ignore security and it'll go away
Showing 1 - 25 of 41 RSS Feed

Files Date: 2013-11-21

DesktopCentral AgentLogUpload Arbitrary File Upload
Posted Nov 21, 2013
Authored by Thomas Hibbert | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability in DesktopCentral 8.0.0 below build 80293. A malicious user can upload a JSP file into the web root without authentication, leading to arbitrary code execution.

tags | exploit, web, arbitrary, root, code execution, file upload
MD5 | 86ad76c3beb2366853357f141c4f52f2
Debian Security Advisory 2801-1
Posted Nov 21, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2801-1 - Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to upload files to a service that uses HTTP::Body::Multipart could potentially execute commands on the server if these temporary filenames are used in subsequent commands without further checks.

tags | advisory, web, perl
systems | linux, debian
advisories | CVE-2013-4407
MD5 | 316f3430b59f76f51a63ff5ab0bbe306
Facebook Friends Disclosure
Posted Nov 21, 2013
Authored by Irene Abezgauz

Facebook suffers from a private friend list disclosure vulnerability via the People You May Know functionality.

tags | exploit, info disclosure
MD5 | 4bac9511b397ecee12ec294872c66447
Red Hat Security Advisory 2013-1615-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1615-02 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. A flaw was found in PHP's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. If an attacker was able to get a carefully crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate to conduct man-in-the-middle attacks to spoof SSL servers.

tags | advisory, remote, web, spoof, php
systems | linux, redhat
advisories | CVE-2006-7243, CVE-2013-1643, CVE-2013-4248
MD5 | e24de929a5bc6a719b1041fe7ca78434
Red Hat Security Advisory 2013-1569-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1569-02 - Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.

tags | advisory, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2012-2392, CVE-2012-3825, CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-5595, CVE-2012-5597, CVE-2012-5598, CVE-2012-5599, CVE-2012-5600, CVE-2012-6056, CVE-2012-6059, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062, CVE-2013-3557, CVE-2013-3559, CVE-2013-3561, CVE-2013-4081, CVE-2013-4083, CVE-2013-4927, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934
MD5 | 014d86bb32e11de03163fc0a0a95495b
Red Hat Security Advisory 2013-1582-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1582-02 - Python is an interpreted, interactive, object-oriented programming language. A flaw was found in the way the Python SSL module handled X.509 certificate fields that contain a NULL byte. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to obtain a carefully crafted certificate signed by an authority that the client trusts. These updated python packages include numerous bug fixes and one enhancement. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical Notes, linked to in the References, for information on the most significant of these changes.

tags | advisory, spoof, python
systems | linux, redhat
advisories | CVE-2013-4238
MD5 | 518b1885af323b373e4c9cb1dad43344
Red Hat Security Advisory 2013-1540-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1540-02 - Evolution is the integrated collection of email, calendaring, contact management, communications, and personal information management tools for the GNOME desktop environment. A flaw was found in the way Evolution selected GnuPG public keys when encrypting emails. This could result in emails being encrypted with public keys other than the one belonging to the intended recipient. The Evolution packages have been upgraded to upstream version 2.32.3, which provides a number of bug fixes and enhancements over the previous version. These changes include implementation of Gnome XDG Config Folders, and support for Exchange Web Services protocol to connect to Microsoft Exchange servers. EWS support has been added as a part of the evolution-exchange packages.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2013-4166
MD5 | b413381d165bf565fbe1231558293b89
Red Hat Security Advisory 2013-1553-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1553-02 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems that is built into the standard Red Hat Enterprise Linux kernel. The qemu-kvm packages form the user-space component for running virtual machines using KVM. A buffer overflow flaw was found in the way QEMU processed the SCSI "REPORT LUNS" command when more than 256 LUNs were specified for a single SCSI target. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

tags | advisory, overflow, arbitrary, kernel, code execution
systems | linux, redhat
advisories | CVE-2013-4344
MD5 | 21fedc510c7c0df0fcff9abe1c350a95
Red Hat Security Advisory 2013-1543-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1543-02 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An integer overflow flaw was found in the way Samba handled an Extended Attribute list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. Note: This issue did not affect the default configuration of the Samba server.

tags | advisory, overflow, protocol
systems | linux, redhat
advisories | CVE-2013-4124
MD5 | ce7b3ef4d0982fae4e1fac3cca96abf9
Red Hat Security Advisory 2013-1757-01
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1757-01 - Red Hat JBoss SOA Platform is the next-generation ESB and business process automation infrastructure. Red Hat JBoss Portal is the open source implementation of the Java EE suite of services and Portal services running atop Red Hat JBoss Enterprise Application Platform. JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key.

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2011-2487
MD5 | 58f6c8530959ec7bb776ad23f6139b09
Mandriva Linux Security Advisory 2013-278
Posted Nov 21, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-278 - Samba 3.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream. The updated packages has been upgraded to the 3.6.20 version which resolves various upstream bugs and is not vulnerable to this issue.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2013-4475
MD5 | 30cbf23dbf07b4b3dd1a8ef3fac2906a
Mandriva Linux Security Advisory 2013-274
Posted Nov 21, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-274 - A Heap-based buffer overflow was found in the way libjpeg-turbo decompressed certain corrupt JPEG images in which the component count was erroneously set to a large value. An attacker could create a specially-crafted JPEG image that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. libjpeg 6b and libjpeg-turbo will use uninitialized memory when decoding images with missing SOS data for the luminance component in presence of valid chroma data. libjpeg-turbo will use uninitialized memory when handling Huffman tables.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-2806, CVE-2013-6629, CVE-2013-6630
MD5 | 0ff081495ede7e1e06fec11ea0dfe956
Mandriva Linux Security Advisory 2013-276
Posted Nov 21, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-276 - Scott Cantor discovered that curl, a file retrieval tool, would disable the CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting was disabled. This would also disable ssl certificate host name checks when it should have only disabled verification of the certificate trust chain.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-4545
MD5 | c425390694ba4139d34e0ce0ab3dd4bf
Mandriva Linux Security Advisory 2013-277
Posted Nov 21, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-277 - lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network. In lighttpd before 1.4.34, if setuid() fails for any reason, for instance if an environment limits the number of processes a user can have and the target uid already is at the limit, lighttpd will run as root. A user who can run CGI scripts could clone() often; in this case a lighttpd restart would end up with lighttpd running as root, and the CGI scripts would run as root too. In lighttpd before 1.4.34, if fam is enabled and there are directories reachable from configured doc roots and aliases on which FAMMonitorDirectory fails, a remote client could trigger a DoS.

tags | advisory, remote, cgi, root
systems | linux, mandriva
advisories | CVE-2013-4508, CVE-2013-4559, CVE-2013-4560
MD5 | 66510844b76d68ade1fb8fa2f9403a33
Red Hat Security Advisory 2013-1537-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1537-02 - Augeas is a utility for editing configuration. Augeas parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native configuration files. Augeas also uses "lenses" as basic building blocks for establishing the mapping from files into the Augeas tree and back. Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-0786, CVE-2012-0787
MD5 | 1d0f6cf5ec0f0ab347652b0526c078a0
Mandriva Linux Security Advisory 2013-275
Posted Nov 21, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-275 - If a KDC serves multiple realms, certain requests can cause setup_server_realm() to dereference a null pointer, crashing the KDC. This can be triggered by an unauthenticated user.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-1418
MD5 | 369bc736a95ffa3ccdbdb268812371dc
Mandriva Linux Security Advisory 2013-272
Posted Nov 21, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-272 - Poppler is found to be affected by a stack based buffer overflow vulnerability in the pdfseparate utility. Successfully exploiting this issue could allow remote attackers to execute arbitrary code in the context of the affected application. Failed exploits may result in denial-of-service conditions. Poppler was found to have a user controlled format string vulnerability because it fails to sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2013-4473, CVE-2013-4474
MD5 | d6b3581c47180f133069042c03db3b7c
Mandriva Linux Security Advisory 2013-271
Posted Nov 21, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-271 - The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and earlier, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to bsd.lib.mk and bsd.prog.mk.

tags | advisory, arbitrary, local
systems | linux, netbsd, bsd, mandriva
advisories | CVE-2011-1920
MD5 | 357260be2a90fa819169b88eeab89d28
Mandriva Linux Security Advisory 2013-273
Posted Nov 21, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-273 - libjpeg 6b and libjpeg-turbo will use uninitialized memory when decoding images with missing SOS data for the luminance component in presence of valid chroma data. libjpeg-turbo will use uninitialized memory when handling Huffman tables.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-6629, CVE-2013-6630
MD5 | c37a9ba157ef482db44c74c1846c162f
Ubuntu Security Notice USN-2032-1
Posted Nov 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2032-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into connecting to a malicious server, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, ubuntu
advisories | CVE-2013-1741, CVE-2013-2566, CVE-2013-5605, CVE-2013-5607
MD5 | bd386c1f03f3b6be70ff0ec8e7034c7c
Red Hat Security Advisory 2013-1754-01
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1754-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM, in environments managed by Red Hat Enterprise Virtualization Manager. A buffer overflow flaw was found in the way QEMU processed the SCSI "REPORT LUNS" command when more than 256 LUNs were specified for a single SCSI target. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

tags | advisory, overflow, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2013-4344
MD5 | dfb852dfaeee0034b1737e49fa3188c3
Red Hat Security Advisory 2013-1527-01
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1527-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of "Install Failed". If this happens, place the host into maintenance mode, then activate it again to get the host back to an "Up" state.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2010-5107, CVE-2013-2888, CVE-2013-2889, CVE-2013-2892, CVE-2013-4238, CVE-2013-4344
MD5 | dcab012d0de56b42da30417797f52367
Red Hat Security Advisory 2013-1753-01
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1753-01 - The redhat-ds-base packages provide Red Hat Directory Server, which is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that the Red Hat Directory Server did not properly handle certain Get Effective Rights search queries when the attribute list, which is a part of the query, included several names using the '@' character. An attacker able to submit search queries to the Red Hat Directory Server could cause it to crash.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2013-4485
MD5 | 1b2850cbcd6c3fe81f3d26de19d29b3d
Red Hat Security Advisory 2013-1752-01
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1752-01 - The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that the 389 Directory Server did not properly handle certain Get Effective Rights search queries when the attribute list, which is a part of the query, included several names using the '@' character. An attacker able to submit search queries to the 389 Directory Server could cause it to crash. All 389-ds-base users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the 389 server service will be restarted automatically.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2013-4485
MD5 | 666505d850b476e6984a1a4e4c38fc0b
Red Hat Security Advisory 2013-1661-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1661-02 - Red Hat Enterprise Linux includes a collection of Infiniband and iWARP utilities, libraries and development packages for writing applications that use Remote Direct Memory Access technology. A flaw was found in the way ibutils handled temporary files. A local attacker could use this flaw to cause arbitrary files to be overwritten as the root user via a symbolic link attack. It was discovered that librdmacm used a static port to connect to the ib_acm service. A local attacker able to run a specially crafted ib_acm service on that port could use this flaw to provide incorrect address resolution information to librmdacm applications.

tags | advisory, remote, arbitrary, local, root
systems | linux, redhat
advisories | CVE-2012-4516, CVE-2013-2561
MD5 | aaa1d661b60a35ebff0507d89953070c
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close