoft Windows "LdrHotPatchRoutine" Remote ASLR Bypass
Posted Aug 30, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a design error in the "ntdll.LdrHotPatchRoutine" function which can be abused to load an arbitrary library e.g. from a remote network share, leading to arbitrary code execution and ASLR bypass.

tags | advisory, remote, arbitrary, code execution, bypass
systems | windows
MD5 | 6442e7981c8d7e1d2975931b3757391d
Gentoo Linux Security Advisory 201308-05-02
Posted Aug 30, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201308-5 - The references section of the original advisory contained wrong CVE references.

tags | advisory
systems | linux, gentoo
advisories | CVE-2012-0041, CVE-2012-0042, CVE-2012-0043, CVE-2012-0066, CVE-2012-0067, CVE-2012-0068, CVE-2012-3548, CVE-2012-4048, CVE-2012-4049, CVE-2012-4285, CVE-2012-4286, CVE-2012-4287, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4294, CVE-2012-4295, CVE-2012-4296, CVE-2012-4297, CVE-2012-4298, CVE-2013-3555, CVE-2013-3556, CVE-2013-3557, CVE-2013-3558, CVE-2013-3559
MD5 | 48a90a7c098f7fca4867a7b6e171ccf0
Slackware Security Advisory - php Updates
Posted Aug 30, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, and -current to fix a security issue.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2013-4248
MD5 | ae5ab2b5c2801fdc180912777854b0bc
Slackware Security Advisory - gnutls Updates
Posted Aug 30, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnutls packages are available for Slackware 14.0, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-1619
MD5 | cced5b313186ea0473d532c7a4233368
Mandriva Linux Security Advisory 2013-223
Posted Aug 30, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-223 - A remotely exploitable crash vulnerability exists in the SIP channel driver if an ACK with SDP is received after the channel has been terminated. The handling code incorrectly assumes that the channel will always be present. A remotely exploitable crash vulnerability exists in the SIP channel driver if an invalid SDP is sent in a SIP request that defines media descriptions before connection information. The handling code incorrectly attempts to reference the socket address information even though that information has not yet been set.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-5641, CVE-2013-5642
MD5 | 10d1ba6020fbf722f75b381de709e3a5
VMware Security Advisory 2013-0011
Posted Aug 30, 2013
Authored by VMware | Site vmware.com

VMware Security Advisory 2013-0011 - VMware has updated VMware ESXi and ESX to address a vulnerability in an unhandled exception in the NFC protocol handler.

tags | advisory, protocol
advisories | CVE-2013-1661
MD5 | 9c14f53dffbd8eb92d67fece8baaae11
Gentoo Linux Security Advisory 201308-06-02
Posted Aug 30, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201308-6-2 - The references section of the original advisory contained wrong CVE references.

tags | advisory
systems | linux, gentoo
advisories | CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0117, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0490, CVE-2012-0491, CVE-2012-0492, CVE-2012-0493, CVE-2012-0494, CVE-2012-0495, CVE-2012-0496, CVE-2012-0540
MD5 | bfe196a5473dfa505df15c8094698dd2
Red Hat Security Advisory 2013-1185-01
Posted Aug 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1185-01 - Red Hat JBoss Fuse 6.0.0, based on Apache ServiceMix, provides an integration platform. Red Hat JBoss Fuse 6.0.0 patch 2 is an update to Red Hat JBoss Fuse 6.0.0 and includes bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-0269, CVE-2013-1768, CVE-2013-1821, CVE-2013-2160
MD5 | 68a3fa42afe54d2707b9e06ea4e89eb4
CyberArk Vault User Enumeration
Posted Aug 29, 2013
Authored by Moshe Zioni

CyberArk Vault versions prior to 7.20.37 suffer from multiple user enumeration vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-6344, CVE-2012-6345
MD5 | 06201c391ac04c150480f7dcaa738d48
Debian Security Advisory 2746-1
Posted Aug 29, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2746-1 - Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, missing permission checks and other implementation errors may lead to the execution of arbitrary code or cross-site scripting.

tags | advisory, arbitrary, xss
systems | linux, debian
advisories | CVE-2013-1701, CVE-2013-1709, CVE-2013-1710, CVE-2013-1713, CVE-2013-1714, CVE-2013-1717
MD5 | 4f48df35a81513cc50d08a928485007d
Gentoo Linux Security Advisory 201308-06
Posted Aug 29, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201308-6 - Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 5.1.70 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0117, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0490, CVE-2012-0491, CVE-2012-0492, CVE-2012-0493, CVE-2012-0494, CVE-2012-0495, CVE-2012-0496, CVE-2012-0540
MD5 | adc200e2c073522b8f99db820401142d
Debian Security Advisory 2745-1
Posted Aug 29, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2745-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-1059, CVE-2013-2148, CVE-2013-2164, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2851, CVE-2013-2852, CVE-2013-4162, CVE-2013-4163
MD5 | b0547ebbff6eb63a5b603f94c1624466
Gentoo Linux Security Advisory 201308-05
Posted Aug 29, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201308-5 - Multiple vulnerabilities have been found in Wireshark, allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.10.1 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-0041, CVE-2012-0042, CVE-2012-0043, CVE-2012-0066, CVE-2012-0067, CVE-2012-0068, CVE-2012-3548, CVE-2012-4048, CVE-2012-4049, CVE-2012-4285, CVE-2012-4286, CVE-2012-4287, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4294, CVE-2012-4295, CVE-2012-4296, CVE-2012-4297, CVE-2012-4298, CVE-2013-3540, CVE-2013-3541, CVE-2013-3542, CVE-2013-3555, CVE-2013-3556
MD5 | db812d531fa3d923bf059fa6a3ab4181
Red Hat Security Advisory 2013-1182-01
Posted Aug 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1182-01 - The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that the 389 Directory Server did not properly handle the receipt of certain MOD operations with a bogus Distinguished Name. A remote, unauthenticated attacker could use this flaw to cause the 389 Directory Server to crash. All 389-ds-base users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the 389 server service will be restarted automatically.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2013-4283
MD5 | 53cb288ed79432ac2f38f2cd9ee5e632
EPS Viewer Buffer Overflow
Posted Aug 28, 2013
Authored by Core Security Technologies, Daniel Kazimirow | Site coresecurity.com

Core Security Technologies Advisory - EPS Viewer is prone to a security vulnerability when processing EPS files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing EPS Viewer users to open a specially crafted EPS file (client-side vulnerability).

tags | advisory, remote, arbitrary
advisories | CVE-2013-4979
MD5 | 6e20e2165f3d983bd6a478a8c73c4009
Drupal Node View Permissions 7.x Access Bypass
Posted Aug 28, 2013
Authored by Mark Theunissen | Site drupal.org

Drupal Node View Permissions third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | 21b30919597a48a76a0f1bd8fd1c919b
Asterisk Project Security Advisory - AST-2013-005
Posted Aug 28, 2013
Authored by Matt Jordan | Site asterisk.org

Asterisk Project Security Advisory - A remotely exploitable crash vulnerability exists in the SIP channel driver if an invalid SDP is sent in a SIP request that defines media descriptions before connection information. The handling code incorrectly attempts to reference the socket address information even though that information has not yet been set.

tags | advisory
MD5 | b715f9c2eaad10cad18835c40db97b9c
Aloaha PDF Suite Buffer Overflow
Posted Aug 28, 2013
Authored by Core Security Technologies, Marcos Accossatto | Site coresecurity.com

Core Security Technologies Advisory - Aloaha PDF Suite is prone to a security vulnerability when processing PDF files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing Aloaha users to open a specially crafted PDF file.

tags | advisory, remote, arbitrary
advisories | CVE-2013-4978
MD5 | 983629709074b723ab6bf46505538188
HP Security Bulletin HPSBHF02888 3
Posted Aug 28, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF02888 3 - Potential security vulnerabilities have been identified with HP Network Products including 3COM and H3C routers and switches. The vulnerabilities could be remotely exploited resulting in disclosure of information and execution of code. Revision 3 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2013-2340, CVE-2013-2341
MD5 | bc285d1be26e9b2a57492ce8a4f31b6c
Drupal Flag 7.x Cross Site Scripting
Posted Aug 28, 2013
Authored by Justin C. Klein Keane | Site drupal.org

Drupal Flag third party module version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 15273fdc972edba5e062c27c731c5fc8
Cisco Security Advisory 20130828-acs
Posted Aug 28, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the EAP-FAST authentication module of Cisco Secure Access Control Server (ACS) versions 4.0 through 4.2.1.15 could allow an unauthenticated, remote attacker to execute arbitrary commands on the Cisco Secure ACS server. This vulnerability is only present when Cisco Secure ACS is configured as a RADIUS server. The vulnerability is due to improper parsing of user identities used for EAP-FAST authentication. An attacker could exploit this vulnerability by sending crafted EAP-FAST packets to an affected device. An exploit could allow the attacker to execute arbitrary commands on the Cisco Secure ACS server and take full control of the affected server. There are no workarounds for this vulnerability. Cisco has released free software updates that address this vulnerability.

tags | advisory, remote, arbitrary
systems | cisco
MD5 | c56ed167bc3e3ebea2657d7d0fab091a
Asterisk Project Security Advisory - AST-2013-004
Posted Aug 28, 2013
Authored by Joshua Colp | Site asterisk.org

Asterisk Project Security Advisory - A remotely exploitable crash vulnerability exists in the SIP channel driver if an ACK with SDP is received after the channel has been terminated. The handling code incorrectly assumes that the channel will always be present.

tags | advisory
MD5 | 7a62518551aefdf4d135c81e2573574c
Page 1 of 7
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
Github To Devs: Now You'll Get Security Alerts On Flaws In Popular Software Libraries
Posted Nov 17, 2017

tags | headline, flaw
Keystone Pipeline Leaked 210,000 Gallons Of Oil In South Dakota
Posted Nov 17, 2017

tags | headline, flaw
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close