the original cloud security
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-04-30

Breakpoint 2013 Call For Papers
Posted Apr 30, 2013
Authored by bpx | Site ruxconbreakpoint.com

The Breakpoint 2013 Call For Papers has been announced. It will take place at the Intercontinental Rialto in Melbourne, Australia October 24th through the 25th, 2013. Breakpoint showcases the work of expert security researchers from around the world on a wide range of topics. This conference is organized by the Ruxcon team and offers a specialized security conference to complement and lead into the larger and more casual Ruxcon weekend conference. Breakpoint caters towards security researchers and industry professionals alike, with a focus on cutting edge security research.

tags | paper, conference
MD5 | e6d471e4116bcfd45ba0b3b154122679
IBM Lotus Notes 8.5.3 Code Execution
Posted Apr 30, 2013
Authored by Alexander Klink | Site nruns.com

The Lotus Notes mail client accepts applet tags inside HTML emails, making it possible to load Java applets from a remote location. Combined with known Java sandbox escape vulnerabilities, it can be used to fully compromise the user reading the email.

tags | advisory, java, remote, vulnerability
advisories | CVE-2013-0127
MD5 | 95cf0bdf3e81e3e7e835b24e233812fa
HP Security Bulletin HPSBMU02872 SSRT101185
Posted Apr 30, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02872 SSRT101185 - Potential security vulnerabilities have been identified with HP Service Manager Web Tier running on Windows. Service Manager Web Tier is vulnerable to remote disclosure of information and cross site scripting (XSS). Revision 1 of this advisory.

tags | advisory, remote, web, vulnerability, xss
systems | windows
advisories | CVE-2012-5222, CVE-2013-2321
MD5 | 2ae19913767ed1c1a9706352d49d1847
Syslog Watcher Pro 2.8.0.812 Cross Site Scripting
Posted Apr 30, 2013
Authored by demonalex

Syslog Watcher Pro version 2.8.0.812 suffers from a cross site scripting vulnerability in the date parameter.

tags | exploit, xss
MD5 | f164c179146707b31d4ec1b3fe905209
WowzaMediaServer Properties Information Disclosure
Posted Apr 30, 2013
Authored by Michal J.

WowzaMediaServer allows for direct getting and setting of properties which in turn can enable an attacker the ability to mount further attacks.

tags | advisory, bypass
MD5 | 877152591ccfb69fd635e06f8c5add2c
WowzaMediaServer StorageDir Constraint Bypass
Posted Apr 30, 2013
Authored by Michal J.

WowzaMediaServer suffers from a bypass vulnerability that allows for accessing of files outside of the allowed StorageDir directory.

tags | exploit, bypass
MD5 | 16e059de5db2b3f3fd8dfc6b604a0c52
Security Notice For CA ControlMinder - Update
Posted Apr 30, 2013
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers to a potential risk with CA ControlMinder. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued remediation to address the vulnerability. The vulnerability occurs due to the default JBoss Application Server configuration not correctly enforcing authentication. A remote attacker can bypass authentication, which may result in arbitrary code execution and server compromise. This vulnerability only affects the server components.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-0738
MD5 | ccdd7b27926890f3014dc5a7a13caab2
HP Security Bulletin HPSBMU02874 SSRT101184
Posted Apr 30, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02874 SSRT101184 - Several potential security vulnerabilities have been identified with HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX. The Java Runtime Environment (JRE) has been updated to correct these issues. Revision 1 of this advisory.

tags | advisory, java, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-1541, CVE-2012-1543, CVE-2012-3213, CVE-2012-3342, CVE-2012-4301, CVE-2012-4305, CVE-2013-0169, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0436, CVE-2013-0437, CVE-2013-0438, CVE-2013-0439, CVE-2013-0440
MD5 | 79c70c37adbfafb90017b4fa51428c59
Personal File Share HTTP Server Remote Overflow
Posted Apr 30, 2013
Authored by demonalex

Personal File Share HTTP server suffers from a remote buffer overflow vulnerability. Proof of concept denial of service code included.

tags | exploit, remote, web, denial of service, overflow, proof of concept
MD5 | 560458247fe7fb6b03d9728121a3fd0b
HP Security Bulletin HPSBMU02873 SSRT101182
Posted Apr 30, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02873 SSRT101182 - Several potential security vulnerabilities have been identified with HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX. The Apache Tomcat environment has been updated to correct these issues. Revision 1 of this advisory.

tags | advisory, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-2733, CVE-2012-3546, CVE-2012-4431, CVE-2012-4534
MD5 | 134f8575c9609064436934f44a5277bd
FreeBSD Security Advisory - NFS Server Input Validation
Posted Apr 30, 2013
Site security.freebsd.org

FreeBSD Security Advisory - When processing READDIR requests, the NFS server does not check that it is in fact operating on a directory node. An attacker can use a specially modified NFS client to submit a READDIR request on a file, causing the underlying filesystem to interpret that file as a directory.

tags | advisory
systems | freebsd
advisories | CVE-2013-3266
MD5 | d5b275c0b0d0f8421881f2955da1da5d
Mandriva Linux Security Advisory 2013-159
Posted Apr 30, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-159 - ClamAV 0.97.8 addresses several reported potential security bugs.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-2020, CVE-2013-2021
MD5 | e7305358b3dc61842a9f6010a0b2e9fb
Debian Security Advisory 2665-1
Posted Apr 30, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2665-1 - Kevin Wojtysiak discovered a vulnerability in strongSwan, an IPsec based VPN solution.

tags | advisory
systems | linux, debian
advisories | CVE-2013-2944
MD5 | 19ebdad978bc65eebdd05b02b74ea4d0
Mandriva Linux Security Advisory 2013-158
Posted Apr 30, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-158 - The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2013-1416
MD5 | ca60d6fbc13226ad0707b77ab02e4037
Mandriva Linux Security Advisory 2013-157
Posted Apr 30, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-157 - The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center in MIT Kerberos 5 before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate, which allows remote attackers to cause a denial of service via a malformed KRB5_PADATA_PK_AS_REQ AS-REQ request. The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2013-1415, CVE-2013-1416
MD5 | fc8acde75392e9321dc50b088b187a89
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close