what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 212 RSS Feed

Files

Gentoo Linux Security Advisory 201512-13
Posted Dec 31, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-13 - Multiple vulnerabilities have been found in InspIRCd, the worst allowing remote attackers to execute arbitrary code. Versions less than 2.0.20 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6697, CVE-2015-6674, CVE-2015-8702
SHA-256 | 8a035e9373b88f2b25418974f622c987585f0634fe3e1ff1d94594db35d1d590
Gentoo Linux Security Advisory 201512-12
Posted Dec 31, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-12 - Data validation in KDE Systemsettings could lead to local privilege escalation. Versions less than 4.11.13-r1 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2014-8651
SHA-256 | 91304edd48f4a7a7ae01bc85cece56828a14e7579662d692209b42759637b4aa
Gentoo Linux Security Advisory 201512-11
Posted Dec 31, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-11 - A buffer overflow in Firebird might allow remote attackers to execute arbitrary code. Versions less than 2.5.3.26780.0-r3 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2013-2492
SHA-256 | ebf0cf5595dd71c229b90d80a98688f967ad738a36910c14c911ecb6c69d4a5a
Ganeti Leaked Secret / Denial Of Service
Posted Dec 31, 2015
Authored by Open Source CERT, Daniele Bianco

Ganeti, an open source virtualization manager, suffers from multiple issues in its RESTful control interface (RAPI). The distributed replicated storage (DRBD) secret is leaked by the RAPI interface when job results are requested. Leveraging on the knowledge of this secret, a malicious user who had already gained access to the storage network of the cluster can retrieve instance data more easily and reliably. The RAPI interface is also vulnerable to a denial of service condition, triggered via SSL parameter renegotiation issued by a malicious client. The condition leads to resource exhaustion on the master node. Many versions are affected.

tags | advisory, denial of service
advisories | CVE-2015-7944, CVE-2015-7945
SHA-256 | 4908b0ea745ca775be075350bb329e3afa85d1d65858822a85447b0558240754
Gentoo Linux Security Advisory 201512-10
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-10 - Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. Versions less than 38.5.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-0798, CVE-2015-0799, CVE-2015-0801, CVE-2015-0802, CVE-2015-0803, CVE-2015-0804, CVE-2015-0805, CVE-2015-0806, CVE-2015-0807, CVE-2015-0808, CVE-2015-0810, CVE-2015-0811, CVE-2015-0812, CVE-2015-0813, CVE-2015-0814, CVE-2015-0815, CVE-2015-0816, CVE-2015-2706, CVE-2015-2721, CVE-2015-2722, CVE-2015-2724, CVE-2015-2725, CVE-2015-2726, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2730, CVE-2015-2731
SHA-256 | 8b345c71a57deda9f0a8d7eb50719b94a327aadac84155e9eb75aa9517d6449e
Gentoo Linux Security Advisory 201512-09
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-9 - Multiple vulnerabilities have been found in encfs, the worst of which can allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.7.5 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3462
SHA-256 | 059fd7a6542979e2739e90c6041431fb44438c3c58dfcaefa4f76a62b9e4a468
Gentoo Linux Security Advisory 201512-08
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-8 - Multiple vulnerabilities have been found in ClamAV, possibly resulting in Denial of Service. Versions less than 0.98.7 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-9328, CVE-2015-1461, CVE-2015-1462, CVE-2015-1463, CVE-2015-2170, CVE-2015-2221, CVE-2015-2222, CVE-2015-2668
SHA-256 | 5fc32e294ea5ab2344bd65d50e0882eeb0563d3c852bd072b46c3325fb7d5d40
Gentoo Linux Security Advisory 201512-07
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-7 - A buffer overflow in GStreamer could allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.4.5 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2015-0797
SHA-256 | 145e7553c78639ba0e110d473c1a22e00ef1d27a08c79f4ce075cec8ab3c03d4
Gentoo Linux Security Advisory 201512-06
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-6 - A buffer overflow vulnerability in MPFR could allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 3.1.3_p4 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2014-9474
SHA-256 | 3555d219ed26c408bde4e5729317d80fae10d392f398829638bee4e18e6765a2
Red Hat Security Advisory 2015-2697-01
Posted Dec 29, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2697-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651
SHA-256 | cf66ca97718395e208f26158dd4948c5061faf78290b77509496697890751210
WebKitGTK+ 2.x Use-After-Free / DoS / Code Execution
Posted Dec 28, 2015
Authored by WebKitGTK+ Team

Various 2.x releases of WebKitGTK+ suffer from over 130 vulnerabilities. These range from use-after-free to arbitrary code execution issues.

tags | advisory, arbitrary, vulnerability, code execution
advisories | CVE-2013-6663, CVE-2014-1748, CVE-2014-3192, CVE-2014-4409, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4452, CVE-2014-4459, CVE-2014-4465, CVE-2014-4466, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475, CVE-2014-4476, CVE-2014-4477, CVE-2014-4479, CVE-2015-1068, CVE-2015-1069, CVE-2015-1070, CVE-2015-1071
SHA-256 | 7dc30709125cb2db34abde329f80722cbf2938391b1c828a6de14fc02f27d91c
libtiff 4.0.6 Heap Overflow
Posted Dec 28, 2015
Authored by riusksk

libtiff versions 4.0.6 and below suffer from a heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2015-8668
SHA-256 | ddfd1c393297b02656c6af06e2fa4f16ca0f928fa45ec87e895588cb147b6756
libtiff 4.0.6 Invalid Write
Posted Dec 27, 2015
Authored by Hans Jerry Illikainen

_TIFFVGetField() in libtiff version 4.0.6 may write field data for certain extension tags to invalid or possibly arbitrary memory locations.

tags | advisory, arbitrary
advisories | CVE-2015-7554
SHA-256 | 1e6ba94ed422d819e50f84dc63c80b976bb75c2ad64a24ec1ea61f3243511591
Slackware Security Advisory - blueman Updates
Posted Dec 24, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New blueman packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-8612
SHA-256 | b81045c1c59f38a66a84e2269eace9046fe6f3ef352261ce1b8ae44564a998ef
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Dec 24, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 5e3bb458b910caf3df07029b7035c054a9d5383037f88f0852d98c0852729c62
Debian Security Advisory 3430-1
Posted Dec 24, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3430-1 - Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or crash the application.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317
SHA-256 | 1cd62addcbd83058fe474f7cc4169937181e259f8c04cc1d6b1f8215dd00b999
WordPress NextGEN Gallery 2.1.10 Shell Upload
Posted Dec 23, 2015
Authored by CSW Research Lab

WordPress NextGEN Gallery plugin version 2.1.10 suffers from a remote shell upload vulnerability.

tags | advisory, remote, shell, file upload
SHA-256 | c71fb2b79645cdc5f4d38e414f680173ec0b97d1f60ef3fde3e35e7b1d5b1dcf
Bugzilla Cross Site Scripting / Information Leak
Posted Dec 23, 2015
Authored by Mario Gomes, Holger Fuhrmannek | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla versions 2.x through 5.x suffer from cross site scripting and information leak vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2015-8508, CVE-2015-8509
SHA-256 | db307f7a48f357ccec4e2df7650d49504073c143e214926e2c2f8d2de6b1ae54
EMC Secure Remote Services Virtual Edition Path Traversal
Posted Dec 23, 2015
Site emc.com

EMC Secure Remote Services Virtual Edition is affected by a path traversal vulnerability. Attackers could potentially exploit this vulnerability to access unauthorized information by supplying specially crafted strings in input parameters of the application. Version 3.0x is affected.

tags | advisory, remote
advisories | CVE-2015-6852
SHA-256 | 8fdb353afde49d3288888cc3ee5c2a890947dbd3ba5aa6fc9be188b655ddf2f7
F-Secure F-SecureOnlineScanner.exe DLL Hijacking
Posted Dec 23, 2015
Authored by Stefan Kanthak

F-Secure's F-SecureOnlineScanner.exe suffers from a DLL hijacking vulnerability.

tags | advisory
systems | windows
SHA-256 | 08c100af279ae10d50cc0185837958fbe38a62b8c7acd43735db62efeb0c9ab5
EMC VPLEX Undocumented Account
Posted Dec 22, 2015
Site emc.com

EMC VPLEX GeoSynchrony code level 5.5 and earlier contains an undocumented account that may potentially be utilized by malicious VPLEX users to gain unauthorized access to the system.

tags | advisory
advisories | CVE-2015-6850
SHA-256 | 50bfb76922d4d30ee5c72d4c24b95090ef5578e1b5cac9b3aa9f356fb26b4e46
giflib 5.1.1 Heap Overflow
Posted Dec 22, 2015
Authored by Hans Jerry Illikainen

A heap overflow may occur in the giffix utility included in giflib-5.1.1 when processing records of the type IMAGE_DESC_RECORD_TYPE due to the allocated size of LineBuffer equaling the value of the logical screen width, GifFileIn->SWidth, while subsequently having GifFileIn->Image.Width bytes of data written to it.

tags | advisory, overflow
advisories | CVE-2015-7555
SHA-256 | 14b8a675aca0e489675c477775d6737f0d432c6edb938c10feaa6a0bb0c1e016
Red Hat Security Advisory 2015-2696-01
Posted Dec 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2696-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7504, CVE-2015-7512
SHA-256 | 503cbc45cdc2f967fddc97f42c3cbcc07b370f89a3a3665b58d860c38d262596
Red Hat Security Advisory 2015-2695-01
Posted Dec 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2695-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7504, CVE-2015-7512
SHA-256 | 634b5c5d6653bee90c43413700903f911828f921ca8203b0d45a775a1c4ef7b4
Red Hat Security Advisory 2015-2694-01
Posted Dec 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2694-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7504, CVE-2015-7512
SHA-256 | 4e3e67c3d61bed804fd025dc4f5c0bcec19041a73d8307392711fe4ac6eb7d3c
Page 1 of 9
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close