exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 268 RSS Feed

Files

Slackware Security Advisory - mutt Updates
Posted Apr 22, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mutt packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-9116
SHA-256 | 66ead44099a0d5465639c8f233741f3b5fbd27855830d91d7598c88f536129c6
Slackware Security Advisory - libssh Updates
Posted Apr 22, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libssh packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-0017, CVE-2014-8132
SHA-256 | d1c60898d3bb6fdb8ab9765889f38b999cc01a200e44d5db6df6716245d1769c
Slackware Security Advisory - qt Updates
Posted Apr 22, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New qt packages are available for Slackware 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-0295, CVE-2015-1858, CVE-2015-1859, CVE-2015-1860
SHA-256 | c709353b98a3dbcad2cb559f52668e557e32b02ae90f4d4e53ba90425924c0f3
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Apr 22, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | c45fafa9f2ff997e5bbc86f0c031764e5cdae36ce5381a4b1737e1bc08e492be
Slackware Security Advisory - mozilla-firefox Updates
Posted Apr 22, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 1a95717c7172af2843b23cc13f8ebffc264605bd54d56e44448017d8f97efdca
HP Security Bulletin HPSBGN03308 1
Posted Apr 22, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03308 1 - A potential security vulnerability has been identified with the HP TippingPoint Security Management System (SMS) and vSMS. A vulnerability in JBOSS RMI could be exploited to allow remote code execution. Revision 1 of this advisory.

tags | advisory, remote, code execution
advisories | CVE-2015-2117
SHA-256 | 05c04745f9f11a0f97a69946468039e77ad8bec791e1ffe357f7e70449c86622
WordPress Add Link To Facebook 1.215 Cross Site Scripting
Posted Apr 22, 2015
Authored by Rohit Kumar

WordPress Add Link to Facebook plugin version 1.215 suffers from a persistent cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 0ac4dfb430815fc56adc2619109649b9faa56fa9e5d6347c0a4f424db4a12b7c
AMD Bulldozer Linux ASLR Weakness
Posted Apr 22, 2015
Authored by Hector Marco

A security issue in Linux ASLR implementation which affects some AMD processors has been found. The issue affects to all Linux process even if they are not using shared libraries (statically compiled). The problem appears because some mmapped objects (VDSO, libraries, etc.) are poorly randomized in an attempt to avoid cache aliasing penalties for AMD Bulldozer (Family 15h) processors. Affected systems have reduced the mmapped files entropy by eight. Grsecurity/PaX is also affected. The total entropy for the VVAR/VDSO, mmapped files and libraries of a processes are reduced by eight. The number of possible locations where the mapped areas can be placed are reduced by 87.5%.

tags | advisory
systems | linux
SHA-256 | 775d1f12325916fd03a6f940333695b6ae0d7cad1e68d2d8d0149405f2dd39ed
Linux ASLR Improper Randomness
Posted Apr 22, 2015
Authored by Hector Marco

A bug in Linux ASLR implementation has been found. The issue is that the mmap base address for processes is not properly randomized on some architectures due to an improper bit-mask manipulation. Affected systems have reduced the mmap area entropy of the processes by half.

tags | advisory
systems | linux
SHA-256 | 5561c263f5ccd156d5f5f50185acc7545668c0275b3b60446b6c52dff9c6ea14
Red Hat Security Advisory 2015-0868-01
Posted Apr 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0868-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. This issue was discovered by Paolo Bonzini of Red Hat.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-8106
SHA-256 | 7b075913a496b047a5a0a221fb888413a024e6e84d58dc1db83bd858d22be2d4
Debian Security Advisory 3231-1
Posted Apr 22, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3231-1 - Several vulnerabilities were discovered in Subversion, a version control system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-0248, CVE-2015-0251
SHA-256 | b713fc8d250561a0258c3f5d80214cbca484512f312bc325fcdb64bddbe08dba
Red Hat Security Advisory 2015-0867-01
Posted Apr 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0867-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. This issue was found by Paolo Bonzini of Red Hat.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-8106
SHA-256 | 7f08ba09e1990e8f463805d81e1aa305ff645f1f645d5252758692bf55ffb50e
Red Hat Security Advisory 2015-0866-01
Posted Apr 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0866-01 - After May 29, 2015, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite versions 5.5 or older. The listed versions will exit the existing Limited Maintenance Release phase. This means that new bug fixes, security updates, and product enhancements will no longer be provided for the following product versions: Red Hat Satellite 5.2, Red Hat Satellite 5.3, Red Hat Satellite 5.4, and Red Hat Satellite 5.5.

tags | advisory
systems | linux, redhat
SHA-256 | 4ab745a52b2027f0a4d259f4cf4cd8044f00e84da9d279353cfac42a95a28b92
Red Hat Security Advisory 2015-0865-01
Posted Apr 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0865-01 - After May 29, 2015, as per the life-cycle support policy for Red Hat Satellite Proxy, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite Proxy versions 5.5 or older. The listed versions will exit the existing Limited Maintenance Release phase. This means that new bug fixes, security updates, and product enhancements will no longer be provided for the following product versions: Red Hat Satellite Proxy 5.2, Red Hat Satellite Proxy 5.3, Red Hat Satellite Proxy 5.4, and Red Hat Satellite Proxy 5.5.

tags | advisory
systems | linux, redhat
SHA-256 | f976709fcdec5ba4e2d78d740cdc7f9cb0709ba9739ec39cf50b5ea65ba3e316
Red Hat Security Advisory 2015-0863-01
Posted Apr 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0863-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc's gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat, osx
advisories | CVE-2013-7423, CVE-2015-1781
SHA-256 | 3fda2d2de3dbc012f471e38333e69c22019fc8670e36541d0d45378234b7d9c9
Red Hat Security Advisory 2015-0862-01
Posted Apr 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0862-01 - Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. It was discovered that the JBoss Operations Network server did not correctly restrict access to certain remote APIs. A remote, unauthenticated attacker could use this flaw to execute arbitrary Java methods via ServerInvokerServlet or SchedulerService, and possibly exhaust all available disk space via ContentManager.

tags | advisory, java, remote, arbitrary
systems | linux, redhat
advisories | CVE-2015-0297
SHA-256 | 8eda90a855ac3577489468360a9085f7348941cc9faa95b71d882d2291f4609d
Red Hat Security Advisory 2015-0860-01
Posted Apr 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0860-01 - In accordance with the Red Hat Enterprise Linux OpenStack Platform Support Policy, the 1.5 year life cycle of Production Support for version 4 will end on June 19, 2015. On June 20, 2015, Red Hat Enterprise Linux OpenStack Platform version 4 will enter an inactive state and will no longer receive updated packages, including Critical-impact security patches or urgent-priority bug fixes. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. They encourage customers to plan their migration from Red Hat Enterprise Linux OpenStack Platform 4.0 to Red Hat Enterprise Linux OpenStack Platform version 5 or 6.

tags | advisory
systems | linux, redhat
SHA-256 | 67a38b67f6434c96462afc823db59e7213b4f71c7938118b7b4627462d8b5991
Red Hat Security Advisory 2015-0864-01
Posted Apr 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0864-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid() system call, among others, also sets the saved set-user-ID when dropping the binaries' process privileges, could allow a local, unprivileged user to potentially escalate their privileges on the system. Note: the fix for this issue is the kernel part of the overall fix, and introduces the PR_SET_NO_NEW_PRIVS functionality and the related SELinux exec transitions support.

tags | advisory, kernel, local, root
systems | linux, redhat
advisories | CVE-2014-3215, CVE-2014-3690, CVE-2014-7825, CVE-2014-7826, CVE-2014-8171, CVE-2014-8884, CVE-2014-9529, CVE-2014-9584, CVE-2015-1421
SHA-256 | 24e7a0f27ae4cfb8cbaeef49a7e9203298bb317a8eb324c5b8f16adb18278828
HP Security Bulletin HPSBGN03305 1
Posted Apr 21, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03305 1 - A potential security vulnerability has been identified with HP Business Service Management (BSM), SiteScope, Business Service Management (BSM) Integration Adaptor, Operations Manager for Windows, Unix and Linux, Reporter, Operation Agent Virtual Appliance, Performance Manager, Virtualization Performance Viewer, Operations Agent, BSM Connector and Service Health Reporter running SSLv3. The vulnerability could be exploited remotely to allow disclosure of information. Note: This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
systems | linux, windows, unix
advisories | CVE-2014-3566
SHA-256 | 5fb16d90b23b1ad2f3685f6f2de7e6587f649473276261eb9d829f2bebb968f5
Ubuntu Security Notice USN-2573-1
Posted Apr 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2573-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect to handling jar files. An attacker could use this to expose sensitive data. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | 096e77766a83ea828d4b314e6b7b24c9ce7b6edc5965bc693fcea4a155666ee0
Ubuntu Security Notice USN-2575-1
Posted Apr 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2575-1 - Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.43. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2015-0433, CVE-2015-0441, CVE-2015-0499, CVE-2015-0501, CVE-2015-0505, CVE-2015-2568, CVE-2015-2571, CVE-2015-2573
SHA-256 | bf0daf90f0197bb158b3217908da68b65033335c6f6a3f5ab6b2f4607c225707
Ubuntu Security Notice USN-2574-1
Posted Apr 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2574-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect to handling jar files. An attacker could use this to expose sensitive data. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | 0683424e8df590c4b914011d9c5b55a874444f3daa07b619898decc714cd7093
HP Security Bulletin HPSBMU03321 1
Posted Apr 20, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03321 1 - Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
advisories | CVE-2015-2116
SHA-256 | e3bff405a71af31ef6d3e6d551520412a1779cdfbb37dbc4bd403f21f37a019b
Ubuntu Security Notice USN-2572-1
Posted Apr 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2572-1 - It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled opening tar, zip or phar archives through the PHAR extension. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2015-2305, CVE-2015-2348, CVE-2015-2783, CVE-2015-2787, CVE-2015-3329, CVE-2015-3330
SHA-256 | 244c6d018bed72ec3bf51a251a141d8c6742d2dddff7af1f4fe2c11621debdd0
Red Hat Security Advisory 2015-0858-01
Posted Apr 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0858-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491
SHA-256 | 13f8409446168f20911b57e29034f0647d8480c24148b198b89e63ffd80a697a
Page 4 of 11
Back23456Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close