Exploit the possiblities
Showing 1 - 25 of 222 RSS Feed

Files

Debian Security Advisory 2891-1
Posted Mar 31, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2891-1 - Several vulnerabilities were discovered in MediaWiki, a wiki engine.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-2031, CVE-2013-4567, CVE-2013-4568, CVE-2013-4572, CVE-2013-6452, CVE-2013-6453, CVE-2013-6454, CVE-2013-6472, CVE-2014-1610
MD5 | b09f5c967e9cf501fd39740032b03258
Debian Security Advisory 2890-1
Posted Mar 31, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2890-1 - Two vulnerabilities were discovered in libspring-java, the Debian package for the Java Spring framework.

tags | advisory, java, vulnerability
systems | linux, debian
advisories | CVE-2014-0054, CVE-2014-1904
MD5 | 474ca2bc88ccaa6970f867eeb737c886
Red Hat Security Advisory 2014-0344-01
Posted Mar 31, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0344-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that when JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, JBoss Web would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting attacks, or obtain sensitive information from other requests.

tags | advisory, java, remote, web, xss
systems | linux, redhat
advisories | CVE-2013-4286, CVE-2014-0093
MD5 | 479dce0d3d5922d77ef759aff60a2f1b
Red Hat Security Advisory 2014-0342-01
Posted Mar 31, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0342-01 - Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.

tags | advisory, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6339, CVE-2013-6340, CVE-2013-7112, CVE-2013-7114, CVE-2014-2281, CVE-2014-2283, CVE-2014-2299
MD5 | d3eb343d9ab78e7dd073db397e7e2646
Red Hat Security Advisory 2014-0345-01
Posted Mar 31, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0345-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that when JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, JBoss Web would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting attacks, or obtain sensitive information from other requests.

tags | advisory, java, remote, web, xss
systems | linux, redhat
advisories | CVE-2013-4286, CVE-2014-0093
MD5 | 95308a7a6883db8786f3ac4ad62d4a22
Red Hat Security Advisory 2014-0343-01
Posted Mar 31, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0343-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that when JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, JBoss Web would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting attacks, or obtain sensitive information from other requests.

tags | advisory, java, remote, web, xss
systems | linux, redhat
advisories | CVE-2013-4286, CVE-2014-0093
MD5 | 09e6384db464688ea9f897333bfcbfa5
Red Hat Security Advisory 2014-0341-01
Posted Mar 31, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0341-01 - Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.

tags | advisory, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2012-5595, CVE-2012-5598, CVE-2012-5599, CVE-2012-5600, CVE-2012-6056, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062, CVE-2013-3557, CVE-2013-3559, CVE-2013-4081, CVE-2013-4083, CVE-2013-4927, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935, CVE-2013-5721, CVE-2013-7112, CVE-2014-2281, CVE-2014-2299
MD5 | 7ef70a9e61bd973f82a14891299a8520
Red Hat Security Advisory 2014-0340-01
Posted Mar 31, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0340-01 - In accordance with the Red Hat Enterprise Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 1 offering will be retired as of June 30, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Developer Toolset Version 1 after June 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided for Red Hat Developer Toolset Version 1 after this date. We encourage customers to plan their migration from Red Hat Enterprise Developer Toolset Version 1 to a more recent release of Red Hat Developer Toolset. As a benefit of the Red Hat subscription model, customers can use their active Red Hat Developer Toolset subscriptions to entitle any system on a currently supported version of this product.

tags | advisory
systems | linux, redhat
MD5 | 6b5b3aa55824b21309749b299747e3ed
Red Hat Security Advisory 2014-0339-01
Posted Mar 31, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0339-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2013-1860, CVE-2014-0055, CVE-2014-0092
MD5 | f0331f590830fdb46dbb9a21e14ae2ca
Debian Security Advisory 2891-2
Posted Mar 31, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2891-2 - In the Mediawiki update issued as DSA 2891-1, a few files were missing from the package. This update corrects that problem.

tags | advisory
systems | linux, debian
advisories | CVE-2013-2031, CVE-2013-4567, CVE-2013-4568, CVE-2013-4572, CVE-2013-6452, CVE-2013-6453, CVE-2013-6454, CVE-2013-6472, CVE-2014-1610
MD5 | 253a4b9b0047c7c1d29127645e30d922
Apache ModSecurity Chunked Request Bypass
Posted Mar 31, 2014
Authored by Martin Holst Swende

Apache ModSecurity versions prior to 2.7.6 appears to suffer from a filter evasion vulnerability via chunked requests.

tags | advisory, bypass
MD5 | 719f997d13b5e3279ff919e3f5bb11e3
Slackware Security Advisory - seamonkey Updates
Posted Mar 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 86200ad5b5163c143405eed4a71a559d
Slackware Security Advisory - openssh Updates
Posted Mar 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-2532
MD5 | 612f413cfdfccc0da36aa5aefe838fa8
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Mar 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | af9386a307e4306cd773d00e8428fac3
Slackware Security Advisory - mozilla-nss Updates
Posted Mar 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-1492
MD5 | 05611c0b154ff1745c960aaeb99ebf70
Slackware Security Advisory - mozilla-firefox Updates
Posted Mar 29, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | ebaabdfcf844f55e59c706f9a50b4e65
Slackware Security Advisory - httpd Updates
Posted Mar 29, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-6438, CVE-2014-0098
MD5 | 7f69207b471201004901d7ffadce5a2f
Slackware Security Advisory - curl Updates
Posted Mar 29, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-0138, CVE-2014-0139, CVE-2014-1263, CVE-2014-2522
MD5 | ee1bbb1e2e224ff31d99742c4d8f1190
Debian Security Advisory 2889-1
Posted Mar 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2889-1 - An SQL injection vulnerability was discovered in postfixadmin, a web administration interface for the Postfix Mail Transport Agent, which allowed authenticated users to make arbitrary manipulations to the database.

tags | advisory, web, arbitrary, sql injection
systems | linux, debian
advisories | CVE-2014-2655
MD5 | 5d2a5d97f29a80e7c8532454c554b4e6
Debian Security Advisory 2888-1
Posted Mar 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2888-1 - Toby Hsieh, Peter McLarnan, Ankit Gupta, Sudhir Rao and Kevin Reintjes discovered multiple cross-site scripting and denial of service vulnerabilities in Ruby Actionpack.

tags | advisory, denial of service, vulnerability, xss, ruby
systems | linux, debian
advisories | CVE-2013-4389, CVE-2013-4491, CVE-2013-6414, CVE-2013-6415, CVE-2013-6417
MD5 | 50af68b6056896c76834c7995af29ced
Symantec LiveUpdate Administrator 2.3.2.99 Password Reset / SQL Injection
Posted Mar 28, 2014
Authored by S. Viehbock | Site sec-consult.com

Symantec LiveUpdate Administrator versions 2.3.2.99 and below suffer from password reset and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
advisories | CVE-2014-1644, CVE-2014-1645
MD5 | a8ff4d370b9610bdeaefb0bdd8fbb50d
LibYAML 0.1.5 Buffer Overflow
Posted Mar 28, 2014
Authored by Andrea Barisani, Open Source CERT

LibYAML versions 0.1.5 and below are affected by a heap-based buffer overflow which can lead to arbitrary code execution. The vulnerability is caused by lack of proper expansion for the string passed to the yaml_parser_scan_uri_escapes() function. A specially crafted YAML file, with a long sequence of percent-encoded characters in a URL, can be used to trigger the overflow.

tags | advisory, overflow, arbitrary, code execution
advisories | CVE-2014-2525
MD5 | ac045385785224679f4d12e08802ffed
HP Security Bulletin HPSBST02968 2
Posted Mar 28, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02968 2 - A potential security vulnerability has been identified with certain HP StoreOnce appliances. This vulnerability could be exploited to allow remote unauthorized access to the appliance. Revision 2 of this advisory.

tags | advisory, remote
advisories | CVE-2013-6211
MD5 | 2bb75c03699ba7140c7c6bf16a9f5739
Debian Security Advisory 2887-1
Posted Mar 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2887-1 - Aaron Neyer discovered that missing input sanitizing in the logging component of Ruby Actionmailer could result in denial of service through a malformed e-mail message.

tags | advisory, denial of service, ruby
systems | linux, debian
advisories | CVE-2013-4389
MD5 | 449b4050f0ef00095fe99ff6b7f4dfce
EMC VPLEX GeoSynchrony 5.2.1 Traversal / Session Timeout
Posted Mar 27, 2014
Site emc.com

EMC VPLEX GeoSynchrony versions 4.0 through 5.2.1 suffer from path traversal, timeout validity, session fixation, and various other vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2002-2443, CVE-2011-1044, CVE-2011-3389, CVE-2011-4110, CVE-2012-0814, CVE-2012-2136, CVE-2012-5166, CVE-2013-1667, CVE-2014-0632, CVE-2014-0633, CVE-2014-0634, CVE-2014-0635
MD5 | 4fabf55ed8ae07e61947cc08474da68d
Page 1 of 9
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close