Debian Linux Security Advisory 3004-1 - Sebastian Krahmer discovered that Kauth used Policykit insecurely by relying on the process ID. This could result in privilege escalation.
d0cbf458524a741d0147e2a9d3c8ef942e1891f292b0643d4d3b5cc91c430659Red Hat Security Advisory 2014-1039-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the fix for CVE-2012-0818 was incomplete: external parameter entities were not disabled when the resteasy.document.expand.entity.references parameter was set to false. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.
f3cdf1e9d78876065cfd5fdcf939ee9388ca8b23e3255cd79aa82c3e0053cdeaRed Hat Security Advisory 2014-1038-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that several application-provided XML files, such as web.xml, content.xml, *.tld, *.tagx, and *.jspx, resolved external entities, permitting XML External Entity attacks. An attacker able to deploy malicious applications to Tomcat could use this flaw to circumvent security restrictions set by the JSM, and gain access to sensitive information on the system. Note that this flaw only affected deployments in which Tomcat is running applications from untrusted sources, such as in a shared hosting environment.
220eef9b77e8329c308283833debe085021b4510cef9b147d1800c2590e7f7daDebian Linux Security Advisory 3003-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.
70339fe9c5d5fd5a410f2b3dabbca2412936ecc78d144f4d00c4a0c1f5267955Debian Linux Security Advisory 3002-1 - Multiple vulnerabilities were discovered in the dissectors for Catapult DCT2000, IrDA, GSM Management, RLC ASN.1 BER, which could result in denial of service.
600b83ba31ac791c50d1211db30fb7d80d56e233a65282f8705bf468f6be7d8bDebian Linux Security Advisory 3001-1 - Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure.
99e5b331c3e5e59d98d41f8809a1dbbb885b45e2f323c2fd353cc35335377b1dGentoo Linux Security Advisory 201408-2 - A vulnerability in FreeType could result in execution of arbitrary code or Denial of Service. Versions less than 2.5.3-r1 are affected.
90bec08d103b2c2f1e3514f1d73fa1ce766274489a45a1a69a20dda0decf2f91Debian Linux Security Advisory 3000-1 - Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos.
9e0bf167110ededceb1858ae76f9d9ae9089e225902c5c4500a77d626fe971c7Debian Linux Security Advisory 2999-1 - A denial of service vulnerability was discovered in Drupal, a fully-featured content management framework. A remote attacker could exploit this flaw to cause CPU and memory exhaustion and the site's database to reach the maximum number of open connections, leading to the site becoming unavailable or unresponsive.
a17bc95d386dc907de06fe2d79c4c5e267dd97bb7369239608bcd96bd26ac071Slackware Security Advisory - New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
e6c1e38ce693c76a337bfee5d7931997488682a149dcc7351a58577e1f17db5bMIT krb5 Security Advisory 2014-001 - In MIT krb5, when kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause it to perform an out-of-bounds write (buffer overflow). This is not a protocol vulnerability. Using LDAP for the KDC database is a non-default configuration for the KDC.
bae8ba206013d74a29880ba20751b206d092a9d7228d613cff50af35cbe8b9a7Cisco Security Advisory - A vulnerability in the EnergyWise module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted EnergyWise packet to be processed by an affected device. An exploit could allow the attacker to cause a reload of the affected device. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability.
430dbd9de9dded0ac140b94a4055dcfac1af2a1aaa425a4dc841405ab0e5ae09HP Security Bulletin HPSBMU03062 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) running on Linux and Windows. These components of HP Insight Control server deployment could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information. HP Insight Control server deployment packages HP System Management Homepage (SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following components. Revision 1 of this advisory.
30ec904a6c5c9b83f25c8416bbe55a4e98f45470d07086d87abb9523fa9c1f14HP Security Bulletin HPSBUX03087 SSRT101413 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS). Revision 1 of this advisory.
1299cc2ae31937153cba3aee6893facc0a9857094409153f01cd2e09689e173bHP Security Bulletin HPSBMU03086 - A potential security vulnerability has been identified with HP Operations Agent running Glance. The vulnerability could be exploited locally resulting in elevation of privilege. Revision 1 of this advisory.
0cf1cbf3b16ad9fd0a88aa77283dd7c9500a919d5916810876309bc59c44bddeHP Security Bulletin HPSBHF03084 - Potential security vulnerabilities have been identified with certain HP PCs with UEFI Firmware. The vulnerabilities could be exploited to allow execution of arbitrary code. Revision 1 of this advisory.
a94581306701dcefe204f5404e4ddee6e10f3547928db03c798f84ff69d2b1e2Debian Linux Security Advisory 2998-1 - Multiple vulnerabilities have been identified in OpenSSL, a Secure Sockets Layer toolkit, that may result in denial of service (application crash, large memory consumption), information leak, protocol downgrade. Additionally, a buffer overrun affecting only applications explicitly set up for SRP has been fixed (CVE-2014-3512).
4b5ba9dfa84b23a549dccdd763c181521186cfd1c85de543dddad5497811bba9Mandriva Linux Security Advisory 2014-152 - Updated glibc packages fix various security issues.
1af4dd0481b68704f9834dcaded267af850671c47554214e2e8525fd040b7ae3Mandriva Linux Security Advisory 2014-154 - Steve Kemp discovered the _rl_tropen() function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks. Also, upstream patches have been added to fix an infinite loop in vi input mode, and to fix an issue with slowness when pasting text.
c4bd4fe482bbb7c5ccb04b70fea9089926839667f7031e53dc607a03df3e976eMandriva Linux Security Advisory 2014-153 - MediaWiki before 1.23.2 is vulnerable to JSONP injection in Flash, XSS in mediawiki.page.image.pagination.js, and clickjacking between OutputPage and ParserOutput. This update provides MediaWiki 1.23.2, fixing these and other issues.
513361c65ef5d99f22a6620ffae991735d389fc7a0080d6d37d97c6015739699Mandriva Linux Security Advisory 2014-158 - A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. OpenSSL SSL/TLS clients and servers themselves are not affected. If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension it could write up to 255 bytes to freed memory. An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This can be exploited through a Denial of Service attack. An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. This can be exploited through a Denial of Service attack. By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack. OpenSSL DTLS clients enabling anonymous DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference by specifying an anonymous DH ciphersuite and sending carefully crafted handshake messages. The updated packages have been upgraded to the 1.0.0n version where these security flaws has been fixed.
0c47d350a43e9ef06283b3a0d86eb7459ba8b68df64c0a7b9834987b823bc450Mandriva Linux Security Advisory 2014-159 - Multiple vulnerabilities have been discovered and corrected in wireshark. The updated packages have been upgraded to the 1.10.9 version where these security flaws have been fixed.
c90e1f87859e1c81db16e96f93eb20e4d652cdff2453f047056b9eb8c33ca978Mandriva Linux Security Advisory 2014-151 - In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd. It was discovered that the web interface in CUPS incorrectly validated permissions on rss files and directory index files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation.
7d4d6b6d830e0e917745ad8442f7a68ed02759bd672d8f5b73f660cc5ce1b6f0Mandriva Linux Security Advisory 2014-157 - In IPython before 1.2, the origin of websocket requests was not verified within the IPython notebook server. If an attacker has knowledge of an IPython kernel id they can run arbitrary code on a user's machine when the client visits a crafted malicious page.
fc80b7b18d7e41be36ad38f07de86d6a805c1e245779095aa82725a259172c3dMandriva Linux Security Advisory 2014-156 - Multiple cross-site scripting vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
5c357971e36c14c0414e50fb1b84990b5389afeb16fc2aa44da5c440edfa7d75
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed