ignore security and it'll go away
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-07-16

Debian Security Advisory 2722-1
Posted Jul 16, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2722-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471
MD5 | 620bbedd146c9e2247c00cfe030d51d9
Packet Fence 4.0.2
Posted Jul 16, 2013
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: This release adds many bugfixes and enhancements. bind has been replaced by pfdns (PF's own DNS server), Oauth2 support has been greatly improved, line graphs of reports have new counters, simple searching of nodes has been extended to match MAC, owner, and computer name, each portal profile can now use a list of authentication sources, and a switch definition can now be easily cloned.
tags | tool, remote
systems | unix
MD5 | 5954864b1172a7e16671c21f64ba9a0b
Mandriva Linux Security Advisory 2013-196
Posted Jul 16, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-196 - Updated java-1.6.0-openjdk packages fix multiple security vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472
MD5 | f6da006049c3750d2d244fe0c5933554
Ubuntu Security Notice USN-1904-1
Posted Jul 16, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1904-1 - It was discovered that libxml2 would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly obtain access to arbitrary files or cause resource consumption. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 12.10. It was discovered that libxml2 incorrectly handled documents that end abruptly. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-0339, CVE-2013-2877, CVE-2013-0339, CVE-2013-2877
MD5 | f4f35de65d8e827fa444b5407469a968
Red Hat Security Advisory 2013-1063-01
Posted Jul 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1063-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially-crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. All php users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

tags | advisory, web, overflow, arbitrary, php
systems | linux, redhat
advisories | CVE-2013-4113
MD5 | bac0d814f7de929e6aae49a608b933c9
HP Security Bulletin HPSBPV02891
Posted Jul 16, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV02891 - A potential security vulnerability has been identified with HP ProCurve Switches. The vulnerability could be remotely exploited resulting in unauthorized information disclosure. Revision 1 of this advisory.

tags | advisory, info disclosure
advisories | CVE-2008-7270
MD5 | e06dd6625eeaee2b404563ff2a2b375f
Dell Kace 1000 SMA 5.4.70402 Cross Site Scripting
Posted Jul 16, 2013
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

Dell Kace 1000 SMA version 5.4.70402 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 53de58914575709732ba1b2c69ff45a4
Ubuntu Security Notice USN-1903-1
Posted Jul 16, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1903-1 - It was discovered that the mod_rewrite module incorrectly sanitized non-printable characters before writing data to log files. A remote attacker could possibly use this flaw to execute arbitrary commands by injecting escape sequences in the log file. It was discovered that the mod_dav module incorrectly handled certain MERGE requests. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-1862, CVE-2013-1896, CVE-2013-1862, CVE-2013-1896
MD5 | 11b3fca191250859499f55046eaa5702
Olive File Manager 1.0.1 Arbitrary File Upload / XSS
Posted Jul 16, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Olive File Manager version 1.0.1 for iOS suffers from arbitrary file upload and cross site scripting vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss, file upload
systems | ios
MD5 | a3ac9ca39eab49047b3339d0e06c9bc5
FTP Sprite 1.2.1 Script Insertion
Posted Jul 16, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

FTP Sprite version 1.2.1 for iOS suffers from a persistent script insertion vulnerability.

tags | exploit
systems | ios
MD5 | 6e06778ed35ffd4ee825ffb21b65a210
Squid 3.3.5 Denial Of Service
Posted Jul 16, 2013
Authored by Kingcope

Squid version 3.3.5 remote denial of service crash exploit.

tags | exploit, remote, denial of service
MD5 | 388d844788ad94b3aba945ece2edc91d
Eglibc PTR MANGLE Bug
Posted Jul 16, 2013
Authored by Hector Marco, Ismael Ripoll

Eglibc suffers from a PTR MANGLE bug. All statically linked applications compiled with glibc and eglibc are affected, independent of the operating system distribution. Note that this problem is not solved by only patching the eglibc, but it is also necessary to recompile all static executables. Proof of concept exploit included.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2013-4788
MD5 | 950ed842b41474f594ac66691fbda019
Red Hat Security Advisory 2013-1062-01
Posted Jul 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1062-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially-crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. All php53 users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

tags | advisory, web, overflow, arbitrary, php
systems | linux, redhat
advisories | CVE-2013-4113
MD5 | de7bf8577694245b31d5e4bd00f229ef
Nikon CoolPix L Series Fw 1.0 Information Disclosure
Posted Jul 16, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Nikon CoolPix L Series Fw version 1.0 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | e92b7b1def282a4f75e6d9b027e4aa8d
Barracuda CudaTel 2.6.02.040 Cross Site Scripting
Posted Jul 16, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Barracuda CudaTel version 2.6.02.040 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | cd88c635ff089746f3a772d856d1e2aa
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    6 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close