ignore security and it'll go away
Showing 1 - 25 of 198 RSS Feed

Files

Red Hat Security Advisory 2016-1785-01
Posted Aug 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1785-01 - Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.7 release serves as a replacement for JBoss Operations Network 3.3.6, and includes several bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-5422
MD5 | 2eb89e2ba5cf2a71b17536b9dd250ae6
Cisco Security Advisory 20160831-sps3
Posted Aug 31, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the implementation of Simple Network Management Protocol (SNMP) functionality in Cisco Small Business 220 Series Smart Plus (Sx220) Switches could allow an unauthenticated, remote attacker to gain unauthorized access to SNMP objects on an affected device. The vulnerability is due to the presence of a default SNMP community string that is added during device installation and cannot be deleted. An attacker could exploit this vulnerability by using the default SNMP community string to access SNMP objects on an affected device. A successful exploit could allow the attacker to view and modify SNMP objects on a targeted device. Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, protocol
systems | cisco
MD5 | 79bc356eab9693dda2a3fb46872b7ab7
Cisco Security Advisory 20160831-spa
Posted Aug 31, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the HTTP framework of Cisco Small Business SPA300 Series IP Phones, Cisco Small Business SPA500 Series IP Phones, and Cisco SPA51x IP Phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of malformed HTTP traffic. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. An exploit could allow the attacker to deny service continually by sending crafted HTTP requests to a phone, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.

tags | advisory, remote, web, denial of service
systems | cisco
MD5 | 290e9c77d0c752fbf0263ed2d49c847e
Cisco Security Advisory 20160831-meetings-player
Posted Aug 31, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in Cisco WebEx Player could allow an unauthenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper handling of user-supplied files. An attacker could exploit this vulnerability by persuading a user to open a malicious file using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the system with the privileges of the user. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote, arbitrary
systems | cisco
MD5 | 7797b2c7a52dd63af82ca809091e22fa
HP Security Bulletin HPSBGN03637 1
Posted Aug 31, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03637 1 - A potential vulnerability has been identified in the AdminUI of the HP Operations Manager for Unix, Solaris, and Linux. The vulnerability could be exploited remotely resulting in Cross-Site Scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
systems | linux, unix, solaris
advisories | CVE-2016-4380
MD5 | 944bb798ff3152a48b7464651c6a3862
Red Hat Security Advisory 2016-1781-01
Posted Aug 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1781-01 - PostgreSQL is an advanced object-relational database management system. The following packages have been upgraded to a newer upstream version: rh-postgresql94-postgresql. Security Fix: A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2016-5423, CVE-2016-5424
MD5 | d984c87f8aa64fb9c2060ef07a3e179c
Oracle E-Business Suite 12.2 Cross Site Scripting
Posted Aug 30, 2016
Authored by Matias Mevied | Site onapsis.com

Oracle E-Business Suite version 12.2 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2016-3436
MD5 | 7ecd05898168b7842fedb20077b089c0
Oracle E-Business Suite 12.2 Cross Site Scripting
Posted Aug 30, 2016
Authored by Matias Mevied | Site onapsis.com

Oracle E-Business Suite version 12.2 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2016-3439
MD5 | d7c0d97ffa38550a8f0c86c31a6b4ace
HP Security Bulletin HPSBHF03641 1
Posted Aug 30, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03641 1 - A potential security vulnerability has been identified with certain versions of HPE Integrated Lights-Out 3 (iLO 3). This vulnerability, also known as the "Vaudenay vulnerability", could be remotely exploited using TLS CBC Padding and MAC Errors resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2016-4379
MD5 | 27cf204de3ab79b33322a3fe449273e8
Ubuntu Security Notice USN-3070-4
Posted Aug 30, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3070-4 - USN-3070-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-1237, CVE-2016-5244, CVE-2016-5400, CVE-2016-5696, CVE-2016-5728, CVE-2016-5828, CVE-2016-5829, CVE-2016-6197
MD5 | 6d0aff41c891b55cee132d53c5200664
Ubuntu Security Notice USN-3070-3
Posted Aug 30, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3070-3 - A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. Kangjie Lu discovered an information leak in the Reliable Datagram Sockets implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-1237, CVE-2016-5244, CVE-2016-5400, CVE-2016-5696, CVE-2016-5728, CVE-2016-5828, CVE-2016-5829, CVE-2016-6197
MD5 | 6ce421739c7d1ac3c023ee4d2ad4f2e3
Ubuntu Security Notice USN-3070-2
Posted Aug 30, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3070-2 - A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. Kangjie Lu discovered an information leak in the Reliable Datagram Sockets implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-1237, CVE-2016-5244, CVE-2016-5400, CVE-2016-5696, CVE-2016-5728, CVE-2016-5828, CVE-2016-5829, CVE-2016-6197
MD5 | de010302408a08088e13e927ebc77809
Slackware Security Advisory - kernel Updates
Posted Aug 30, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.1 to fix a security issue.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2016-5389
MD5 | b1121eb78ad7a4411bc337a56ecf86ee
HP Security Bulletin HPSBGN03638 1
Posted Aug 30, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03638 1 - Potential vulnerabilities have been identified in the lighttpd and OpenSSH version used in HPE Remote Device Access: Virtual Customer Access System (vCAS). These vulnerabilities could be exploited remotely resulting in unauthorized modification of information, denial of service (DoS), and disclosure of information. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
advisories | CVE-2015-3200, CVE-2016-0777, CVE-2016-0778
MD5 | a3cac6862f79f63897ce73f2afa22566
Oracle E-Business Suite 12.2 Cross Site Scripting
Posted Aug 30, 2016
Authored by Matias Mevied | Site onapsis.com

Oracle E-Business Suite version 12.2 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2016-3438
MD5 | 5d49c40f0334c0b3f06f0e2de665a09e
Oracle E-Business Suite 12.2 Cross Site Scripting
Posted Aug 30, 2016
Authored by Matias Mevied | Site onapsis.com

Oracle E-Business Suite version 12.2 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2016-3437
MD5 | 174e67a2ece102146a17cdcb8219b0c9
Red Hat Security Advisory 2016-1779-01
Posted Aug 29, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1779-01 - In accordance with the Red Hat CloudForms Support Life Cycle Policy, support for Cloudforms 3.x will end on February 28, 2017. Red Hat will not provide extended support for this product. Customers are requested to migrate to a supported Red Hat CloudForms product prior to the end of the life cycle for CloudForms 3.x. After February 28, 2017, technical support through Red Hat's Global Support Services will no longer be provided.

tags | advisory
systems | linux, redhat
MD5 | 12bfd3255d8b5dc20332c8f6713cf822
Ubuntu Security Notice USN-3072-2
Posted Aug 29, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3072-2 - Kangjie Lu discovered an information leak in the Reliable Datagram Sockets implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Yue Cao et al discovered a flaw in the TCP implementation's handling of challenge acks in the Linux kernel. A remote attacker could use this to cause a denial of service or inject content into an TCP stream. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-5244, CVE-2016-5696, CVE-2016-5829
MD5 | 0f7a56955f10766df1e3e1aec13e4705
Ubuntu Security Notice USN-3072-1
Posted Aug 29, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3072-1 - Kangjie Lu discovered an information leak in the Reliable Datagram Sockets implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Yue Cao et al discovered a flaw in the TCP implementation's handling of challenge acks in the Linux kernel. A remote attacker could use this to cause a denial of service or inject content into an TCP stream. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-5244, CVE-2016-5696, CVE-2016-5829
MD5 | 538a19566a7fa8f202697acf25f561af
Ubuntu Security Notice USN-3071-2
Posted Aug 29, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3071-2 - USN-3071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Kangjie Lu discovered an information leak in the Reliable Datagram Sockets implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-5244, CVE-2016-5696, CVE-2016-5728, CVE-2016-5828, CVE-2016-5829
MD5 | 4cce5e4ba5c85c910ae328130d74b4cd
Ubuntu Security Notice USN-3071-1
Posted Aug 29, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3071-1 - Kangjie Lu discovered an information leak in the Reliable Datagram Sockets implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Yue Cao et al discovered a flaw in the TCP implementation's handling of challenge acks in the Linux kernel. A remote attacker could use this to cause a denial of service or inject content into an TCP stream. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-5244, CVE-2016-5696, CVE-2016-5728, CVE-2016-5828, CVE-2016-5829
MD5 | 4f2d69cec937019bc33cd1a8211c552f
Ubuntu Security Notice USN-3070-1
Posted Aug 29, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3070-1 - A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. Kangjie Lu discovered an information leak in the Reliable Datagram Sockets implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-1237, CVE-2016-5244, CVE-2016-5400, CVE-2016-5696, CVE-2016-5728, CVE-2016-5828, CVE-2016-5829, CVE-2016-6197
MD5 | 15b1c9eabf01600a852384ded11c8a37
Red Hat Security Advisory 2016-1776-01
Posted Aug 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1776-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix: An insufficient bytecode verification flaw was discovered in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2016-3458, CVE-2016-3500, CVE-2016-3508, CVE-2016-3550, CVE-2016-3606
MD5 | 81517340d8fc3adf6849fbcb67656354
Debian Security Advisory 3654-1
Posted Aug 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3654-1 - Two vulnerabilities were discovered in quagga, a BGP/OSPF/RIP routing daemon.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-4036, CVE-2016-4049
MD5 | b7855f2f305fde4384f397def31126a3
Debian Security Advisory 3652-1
Posted Aug 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3652-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum, PDB, DDS, DCM, EXIF, RGF or BMP files are processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2016-4562, CVE-2016-4563, CVE-2016-4564, CVE-2016-5010, CVE-2016-5687, CVE-2016-5688, CVE-2016-5689, CVE-2016-5690, CVE-2016-5691, CVE-2016-5841, CVE-2016-5842, CVE-2016-6491
MD5 | cab4883976a43af7a1adf802c23c4309
Page 1 of 8
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close