Exploit the possiblities
Showing 1 - 25 of 230 RSS Feed

Files

Red Hat Security Advisory 2013-1370-01
Posted Sep 30, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1370-01 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2013-4210
MD5 | 12b0301021831529fa7a357c1981f3ab
Red Hat Security Advisory 2013-1369-01
Posted Sep 30, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1369-01 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2013-4210
MD5 | f85331db33373441cf3604d91006ebed
Red Hat Security Advisory 2013-1375-01
Posted Sep 30, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1375-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for Red Hat JBoss BRMS 5.3.1. It includes various bug fixes. The following security issue is also fixed with this release: A flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially-crafted XML signature block.

tags | advisory, java, remote, arbitrary, spoof
systems | linux, redhat
advisories | CVE-2013-2172
MD5 | 3fdba7683671327b6e454b320f5e6799
Red Hat Security Advisory 2013-1376-01
Posted Sep 30, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1376-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 5.3 will be retired as of March 31, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 5.3 AMC after that date. In addition, technical support through Red Hat's Global Support Services will no longer be provided after March 31, 2014. Note: This notification applies only to those customers with subscriptions for Advanced Mission Critical Support channels for Red Hat Enterprise Linux 5.3.

tags | advisory
systems | linux, redhat
MD5 | 787b475b81f7ccccfc6bd1f60a624552
Red Hat Security Advisory 2013-1371-01
Posted Sep 30, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1371-01 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2013-4210
MD5 | 8b60c82760448b27a7d3e2e65800d43d
Red Hat Security Advisory 2013-1374-02
Posted Sep 30, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1374-02 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2013-4210
MD5 | ccb97b4d1b364b2dba57a9736d6976bc
Red Hat Security Advisory 2013-1373-03
Posted Sep 30, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1373-03 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2013-4210
MD5 | 5d6f237d701964b3a0ae4e45f8784f59
Red Hat Security Advisory 2013-1372-01
Posted Sep 30, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1372-01 - JBoss Remoting is a framework for building distributed applications in Java. A denial of service flaw was found in the implementation of the org.jboss.remoting.transport.socket.ServerThread class in JBoss Remoting. An attacker could use this flaw to exhaust all available file descriptors on the target server, preventing legitimate connections. Note that to exploit this flaw remotely, the remoting port must be exposed directly or indirectly.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2013-4210
MD5 | dab1cad35fe3d6c2584d0fb85e7ad481
Ubuntu Security Notice USN-1981-1
Posted Sep 30, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1981-1 - It was discovered that HPLIP incorrectly handled temporary files when using the fax capabilities. A local attacker could possibly use this issue to overwrite arbitrary files. This issue only applied to Ubuntu 10.04 LTS. Tim Waugh discovered that HPLIP incorrectly handled temporary files when printing. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu 12.04 LTS and Ubuntu 12.10, this should be prevented by the Yama link restrictions. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2011-2722, CVE-2013-0200, CVE-2011-2722, CVE-2013-0200
MD5 | de86f5df53256711da65b36a0cfcd3c1
Ubuntu Security Notice USN-1977-1
Posted Sep 30, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1977-1 - An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of the Linux kernel. A physically proximate attacker could exploit this flaw to execute arbitrary code or cause a denial of service (heap memory corruption) via a specially crafted device that provides an invalid Report ID. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2013-0343, CVE-2013-2888, CVE-2013-2892, CVE-2013-0343, CVE-2013-2888, CVE-2013-2892
MD5 | f273cdeb0282f2748fc9838c1ff82499
Ubuntu Security Notice USN-1979-1
Posted Sep 30, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1979-1 - Patrick J Cherry discovered that txt2man contained leftover debugging code that incorrectly created a temporary file. A local attacker could possibly use this issue to overwrite arbitrary files. In the default Ubuntu installation, this should be prevented by the Yama link restrictions.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2013-1444
MD5 | 52ff646b4e54ddd863d2229dc16a06d6
Ubuntu Security Notice USN-1980-1
Posted Sep 30, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1980-1 - Jonathan Claudius discovered that Vino incorrectly handled closing invalid connections. A remote attacker could use this issue to cause Vino to consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-5745
MD5 | 271b894f838c1e51e911ab3f3a2fbe1e
Ubuntu Security Notice USN-1976-1
Posted Sep 30, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1976-1 - An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of the Linux kernel. A physically proximate attacker could exploit this flaw to execute arbitrary code or cause a denial of service (heap memory corruption) via a specially crafted device that provides an invalid Report ID. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2013-0343, CVE-2013-2888, CVE-2013-2892, CVE-2013-0343, CVE-2013-2888, CVE-2013-2892
MD5 | 1e03b1c2da23494dbbba95ec5858bb93
Ubuntu Security Notice USN-1978-1
Posted Sep 30, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1978-1 - It was discovered that libKDcraw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against libKDcraw could be made to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-1438, CVE-2013-1439
MD5 | 42b14bc95a92d26b5b87a2fa0b3000bd
Mandriva Linux Security Advisory 2013-244
Posted Sep 30, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-244 - Davfs2, a filesystem client for WebDAV, calls the function system() insecurely while is setuid root. This might allow a privilege escalation. The updated packages have been patched to correct this issue.

tags | advisory, root
systems | linux, mandriva
advisories | CVE-2013-4362
MD5 | 1396f2e6752b64964704ad1d83e9fae2
Debian Security Advisory 2767-1
Posted Sep 30, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2767-1 - Kingcope discovered that the mod_sftp and mod_sftp_pam modules of proftpd, a powerful modular FTP/SFTP/FTPS server, are not properly validating input, before making pool allocations. An attacker can use this flaw to conduct denial of service attacks against the system running proftpd (resource exhaustion).

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2013-4359
MD5 | efeb16243db19abbc82a5013158197c0
Slackware Security Advisory - seamonkey Updates
Posted Sep 30, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | cd82193c488e7929e361ee9af5c2086c
Debian Security Advisory 2766-1
Posted Sep 30, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2766-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-2141, CVE-2013-2164, CVE-2013-2206, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2239, CVE-2013-2851, CVE-2013-2852, CVE-2013-2888, CVE-2013-2892
MD5 | 24180ab9a5fa022aa5001bc9779ccf9b
Open-Xchange AppSuite 7.x Cross Site Scripting
Posted Sep 30, 2013
Authored by Martin Braun

Open-Xchange AppSuite versions prior to 7.2.2 suffer from multiple script insertion vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2013-5690
MD5 | 70148b15e05e440eb02602337e17e5a4
Apache Camel 2.x Critical Disclosure
Posted Sep 30, 2013
Authored by Gregory Draperi

Apache Camel versions 2.9.0 to 2.9.7, 2.10.0 to 2.10.6, 2.11.0 to 2.11.1, and 2.12.0 suffers from a remote command execution vulnerability based on how message headers are interpreted.

tags | advisory, remote, info disclosure
advisories | CVE-2013-4330
MD5 | c580c2e0a040b344caa1056f2d9968ca
Apple Security Advisory 2013-09-26-1
Posted Sep 27, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-09-26-1 - iOS 7.0.2 is now available and addresses passcode lock security issues.

tags | advisory
systems | apple, ios
advisories | CVE-2013-5160, CVE-2013-5161
MD5 | 17d4d11105517ca812593f8124604d47
Ubuntu Security Notice USN-1969-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1969-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-1819, CVE-2013-4254
MD5 | a71d3f8c7de7333335b3f3a9f80ea034
Ubuntu Security Notice USN-1970-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1970-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-2237, CVE-2013-1819, CVE-2013-2237, CVE-2013-4254
MD5 | 2bb3e118bb942e4753a14ddb3ff16a53
Mandriva Linux Security Advisory 2013-243
Posted Sep 27, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-243 - A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2013-4288, CVE-2013-4325, CVE-2013-4326, CVE-2013-4327
MD5 | 26373f33e20df455a28640147805b5fb
Gentoo Linux Security Advisory 201309-22
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-22 - Multiple vulnerabilities have been found in Squid, possibly resulting in remote Denial of Service. Versions less than 3.2.13 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0801, CVE-2011-4096, CVE-2012-5643, CVE-2013-0189, CVE-2013-1839, CVE-2013-4115, CVE-2013-4123
MD5 | 88f0a967f5e2f023cf967924bf27f152
Page 1 of 10
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close