what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files Date: 2014-01-09

libXfont Stack Buffer Overflow
Posted Jan 9, 2014
Site x.org

X.Org Security Advisory - libXfont suffers from a stack buffer overflow vulnerability. A BDF font file containing a longer than expected string could overflow the buffer on the stack. As libXfont is used to read user-specified font files in all X servers distributed by X.Org, including the Xorg server which is often run with root privileges or as setuid-root in order to access hardware, this bug may lead to an unprivileged user acquiring root privileges in some systems.

tags | advisory, overflow, root
advisories | CVE-2013-6462
SHA-256 | 3bcdecafb3cc1fed2eb1c242b49f5841f609eb24401a54301f9f67a604973ec1
Drupal Media 7.x Access Bypass
Posted Jan 9, 2014
Authored by Dave Reid, robearls | Site drupal.org

Drupal Media third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | 788620c3b1096f9a618f78e9cf1d11b2d3bbac90e91288beb38628472691bed3
Drupal Entity API 7.x Access Bypass
Posted Jan 9, 2014
Authored by Ezra Barnett Gildesgame, Clemens Tolboom | Site drupal.org

Drupal Entity API third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | cb5f1d910f4c06f043f0923aadddd9e47be2671a79f4096660b730ebdba5e10e
Red Hat Security Advisory 2014-0014-01
Posted Jan 9, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0014-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.2 is retired as of January 7, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.2 EUS after that date. In addition, technical support through Red Hat's Global Support Services will no longer be provided after January 7, 2014. Note: This notification applies only to those customers subscribed to the Extended Update Support channel for Red Hat Enterprise Linux 6.2.

tags | advisory
systems | linux, redhat
SHA-256 | 09eda764b001c2e5f965444245a89ec3e01a10794b377f1fd81d9162dae15632
Red Hat Security Advisory 2014-0015-01
Posted Jan 9, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0015-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way OpenSSL determined which hashing algorithm to use when TLS protocol version 1.2 was enabled. This could possibly cause OpenSSL to use an incorrect hashing algorithm, leading to a crash of an application using the library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL did not properly maintain encryption and digest contexts during renegotiation. A lost or discarded renegotiation handshake packet could cause a DTLS client or server using OpenSSL to crash.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2013-4353, CVE-2013-6449, CVE-2013-6450
SHA-256 | e810c2f62369368cb293ec77fdf44a3403252f30e6633f76d3085aec1b4a7d94
Red Hat Security Advisory 2014-0016-01
Posted Jan 9, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0016-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. It was found that GnuPG was vulnerable to side-channel attacks via acoustic cryptanalysis. An attacker in close range to a target system that is decrypting ciphertexts could possibly use this flaw to recover the RSA secret key from that system.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-4576
SHA-256 | 92f13729f4b54c534a54e150e068451da996807420be54bf53c58911ac9a5647
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close