seeing is believing
Showing 1 - 25 of 26 RSS Feed

Files Date: 2013-09-04

Red Hat Security Advisory 2013-1207-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1207-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.1.0, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-3499, CVE-2012-4558, CVE-2013-1862, CVE-2013-1896, CVE-2013-1921, CVE-2013-2172, CVE-2013-4112
MD5 | 57f850de7fc7ad6370fd505d5c8d0a67
Red Hat Security Advisory 2013-1208-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1208-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.1.0, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-3499, CVE-2012-4558, CVE-2013-1862, CVE-2013-1896, CVE-2013-1921, CVE-2013-2172, CVE-2013-4112
MD5 | 2a6821ae0d1055c847f904a19fd221a8
Red Hat Security Advisory 2013-1205-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1205-01 - Red Hat Storage is a software only, scale-out storage solution that provides flexible and agile unstructured data storage for the enterprise. Multiple insecure temporary file creation flaws were found in Red Hat Storage server. A local user on the Red Hat Storage server could use these flaws to cause arbitrary files to be overwritten as the root user via a symbolic link attack. These issues were discovered by Gowrishankar Rajaiyan of Red Hat and Kurt Seifried of the Red Hat Security Response Team.

tags | advisory, arbitrary, local, root
systems | linux, redhat
advisories | CVE-2013-4157
MD5 | b0d7601c51fdaf61a594c6d77dca15a2
Red Hat Security Advisory 2013-1206-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1206-01 - Red Hat CloudForms Management Engine provides the insight, control, and automation needed to address the challenges of managing virtual environments. Multiple directory traversal flaws were found in Red Hat CloudForms Management Engine. A remote, unauthenticated attacker could use these flaws to upload arbitrary code, and have that code executed with root privileges on Red Hat CloudForms Management Engine. This issue was discovered by Ramon de C Valle of the Red Hat Product Security Team.

tags | advisory, remote, arbitrary, root
systems | linux, redhat
advisories | CVE-2013-2068
MD5 | edd82033834987b48011cf4e5b0858d6
Red Hat Security Advisory 2013-1204-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1204-01 - HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A flaw was found in the way HAProxy handled requests when the proxy's configuration had certain rules that use the hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy instances that use the affected configuration. In Red Hat OpenShift Enterprise, the HAProxy cartridge is added to your application when you select to have your application scaled.

tags | advisory, remote, web, tcp
systems | linux, redhat
advisories | CVE-2013-2175
MD5 | 483a955d8dcdff9c261393e3cdb6756e
Red Hat Security Advisory 2013-1203-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1203-01 - RubyGems is the Ruby standard for publishing and managing third-party libraries. It was found that, when using RubyGems, the connection could be redirected from HTTPS to HTTP. This could lead to a user believing they are installing a gem via HTTPS, when the connection may have been silently downgraded to HTTP. It was found that RubyGems did not verify SSL connections. This could lead to man-in-the-middle attacks.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2012-2125, CVE-2012-2126
MD5 | a6e45eb5d38b511534bf7087ad2e8b90
Red Hat Security Advisory 2013-1209-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1209-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.1.0, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-3499, CVE-2012-4558, CVE-2013-1862, CVE-2013-1896, CVE-2013-1921, CVE-2013-2172, CVE-2013-4112
MD5 | 9eb099e79e1ae079b63410d608655692
Packet Storm Advisory 2013-0903-1 - Apple Safari Heap Buffer Overflow
Posted Sep 4, 2013
Authored by Vitaliy Toropov | Site packetstormsecurity.com

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. This method accepts the user-defined JavaScript function and calls it from the native code to compare array items. If this compare function reduces array length, then the trailing array items will be written outside the "m_storage->m_vector[]" buffer, which leads to the heap memory corruption. This finding was purchased through the Packet Storm Bug Bounty program.

tags | advisory, overflow, arbitrary, javascript, code execution, bug bounty, packet storm
systems | apple, osx, iphone, ios
advisories | CVE-2012-3748
MD5 | 84be806acc044302df636242b657b7ce
Packet Storm Exploit 2013-0903-1 - Apple Safari Heap Buffer Overflow
Posted Sep 4, 2013
Authored by Vitaliy Toropov | Site packetstormsecurity.com

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. The exploit for this vulnerability is javascript code which shows how to use it for memory corruption of internal JS objects (Unit32Array and etc.) and subsequent arbitrary code execution (custom ARM/x64 payloads can be pasted into the JS code). This exploit affects Apple Safari version 6.0.1 for iOS 6.0 and OS X 10.7/8. Earlier versions may also be affected. It was obtained through the Packet Storm Bug Bounty program.

tags | exploit, overflow, arbitrary, javascript, code execution, bug bounty, packet storm
systems | apple, osx, iphone, ios
advisories | CVE-2012-3748
MD5 | 787a49feec5e44d9cffe71f5e9015a71
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
Posted Sep 4, 2013
Authored by corelanc0d3r, sinn3r | Site metasploit.com

This is a memory corruption bug found in Microsoft Internet Explorer. On IE 9, it seems to only affect certain releases of mshtml.dll. For example: This Metasploit module can be used against version 9.0.8112.16446, but not for 9.0.8112.16421. IE 8 requires a different way to trigger the vulnerability, but not currently covered by this module. The issue is specific to the browser's IE7 document compatibility, which can be defined in X-UA-Compatible, and the content editable mode must be enabled. An "onmove" event handler is also necessary to be able to trigger the bug, and the event will be run twice before the crash. The first time is due to the position change of the body element, which is also when a MSHTML!CFlatMarkupPointer::`vftable' object is created during a "SelectAll" command, and this object will be used later on for the crash. The second onmove event seems to be triggered by a InsertButton (or Insert-whatever) command, which is also responsible for the free of object CFlatMarkupPointer during page rendering. The EnsureRecalcNotify() function will then still return an invalid reference to CFlatMarkupPointer (stored in EBX), and then passes this on to the next functions (GetLineInfo -> QIClassID). When this reference arrives in function QIClassID, an access violation finally occurs when the function is trying to call QueryInterface() with the bad reference, and this results a crash. Successful control of the freed memory may leverage arbitrary code execution under the context of the user. Note: It is also possible to see a different object being freed and used, doesn't always have to be CFlatMarkupPointer.

tags | exploit, arbitrary, code execution
advisories | CVE-2013-3184, OSVDB-96182
MD5 | 5f9cbc7399e96d19ddf7fba26a5ef49a
HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
Posted Sep 4, 2013
Authored by juan vazquez, Brian Gorenc | Site metasploit.com

This Metasploit module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileString method, which allow the user to write arbitrary files. It's abused to drop a payload embedded in a dll, which is later loaded through the Init() method from the lrMdrvService control, by abusing an insecure LoadLibrary call. This Metasploit module has been tested successfully on IE8 on Windows XP. Virtualization based on the Low Integrity Process, on Windows Vista and 7, will stop this module because the DLL will be dropped to a virtualized folder, which isn't used by LoadLibrary.

tags | exploit, arbitrary, activex
systems | windows, xp, vista
advisories | CVE-2013-4798, OSVDB-95642
MD5 | 5f7630ca27a1c56598761f3e375ec40d
Kiwicon Seven Call For Papers
Posted Sep 4, 2013
Site kiwicon.org

Kiwicon Seven Call For Papers - This year Kiwicon will be held from November 9th through 10th, 2013 at the Opera House in Wellington, New Zealand.

tags | paper, conference
MD5 | 0819c2065b54be172c1e94c33f90bc47
RSA Archer GRC 5.4 Open Redirect / Improper Restriction
Posted Sep 4, 2013
Site emc.com

RSA Archer GRC 5.4 platform contains fixes for security vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. These include improper restriction of user login and an open redirect.

tags | advisory, vulnerability
advisories | CVE-2013-3276, CVE-2013-3277
MD5 | 6e0ba14366809b45036288b24ac74690
Red Hat Security Advisory 2013-1199-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1199-01 - The openstack-nova packages provide OpenStack Compute, which provides services for provisioning, managing, and using virtual machine instances. It was found that the fixes for CVE-2013-1664 and CVE-2013-1665, released via RHSA-2013:0657, did not fully correct the issues in the Extensible Markup Language parser used by Nova. A remote attacker could use this flaw to send a specially-crafted request to a Nova API, causing Nova to consume an excessive amount of CPU and memory, or possibly crash.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-2256, CVE-2013-4179, CVE-2013-4185, CVE-2013-4261
MD5 | 9fd59acb2c6c5e66e372a526644ba335
Red Hat Security Advisory 2013-1201-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1201-01 - V8 is Google's open source JavaScript engine. A type confusion issue was found in the V8 JavaScript engine. An attacker could use this flaw to cause a denial of service or, potentially, execute arbitrary code. Note: Exploitation of this issue requires, at the least, execution of malicious JavaScript. In the standard use case of ruby193-v8 in Red Hat OpenStack it is unlikely that a scenario exists where this would occur. Users of ruby193-v8 are advised to upgrade to these updated packages, which correct this issue.

tags | advisory, denial of service, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2013-2882
MD5 | 5c0f38f135ea6e061ecf5cb68e4e42d8
Red Hat Security Advisory 2013-1198-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1198-01 - The openstack-cinder packages provide OpenStack Volume, which provides services to manage and access block storage volumes for use by virtual machine instances. It was found that the fixes for CVE-2013-1664 and CVE-2013-1665, released via RHSA-2013:0658, did not fully correct the issues in the Extensible Markup Language parser used by Cinder. A remote attacker could use this flaw to send a specially-crafted request to a Cinder API, causing Cinder to consume an excessive amount of CPU and memory, or possibly crash.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-4183, CVE-2013-4202
MD5 | 674edb13e560d92d700a54bfc1b9115c
Red Hat Security Advisory 2013-1200-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1200-01 - The python-glanceclient package provides a client for the OpenStack Glance API. It was discovered that the Python Glance client did not properly check SSL certificates. An attacker could use this flaw to conduct man-in-the-middle attacks.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2013-4111
MD5 | b018beba040983a76502b883a1724de8
Red Hat Security Advisory 2013-1197-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1197-01 - OpenStack Swift is a highly available, distributed, eventually consistent object/blob store. A denial of service flaw in OpenStack Swift allowed attackers to fill the object server with object tombstones. This could lead to subsequent requests from legitimate users taking an excessive amount of time. This issue was discovered by Peter Portante of Red Hat. All users of openstack-swift are advised to upgrade to these updated packages, which correct this issue. After installing this update, the OpenStack Swift services will be restarted automatically.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2013-4155
MD5 | 80b9375b9098fade4a2baf85cb17b8e1
Red Hat Security Advisory 2013-1195-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1195-01 - Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4 kernel. These custom kernel packages include support for network namespaces, this support is required to facilitate advanced OpenStack Networking deployments. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2012-6544, CVE-2013-2146, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2237
MD5 | bb751fd3ee44677196b32096e41b9615
Red Hat Security Advisory 2013-1196-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1196-01 - The Foreman packages provide facilities for rapidly deploying Red Hat OpenStack 3.0. These packages are provided as a Technology Preview. For more information on the scope and nature of support for items marked as Technology Preview, refer to https://access.redhat.com/support/offerings/techpreview/ A flaw was found in the API where insufficient privilege checks were conducted by the hosts controller, allowing any user with API access to control any host. A denial of service flaw was found in Foreman in the way user input was converted to a symbol. An authenticated user could create inputs that would lead to excessive memory consumption.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2013-4180, CVE-2013-4182
MD5 | 1d6242a80a77bc7e155b3769c65e94ac
Red Hat Security Advisory 2013-1193-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1193-01 - JBoss Web is the web container, based on Apache Tomcat, in Red Hat JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process.

tags | advisory, java, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2013-2185
MD5 | 35d6c20bf55de5e8f5ce5e706a4123aa
Red Hat Security Advisory 2013-1192-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1192-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. A flaw was found in the way concurrent access to the clients ring buffer was performed in the spice-server library. A remote user able to initiate a SPICE connection to an application acting as a SPICE server could use this flaw to crash the application.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2013-4130
MD5 | 22c8e4cb378879df02b140d1b6925746
Red Hat Security Advisory 2013-1194-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1194-01 - JBoss Web is the web container, based on Apache Tomcat, in Red Hat JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process.

tags | advisory, java, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2013-2185
MD5 | 4db061eb71bf3a5f4e4aad9f96927634
Debian Security Advisory 2750-1
Posted Sep 4, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2750-1 - Anton Kortunov reported a heap corruption in ImageMagick, a program collection and library for converting and manipulating image files. Crafted GIF files could cause ImageMagick to crash, potentially leading to arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, debian
advisories | CVE-2013-4298
MD5 | fd870a3c90fa2b43846dd64ce69fd80e
DAVOSET 1.1.3
Posted Sep 4, 2013
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Cookie support added. Various other updates.
tags | denial of service
MD5 | f6eaad891d34df6bd026e373ae746824
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close