the original cloud security
Showing 1 - 18 of 18 RSS Feed

Files Date: 2013-11-26

Debian Security Advisory 2803-1
Posted Nov 26, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2803-1 - Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP routing daemon.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-2236, CVE-2013-6051
MD5 | fc080bf1a21a3d4d1f98fa51712ccd94
Mandriva Linux Security Advisory 2013-286
Posted Nov 26, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-286 - Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using JSON.parse. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, overflow, arbitrary, ruby
systems | linux, mandriva
advisories | CVE-2013-4164
MD5 | dd23f5509f4b44a6c7744d9d307bf3d4
Mandriva Linux Security Advisory 2013-285
Posted Nov 26, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-285 - Cross-site request forgery vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token. Cross-site request forgery vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that commit an attachment change via an update action. Multiple cross-site scripting vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the id or sortkey parameter. Multiple cross-site scripting vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the real name field. NOTE: this issue exists because of an incomplete fix for CVE-2012-4189. The updated packages have been upgraded to the 4.2.7 version which is not affected by these issues.

tags | advisory, remote, web, arbitrary, cgi, vulnerability, xss, csrf
systems | linux, mandriva
advisories | CVE-2013-1733, CVE-2013-1734, CVE-2013-1742, CVE-2013-1743
MD5 | f13e8ba9f8db87507ac43dc7f30e8c56
Open-Xchange frontend6 6.22.4 / backend 7.4.0 Cross Site Scripting
Posted Nov 26, 2013
Authored by Martin Braun

Open-Xchange frontend6 and backend components suffer from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2013-6242
MD5 | ae8ff53f53bf14ebc076c02d2b2aea9d
Audacious Player 3.4.2 / 3.4.1 Denial Of Service
Posted Nov 26, 2013
Authored by Akin Tosunlar

Audacious Player versions 3.4.1 and 3.4.2 denial of service proof of concept crash exploit.

tags | exploit, denial of service, proof of concept
MD5 | 993b471ff987fee1cfc3f8c12ed5c1e9
WordPress Optinfirex Cross Site Scripting
Posted Nov 26, 2013
Authored by Ashiyane Digital Security Team

WordPress Optinfirex third party plugin suffers from a cross site scripting vulnerability. Note that this advisory has site-specific information.

tags | exploit, xss
MD5 | 7503be83b05ae071dc697bc947036832
WordPress Amerisale-Re Cross Site Scripting
Posted Nov 26, 2013
Authored by Ashiyane Digital Security Team

WordPress Amerisale-Re third party plugin suffers from a cross site scripting vulnerability. Note that this advisory has site-specific information.

tags | exploit, xss
MD5 | 5e72a6654146be012b0060d8727a9b99
Palo Alto Networks PanOS 5.0.8 XSS / CSRF
Posted Nov 26, 2013
Authored by Thomas Pollet

Palo Alto Networks PanOS versions 5.0.l8 and below suffer from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 52ff908d2457b250c6af889928f1bd5b
MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow
Posted Nov 26, 2013
Authored by juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a vulnerability on the CardSpaceClaimCollection class from the icardie.dll ActiveX control. The vulnerability exists while the handling of the CardSpaceClaimCollection object. CardSpaceClaimCollections stores a collection of elements on a SafeArray and keeps a size field, counting the number of elements on the collection. By calling the remove() method on an empty CardSpaceClaimCollection it is possible to underflow the length field, storing a negative integer. Later, a call to the add() method will use the corrupted length field to compute the address where write into the SafeArray data, allowing to corrupt memory with a pointer to controlled contents. This Metasploit module achieves code execution by using VBScript as discovered in the wild on November 2013 to (1) create an array of html OBJECT elements, (2) create holes, (3) create a CardSpaceClaimCollection whose SafeArray data will reuse one of the holes, (4) corrupt one of the legit OBJECT elements with the described integer overflow and (5) achieve code execution by forcing the use of the corrupted OBJECT.

tags | exploit, overflow, code execution, activex
advisories | CVE-2013-3918, OSVDB-99555
MD5 | 67794b47c6fcc01e6db48548eec65d27
Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access
Posted Nov 26, 2013
Authored by Vitaliy Toropov, juan vazquez, James Forshaw | Site metasploit.com

This Metasploit module exploits a vulnerability on Microsoft Silverlight. The vulnerability exists on the Initialize() method from System.Windows.Browser.ScriptObject, which access memory in an unsafe manner. Since it is accessible for untrusted code (user controlled) it's possible to dereference arbitrary memory which easily leverages to arbitrary code execution. In order to bypass DEP/ASLR a second vulnerability is used, in the public WriteableBitmap class from System.Windows.dll. This Metasploit module has been tested successfully on IE6 - IE10, Windows XP SP3 / Windows 7 SP1 on both x32 and x64 architectures.

tags | exploit, arbitrary, code execution, bug bounty, packet storm
systems | windows, xp, 7
advisories | CVE-2013-0074, CVE-2013-3896, OSVDB-91147, OSVDB-98223
MD5 | db77ce1a58c39fd936f1e6241e3e85cb
Apache Roller OGNL Injection
Posted Nov 26, 2013
Authored by juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits an OGNL injection vulnerability in Apache Roller < 5.0.2. The vulnerability is due to an OGNL injection on the UIAction controller because of an insecure usage of the ActionSupport.getText method. This Metasploit module has been tested successfully on Apache Roller 5.0.1 on Ubuntu 10.04.

tags | exploit
systems | linux, ubuntu
advisories | CVE-2013-4212
MD5 | e4ac6d1cd2e0a122fd0e97d9377b96d3
Kernel MSM Memory Leak
Posted Nov 26, 2013
Authored by Jonathan Salwan

Kernel MSM versions prior to 3.10 suffer from a memory leak in the Genlock driver.

tags | advisory, kernel, memory leak
advisories | CVE-2013-6392
MD5 | f0ca87eeaf291d57a46180d486cf2c03
Ubuntu Security Notice USN-2034-1
Posted Nov 26, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2034-1 - Brant Knudson discovered a logic error in the LDAP backend in Keystone where removing a role on a tenant for a user who does not have that role would instead add the role to the user. An authenticated user could use this to gain privileges. Ubuntu is not configured to use the LDAP Keystone backend by default.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4477
MD5 | 1775bff83a39043eed1b2e81a1083971
Debian Security Advisory 2800-1
Posted Nov 26, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2800-1 - Andrew Tinits reported a potentially exploitable buffer overflow in the Mozilla Network Security Service library (nss). With a specially crafted request a remote attacker could cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-5605
MD5 | f24058e1eeb58e93130d7f9a009405ec
Red Hat Security Advisory 2013-1763-01
Posted Nov 26, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1763-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. A buffer overflow flaw was found in the way Ruby parsed floating point numbers from their text representation. If an application using Ruby accepted untrusted input strings and converted them to floating point numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application.

tags | advisory, overflow, arbitrary, ruby
systems | linux, redhat
advisories | CVE-2013-4164
MD5 | 9e03cfb1d1fc97ae6a658f592bb94c40
Red Hat Security Advisory 2013-1764-01
Posted Nov 26, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1764-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. A buffer overflow flaw was found in the way Ruby parsed floating point numbers from their text representation. If an application using Ruby accepted untrusted input strings and converted them to floating point numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application.

tags | advisory, overflow, arbitrary, ruby
systems | linux, redhat
advisories | CVE-2013-4164
MD5 | 93343143988608f7d1fd17c0cf822dc3
Red Hat Security Advisory 2013-1762-01
Posted Nov 26, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1762-01 - Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. It was discovered that the JBoss Operation Network configuration files, for both the server and the agent, were world readable by default. A malicious local user could possibly read sensitive information regarding the installation, including various authentication credentials. This issue was discovered by Larry O'Leary of the Red Hat Middleware Support Engineering Group.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2013-4452
MD5 | 9ebfe3c1a78da58b720d8c5d57c68237
Mandriva Linux Security Advisory 2013-284
Posted Nov 26, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-284 - Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow. Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library 2.17 and earlier allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function. Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service via a large value to the aligned_alloc functions. A stack overflow flaw, which led to a denial of service (application crash), was found in the way glibc's getaddrinfo() function processed certain requests when called with AF_INET6. A similar flaw to this affects AF_INET6 rather than AF_UNSPEC. The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC does not initialize the random value for the pointer guard, which makes it easier for context- dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-4412, CVE-2012-4424, CVE-2013-4332, CVE-2013-4458, CVE-2013-4788
MD5 | 116f4babf3860f1480018cd56d34d1af
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close