Exploit the possiblities
Showing 1 - 25 of 188 RSS Feed

Files

HP Security Bulletin HPSBMU03263 3
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03263 3 - Potential security vulnerabilities have been identified with HP Insight Control running OpenSSL. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 3 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-5139
MD5 | 4dcf9410e2b2d05ded7c38ebaa8868bd
HP Security Bulletin HPSBGN03332 1
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03332 1 - A potential security vulnerability has been identified in HP Operations Analytics running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "Poodle", which could be exploited remotely resulting in Denial of Service (DoS) or disclosure of information. Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2014-3566
MD5 | f2d66a55f98bcf0d0b7b594b659a35ad
Debian Security Advisory 3274-1
Posted May 29, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3274-1 - Jason Geffner discovered a buffer overflow in the emulated floppy disk drive, resulting in the potential privilege escalation.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2015-3456
MD5 | 71443fc7c69bfcab20e7eb1ab88349bb
HP Security Bulletin HPSBMU03223 1
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03223 1 - Several potential security vulnerabilities have been identified with HP Insight Control server provisioning running SSLv3. These are the SSLv3 vulnerabilities known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in Denial of Service (DoS) or disclosure of information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2014-3513, CVE-2014-3566, CVE-2014-3567
MD5 | 0df3665f2e015d12453d2d569d1f0ca3
HP Security Bulletin HPSBMU03261 2
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03261 2 - Potential security vulnerabilities have been identified with HP Systems Insight Manager running OpenSSL on Linux and Windows. These vulnerabilities are related to the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 2 of this advisory.

tags | advisory, vulnerability
systems | linux, windows
advisories | CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-5139
MD5 | 388033c447c7f33f34f8050665d2febf
HP Security Bulletin HPSBMU03267 2
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03267 2 - Potential security vulnerabilities have been identified with the HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL. These vulnerabilities comprise the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 2 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-5139
MD5 | 4d4224e68626e86dd98e27f95e93ecda
HP Security Bulletin HPSBHF03340 1
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03340 1 - A potential security vulnerability has been identified with HP ThinPro Linux and HP Smart Zero Core running HP Easy Setup Wizard. The vulnerability could result in local unauthorized access and elevation of privilege on an HP thin client device. Revision 1 of this advisory.

tags | advisory, local
systems | linux
advisories | CVE-2015-2124
MD5 | bf1c8f23e4e798b47e992453b1f3e499
Red Hat Security Advisory 2015-1036-01
Posted May 28, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1036-01 - After May 29, 2015, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite versions 5.5 or older.

tags | advisory
systems | linux, redhat
MD5 | daecefa60d857eabb4e76720055c7576
Red Hat Security Advisory 2015-1035-01
Posted May 28, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1035-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.5 will be retired as of November 30, 2015, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.5 EUS after November 30, 2015.

tags | advisory
systems | linux, redhat
MD5 | dfad7c2a9c4f88fef266d79df6e92138
D-Link Bypass / Buffer Overflow
Posted May 28, 2015
Authored by Gergely Eberhardt

SEARCH-LAB performed an independent security assessment on four different D-Link devices. The assessment has identified altogether 53 unique vulnerabilities in the latest firmware (dated 30-07-2014). Several vulnerabilities can be abused by a remote attacker to execute arbitrary code and gain full control over the devices.

tags | advisory, remote, overflow, arbitrary, vulnerability, bypass
advisories | CVE-2014-7857, CVE-2014-7858, CVE-2014-7859, CVE-2014-7860
MD5 | a1ae8e94119cb1bfb84853acb7bcd65e
Red Hat Security Advisory 2015-1037-01
Posted May 28, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1037-01 - After May 29, 2015, as per the life-cycle support policy for Red Hat Satellite Proxy, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite Proxy versions 5.5 or older.

tags | advisory
systems | linux, redhat
MD5 | 48064936c3c59b22e63b0f995ec7c00c
Ubuntu Security Notice USN-2617-3
Posted May 28, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2617-3 - USN-2617-1 fixed a vulnerability in NTFS-3G. The original patch did not completely address the issue. This update fixes the problem. Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrative privileges. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2015-3202
MD5 | 0a54e5794ada2c496673a8c4f0c00bc8
Red Hat Security Advisory 2015-1030-01
Posted May 28, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1030-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. This issue was discovered by Sun Baoliang of Red Hat.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2015-1421
MD5 | fb3f1a86e35a528686d9740b9d192557
Red Hat Security Advisory 2015-1031-01
Posted May 28, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1031-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An out-of-bounds memory access flaw was found in the way QEMU's virtual Floppy Disk Controller handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileges of the host's QEMU process corresponding to the guest.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2015-3456
MD5 | d80881eb06c32d942c602b12c7164538
Apache Cordova On Android Unintended Behavior
Posted May 28, 2015
Authored by Seven Shen

Android applications built with the Cordova framework that do not have explicit values set in Config.xml can have undefined configuration variables set by Intent. This can cause unwanted dialogs appearing in applications and changes in the application behavior that can include the app force-closing. Versions up to 4.0.1 are affected except for 3.7.2

tags | advisory
advisories | CVE-2015-1835
MD5 | cb68d16b5b517e40a9ea4aa0a72e061d
Debian Security Advisory 3268-2
Posted May 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3268-2 - The patch applied for ntfs-3g to fix CVE-2015-3202 in DSA 3268-1 was incomplete. This update corrects that problem.

tags | advisory
systems | linux, debian
advisories | CVE-2015-3202
MD5 | 92106d99956fe1f570860596aff8f536
SAP HANA Log Injection
Posted May 27, 2015
Authored by Fernando Russ, Nahuel D. Sanchez | Site onapsis.com

Onapsis Security Advisory - Under certain conditions, the SAP HANA XS engine is vulnerable to arbitrary log injection, allowing remote authenticated attackers to write arbitrary information in log files. This could be used to corrupt log files or add fake content misleading an administrator.

tags | advisory, remote, arbitrary
advisories | CVE-2015-3994
MD5 | f61f953240b5537345769fd6473f266e
SAP HANA Information Disclosure
Posted May 27, 2015
Authored by Fernando Russ, Nahuel D. Sanchez, Sergio Abraham | Site onapsis.com

Onapsis Security Advisory - SAP HANA suffers from an information disclosure vulnerability via SQL IMPORT FROM statements.

tags | advisory, info disclosure
advisories | CVE-2015-3995
MD5 | f3332116db5d93bd6af0acc157bad3e2
Thycotic Password Manager Secret Server MITM
Posted May 27, 2015
Authored by David Coomber

Thycotic Password Manager Secret Server suffers from a man-in-the-middle SSL certificate verification vulnerability.

tags | advisory
MD5 | 8421786188aa04c0acac4124918c54e4
Ubuntu Security Notice USN-2622-1
Posted May 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2622-1 - It was discovered that OpenLDAP incorrectly handled certain search queries that returned empty attributes. A remote attacker could use this issue to cause OpenLDAP to assert, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. Michael Vishchers discovered that OpenLDAP improperly counted references when the rwm overlay was used. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-1164, CVE-2013-4449, CVE-2015-1545
MD5 | c0eadbf3f94c1d4bcafe5084ef36ac1c
Debian Security Advisory 3273-1
Posted May 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3273-1 - William Robinet and Michal Zalewski discovered multiple vulnerabilities in the TIFF library and its tools, which may result in denial of service or the execution of arbitrary code if a malformed TIFF file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-9330, CVE-2014-9655
MD5 | 158e89206ce999dee58a399020752e58
Red Hat Security Advisory 2015-1023-01
Posted May 26, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1023-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. All Chromium users should upgrade to these updated packages, which contain Chromium version 43.0.2357.65, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-1251, CVE-2015-1252, CVE-2015-1253, CVE-2015-1254, CVE-2015-1255, CVE-2015-1256, CVE-2015-1257, CVE-2015-1258, CVE-2015-1259, CVE-2015-1260, CVE-2015-1261, CVE-2015-1262, CVE-2015-1263, CVE-2015-1264, CVE-2015-1265
MD5 | fe2620178076fd1471d6c8fe0ad0c791
Ubuntu Security Notice USN-2621-1
Posted May 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2621-1 - Benkocs Norbert Attila discovered that PostgreSQL incorrectly handled authentication timeouts. A remote attacker could use this flaw to cause the unauthenticated session to crash, possibly leading to a security issue. Noah Misch discovered that PostgreSQL incorrectly handled certain standard library function return values, possibly leading to security issues. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2015-3165, CVE-2015-3166, CVE-2015-3167
MD5 | 20499c298e5fd73a77fa35e96a7b388d
Debian Security Advisory 3265-2
Posted May 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3265-2 - The update for zendframework issued as DSA-3265-1 introduced a regression preventing the use of non-string or non-stringable objects as header values. A fix for this problem is now applied, along with the final patch for CVE-2015-3154.

tags | advisory
systems | linux, debian
MD5 | 1ce3354087a026c72b8f71b1b61d67db
Debian Security Advisory 3272-1
Posted May 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3272-1 - Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of service.

tags | advisory, remote, denial of service, udp
systems | linux, debian
advisories | CVE-2015-4047
MD5 | c3d9f97a2a1f0048f4b4412553857937
Page 1 of 8
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Archive Of 1.4 Billion Creds Found On Dark Web
Posted Dec 12, 2017

tags | headline, hacker, data loss, password
MoneyTaker Steals Millions From US, UK, Russian Banks
Posted Dec 12, 2017

tags | headline, malware, bank, usa, britain, russia, cybercrime, fraud
Web Pioneers Plead To Cancel US Net Vote
Posted Dec 12, 2017

tags | headline, government, usa, fraud
Google Releases Tool To Help iPhone Hackers
Posted Dec 12, 2017

tags | headline, hacker, phone, google, apple
Language Bugs Infest Downstream Software
Posted Dec 11, 2017

tags | headline, flaw
German Spy Agency Warns Of Chinese LinkedIn Espionage
Posted Dec 11, 2017

tags | headline, government, china, cyberwar, germany, spyware, social
Dynamics 365 Sandbox Leaked TLS Certificates
Posted Dec 11, 2017

tags | headline, privacy, microsoft, data loss, flaw, cryptography
Keylogger Uncovered On Hundreds Of HP PCs
Posted Dec 11, 2017

tags | headline, flaw, spyware, backdoor
PlexCoin Scam Founder Sentenced To Jail And Fined $10k
Posted Dec 10, 2017

tags | headline, cybercrime, fraud, scam, cryptography
Google Lifts Lid On FBI Data Requests: Now You Can Read Actual Letters Online
Posted Dec 9, 2017

tags | headline, government, privacy, usa, google, fbi
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close