exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

Files Date: 2014-07-12

Mandriva Linux Security Advisory 2014-138
Posted Jul 12, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-138 - Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action. Asterisk Open Source 1.8.x before 1.8.28.1, 11.x before 11.10.1, and 12.x before 12.3.1 and Certified Asterisk 1.8.15 before 1.8.15-cert6 and 11.6 before 11.6-cert3 allows remote attackers to cause a denial of service inactive or incomplete HTTP connections. The updated packages has been upgraded to the 11.11.0 version which is not vulnerable to these issues.

tags | advisory, remote, web, denial of service, arbitrary, shell
systems | linux, mandriva
advisories | CVE-2014-4046, CVE-2014-4047
SHA-256 | d0b6e36b5ffeb369a37f9f40b9aca3279792173c43c84fd7774bdaa4ea81c34b
Mandriva Linux Security Advisory 2014-137
Posted Jul 12, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-137 - Multiple vulnerabilities have been discovered and corrected in apache-mod_wsgi. It was found that mod_wsgi did not properly drop privileges if the call to setuid failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. It was discovered that mod_wsgi could leak memory of a hosted web application via the Content-Type header. A remote attacker could possibly use this flaw to disclose limited portions of the web application's memory. The updated packages have been patched to correct these issues.

tags | advisory, remote, web, local, vulnerability
systems | linux, mandriva
advisories | CVE-2014-0240, CVE-2014-0242
SHA-256 | 3ddfcc4920c88bed0f479472956bfb387b06ff904fa88974b7ac9b7edb4d0c30
Mandriva Linux Security Advisory 2014-136
Posted Jul 12, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-136 - Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial of service on the nmbd NetBIOS name services daemon. A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are affected by a denial of service crash involving overwriting memory on an authenticated connection to the smbd file server.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2014-0178, CVE-2014-0244, CVE-2014-3493
SHA-256 | 8eef9aa7b5bed8242080833cd967256c4ecebf611c7e4b025a94c1c923aeaa25
IPSec Cryptographic Overhead
Posted Jul 12, 2014
Authored by Chintan Gurjar

Whitepaper called the Cryptographic Overhead of IPSec Protocol Suite During the Packet Exchange Process.

tags | paper, protocol
SHA-256 | a50726bde091619f65322e9ea8f52a770da87b90c239063c84c5925eee955739
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close