accept no compromises
Showing 1 - 25 of 40 RSS Feed

Files Date: 2013-01-15

Ubuntu Security Notice USN-1691-1
Posted Jan 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1691-1 - A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4530
MD5 | f8cae02be1a35d467257df1941351ae0
Ubuntu Security Notice USN-1689-1
Posted Jan 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1689-1 - Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual machine) subsystem's handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4461, CVE-2012-4530, CVE-2012-4461, CVE-2012-4530
MD5 | 910941867190376e5a8ba8d02a70832c
Ubuntu Security Notice USN-1688-1
Posted Jan 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1688-1 - Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual machine) subsystem's handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4461, CVE-2012-4530, CVE-2012-4461, CVE-2012-4530
MD5 | 74954c800770c1962d255eaa98fecf85
Debian Security Advisory 2608-1
Posted Jan 15, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2608-1 - It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not discard such frames (which it will by default).

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2012-6075
MD5 | a8dac3a8d60e977631f6e168c53c0766
Debian Security Advisory 2607-1
Posted Jan 15, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2607-1 - It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not discard such frames (which it will by default).

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2012-6075
MD5 | 2dd064816421d8cc3143429742c22386
Red Hat Security Advisory 2013-0164-01
Posted Jan 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0164-01 - JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-3546
MD5 | 45483149d9ddd87f47857b5180906e57
Red Hat Security Advisory 2013-0162-01
Posted Jan 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0162-01 - JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. JBoss Enterprise SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-3546
MD5 | e3c7ed88cf19fba95089f2f9bd46b3ce
Red Hat Security Advisory 2013-0163-01
Posted Jan 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0163-01 - JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-3546
MD5 | f9d13eb0b213c7ee75c3205e5e0e3d71
Snews CMS SQL Injection
Posted Jan 15, 2013
Authored by By onestree

Snews CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5f9296b9c591c751f35bd9a8e3839a5e
DOMSDAY: Analyzing A DOM-Based XSS In Yahoo!
Posted Jan 15, 2013
Authored by Abysssec, Shahin | Site abysssec.com

This is a whitepaper that discusses a reflective cross site scripting issue in *.adspecs.yahoo.com due to sessvars.js not filtering before performing an eval.

tags | paper, xss
MD5 | 6d8f64ccc1b56f5cf131440f943b5d8c
phpLiteAdmin 1.8.x / 1.9.x SQL Injection
Posted Jan 15, 2013
Authored by KedAns-Dz

phpLiteAdmin versions 1.8.x and 1.9.x suffer from remote SQL injection and path disclosure vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 86dcbd48ddd80e867cdd704ae5e0e421
Secunia Security Advisory 51780
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in the Simple Login Log plugin for WordPress, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct script insertion and SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | fe0234692a0ac531ed6f8b15038d9b02
Secunia Security Advisory 51826
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.

tags | advisory
systems | linux, ubuntu
MD5 | 45bd9990242e663beffd194c29dc6d22
Secunia Security Advisory 51617
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Inshell Security has discovered a vulnerability in Serva, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 843f8b0814cf30be7b76f273c89d641c
Secunia Security Advisory 51873
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.7.0-oracle. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, java, vulnerability
systems | linux, redhat
MD5 | 47cfe722a1c33f7843183501257390c3
Secunia Security Advisory 51841
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for tomcat. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
MD5 | a188ba1ad08ae64e97bf5472a97491cf
Secunia Security Advisory 51860
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in E.M.M.A., which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 43b5f841a519b00d4365073746f4a988
FreeSSHd 1.2.6 Authentication Bypass
Posted Jan 15, 2013
Site metasploit.com

This Metasploit module exploits a vulnerability found in FreeSSHd versions 1.2.6 and below to bypass authentication. You just need the username (which defaults to root). The exploit has been tested with both password and public key authentication.

tags | exploit, root
advisories | CVE-2012-6066, OSVDB-88006
MD5 | 8d6bccbb8f109effa0aa8d6ab34c3418
Secunia Security Advisory 51633
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Cognos TM1, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | bbab7db188067601600efc161a46cab2
Secunia Security Advisory 51838
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
MD5 | 71baa6ba6dbce140d45c15035b3d4524
Microsoft Security Bulletin Out-Of-Band Summary For January, 2013
Posted Jan 15, 2013
Site microsoft.com

This bulletin summary lists one released out-of-band Microsoft security bulletin for January, 2013.

tags | advisory
MD5 | 7c7ec482c1c4e25352776ca6f9f96488
Secunia Security Advisory 51832
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Juniper JunosE, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | juniper
MD5 | f0f4f7793f0753955a3901f87aa4dce5
Secunia Security Advisory 51862
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Condor, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
MD5 | 409bc69cc41207f7a0a1fd70d584dcbe
Secunia Security Advisory 51765
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Apache CouchDB, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.

tags | advisory, vulnerability, xss
MD5 | eb5d0f16df92009b8578610ca2ce1cc8
Secunia Security Advisory 51840
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Samba, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | a612f21d6269e102d2ba6a97b89c81cd
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close