what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-10-21

Tinc Virtual Private Network Daemon 1.0.23
Posted Oct 21, 2013
Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: This release fixes the combination of Mode = router and DeviceType = tap, sets the $NAME variable in subnet-up/down scripts, gives an error when unknown options are given on the commandline, and correctly handles a space between a short commandline option and an optional argument.
tags | tool, encryption
systems | unix
SHA-256 | bcf06bdf16ff903821e33fc1ce6219d6429971aa5acd70f4e8a35b4332442812
Watchguard Server Center 11.7.4 Cross Site Scripting
Posted Oct 21, 2013
Authored by Julien Ahrens | Site rcesecurity.com

Watchguard Server Center version 11.7.4 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-5702
SHA-256 | 21a7488291867114eeb368131b1bd0f179b36af50dd69fe04235cd15e9d10e81
Android Camera Driver Buffer Overflow / Memory Disclosure
Posted Oct 21, 2013
Authored by Jonathan Salwan

A stack-based buffer overflow and a kernel memory disclosure vulnerability have been discovered in the system call handlers of the camera driver for Android.

tags | advisory, overflow, kernel
advisories | CVE-2013-4738, CVE-2013-4739
SHA-256 | 5e4baafc3b719ae7fddd0675ed808b960988f0436701a0308d0d5005f17017a3
Debian Security Advisory 2783-1
Posted Oct 21, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2783-1 - Several vulnerabilities were discovered in Rack, a modular Ruby webserver interface.

tags | advisory, vulnerability, ruby
systems | linux, debian
advisories | CVE-2011-5036, CVE-2013-0184, CVE-2013-0263
SHA-256 | 3c392a1375e3aa987daddb2c193f9928f448bd6e8ece3459581735e59e24c6f5
Debian Security Advisory 2781-1
Posted Oct 21, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2781-1 - A cryptographic vulnerability was discovered in the pseudo random number generator in python-crypto.

tags | advisory, crypto, python
systems | linux, debian
advisories | CVE-2013-1445
SHA-256 | 6695a6576586dea915a7c65e935fc8c86b16417e40a9f3b27fa899ac2231fddf
Red Hat Security Advisory 2013-1448-01
Posted Oct 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1448-01 - Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2013-2186, CVE-2013-4210, CVE-2013-4293, CVE-2013-4373
SHA-256 | 03fa7e52d5b3150d12a62cd92687cd74e25829acb9a583514ad4089323ece6f9
Red Hat Security Advisory 2013-1447-01
Posted Oct 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1447-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine. The class loader did not properly check the package access for non-public proxy classes. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2013-3829, CVE-2013-4002, CVE-2013-5772, CVE-2013-5774, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5790, CVE-2013-5797, CVE-2013-5800, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5814, CVE-2013-5817, CVE-2013-5820, CVE-2013-5823, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830, CVE-2013-5838, CVE-2013-5840, CVE-2013-5842, CVE-2013-5849, CVE-2013-5850
SHA-256 | a4a9467ade7fa361d330fec6175a9960c1af594161dadf75c30566556438330a
Ubuntu Security Notice USN-1991-1
Posted Oct 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1991-1 - It was discovered that the GNU C Library incorrectly handled the strcoll() function. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. It was discovered that the GNU C Library incorrectly handled multibyte characters in the regular expression matcher. An attacker could use this issue to cause a denial of service. It was discovered that the GNU C Library incorrectly handled large numbers of domain conversion results in the getaddrinfo() function. An attacker could use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-0242, CVE-2013-1914, CVE-2013-4237, CVE-2013-4332, CVE-2012-4412, CVE-2012-4424, CVE-2013-0242, CVE-2013-1914, CVE-2013-4237, CVE-2013-4332
SHA-256 | 9a3faf4d014c0ecc32760724cade9dbcc4a41d949e21274c41bba46d64866b9f
Debian Security Advisory 2782-1
Posted Oct 21, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2782-1 - Multiple security issues have been discovered in PolarSSL, a lightweight crypto and SSL/TLS library.

tags | advisory, crypto
systems | linux, debian
advisories | CVE-2013-4623, CVE-2013-5914, CVE-2013-5915
SHA-256 | 97680e92d317bf31d647c5abadc604617e0328ccc9f37594fbd9fec713ac66a5
Slackware Security Advisory - hplip Updates
Posted Oct 21, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New hplip packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2013-4325.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4325
SHA-256 | d51789595e74cd6d927413448faf207d8b136de73fc3d59e6680590ccc5769c8
Slackware Security Advisory - libtiff Updates
Posted Oct 21, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libtiff packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2012-2088,CVE-2012-2113,CVE-2012-4447,CVE-2012-4564,CVE-2013-1960,CVE-2013-1961,CVE-2013-4231,CVE-2013-4232,CVE-2013-4244.

tags | advisory
systems | linux, slackware
advisories | CVE-2012-2088, CVE-2012-2113, CVE-2012-4447, CVE-2012-4564, CVE-2013-1960, CVE-2013-1961, CVE-2013-4231, CVE-2013-4232, CVE-2013-4244
SHA-256 | 8efbfdf677fa9982c5f47aeec194dfc0fddb0fe6852beca1661e63d8b3687b4b
Apache Sling 1.1.2 Open Redirect
Posted Oct 21, 2013
Authored by Raphael Wegmueller

Apache Sling versions 1.1.2 and below suffer from an open redirect vulnerability.

tags | advisory
advisories | CVE-2013-4390
SHA-256 | ee270abce05743ee02362386f6d83b6a0c357df5e869edb7ce72edc6ced89f5b
FiberHome Modem Router HG-110 Authentication Bypass
Posted Oct 21, 2013
Authored by Javier Perez

FiberHome Modem Router HG-110 suffers from an authentication bypass vulnerability that allows the remote changing of DNS servers.

tags | exploit, remote, bypass
SHA-256 | 972d616c28086f2b3f10a8ca5c80a965c307fe54834e9cd0d9ecabca6979c7e9
Dell Quest One Password Manager CAPTCHA Bypass
Posted Oct 21, 2013
Authored by Johnny Bravo

The Quest One Password Manager simply fails to check the CAPTCHA submitted if the values do not accompany the payload.

tags | exploit
SHA-256 | 313d269064ddfbfb5e73fe5e9e030996a25bafd0370abddea445ea7aa3963b9a
The Internals Of Relocation
Posted Oct 21, 2013
Authored by x90c

This brief article explains the process of .text section's relocation after passing the link_map object.

tags | paper
SHA-256 | a5f963a9dcb408cc957d47bf57c12f5f9de416ea728b132bc68ab35f7d718857
glibc 2.5 reloc Crash Bug
Posted Oct 21, 2013
Authored by x90c

glibc version 2.5 suffers from a crash bug due to relocation types.

tags | advisory
SHA-256 | 163fcff7cbfeb2e0da5ae7c5f567ee8309c8399af6b50ef32484366325637dfc
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close