Gentoo Linux Security Advisory 201401-5 - A memory exhaustion vulnerability in ISC DHCP could lead to Denial of Service. Versions less than 4.2.5_p1 are affected.
05ef3d40c6a9b41038cdfa7878ca8814450e5d8b7f09fee9956263c69cddba49Gentoo Linux Security Advisory 201401-4 - Multiple vulnerabilities have been found in Python, worst of which allows remote attackers to cause a Denial of Service condition. Versions less than 3.3.2-r1 are affected.
ea1459ef6b2a4cd82ae9954fd97f9d0188e19037466f94dc888a2a8b46709ebcGentoo Linux Security Advisory 201401-3 - A vulnerability in Nagstamon could expose user credentials to a remote attacker. Versions greater than or equal to 0.9.11_rc1 are affected.
a7b1cbfddc17e699b8c33dc138c8d4d964662bcf792c20c1feca2829aa02412cGentoo Linux Security Advisory 201401-2 - An error in Gajim causes invalid OpenSSL certificates to be accepted as valid. Versions less than 0.15.3-r1 are affected.
1b72adff4261159990dcaf31e30fc1b081f67b73963f1435549feb6d17c0bb38Red Hat Security Advisory 2014-0009-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges.
9153c8aeb19a4ad7c3bbc309c720fa69bb6d3177dc1120458ca05236e6c48a4aRed Hat Security Advisory 2014-0008-01 - Ruby on Rails is a model-view-controller framework for web application development. Action Pack implements the controller and the view components. A flaw was found in the way Ruby on Rails performed JSON parameter parsing. An application using a third party library, which uses the Rack::Request interface, or custom Rack middleware could bypass the protection implemented to fix the CVE-2013-0155 vulnerability, causing the application to receive unsafe parameters and become vulnerable to CVE-2013-0155.
0a8f57dbc735ddfa0cc62a2274af9696755237e6e22f00930ff57a46300f201dUbuntu Security Notice 2077-1 - It was discovered that Puppet incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions.
27b246d72795c995c8fd85575d1ada6edfc7ce0e71bba2541be92dd78b2b961aDebian Linux Security Advisory 2836-1 - Several vulnerabilities have been discovered in uscan, a tool to scan upstream sits for new releases of packages, which is part of the devscripts package. An attacker controlling a website from which uscan would attempt to download a source tarball could execute arbitrary code with the privileges of the user running uscan.
9aaed02c195fa5da2eda198cf92b3b6cf32d152b63cc952a2810fd9a75314865Debian Linux Security Advisory 2835-1 - Jan Juergens discovered a buffer overflow in the parser for SMS messages in Asterisk.
84b9ef9812066883ac51d7e58834c8a375d67aaa744b4659bb47803fe327ac40Gentoo Linux Security Advisory 201401-1 - Multiple integer overflow vulnerabilities in Libgdiplus may allow remote attackers to execute arbitrary code. Versions less than 2.6.7-r1 are affected.
5783db96f95a77a277e71bced0b8a01bf1ad64037e199855fe5d55d305b6db4bSeagate BlackArmor NAS sg2000-2000.1331 suffers from a remote command execution vulnerability.
c4f4772ab2a5deafffccbc77c0d9a0807d72d3b973865983b9e753049b330cfeSeagate BlackArmor NAS sg2000-2000.1331 suffers from a cross site request forgery vulnerability.
8ff0fb24256818198948a474b700993d99db1f61b1d13c1247f8fadb7117d1c3Open-Xchange AppSuite versions 7.4.0 and below suffer from script insertion vulnerabilities.
dbc4c1995cb822c7610a9c9e1ecd9db78466216fdd80599d38483517d0e1dfffSeagate BlackArmor NAS sg2000-2000.1331 suffers from multiple persistent cross site scripting vulnerabilities.
abe8f30cf867422a8d927cbcfb9301ec29f42833272c2b1c4797051dcb1d42beSeagate BlackArmor remote root exploit.
4772ae5cfd9661a7bcbec78a54f5f6d86f6f0bdac34852c6639cee44c7230fdfWordPress Intouch plugin version 2.0 suffers from a cross site scripting vulnerability.
691581d85c2c063ace20d55779b4e836ddf81a0aeb863764af9c597a23bd1bd5Joomla AceSearch component version 3.0 suffers from a cross site scripting vulnerability.
e7a05ee0db5238182077cb146d0bce90318ec17be3495461f1abfbfc7421e6d8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed