ignore security and it'll go away
Showing 1 - 19 of 19 RSS Feed

Files Date: 2014-07-17

Omeka 2.2 Cross Site Request Forgery / Cross Site Scripting
Posted Jul 17, 2014
Authored by LiquidWorm | Site zeroscience.mk

Omeka version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | c888182a6736a70fa263a5e871712e33
Trixbox XSS / LFI / SQL Injection / Code Execution
Posted Jul 17, 2014
Authored by AtT4CKxT3rR0r1ST

Trixbox suffers from cross site scripting, local file inclusion, SQL injection, and remote code execution vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, xss, sql injection, file inclusion
MD5 | bc1ecf881c8629182265e2b58914d0e1
OL-Commerce 2.1.1 Cross Site Scripting / SQL Injection
Posted Jul 17, 2014
Authored by AtT4CKxT3rR0r1ST

OL-Commerce version 2.1.1 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 6b3ebf6e21be1f56c7a7f0c50b0d803f
Cisco Security Advisory 20140716-cm
Posted Jul 17, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the web server used in multiple Cisco Wireless Residential Gateway products could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, code execution
systems | cisco
MD5 | 8274666344d898deab8e27ca99561fc7
Ubuntu Security Notice USN-2290-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2290-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. It was discovered that an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-1739, CVE-2014-3144, CVE-2014-3145, CVE-2014-3940, CVE-2014-4608, CVE-2014-4611, CVE-2014-4943
MD5 | 1dd09d30573adadeb946c607087fc609
Ubuntu Security Notice USN-2288-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2288-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. An information leak was discovered in the Linux kernel's media-device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-1739, CVE-2014-3144, CVE-2014-3145, CVE-2014-3940, CVE-2014-4608, CVE-2014-4611, CVE-2014-4943
MD5 | 0c22064029bca9c5378ba086f1be7d40
Ubuntu Security Notice USN-2287-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2287-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-3917, CVE-2014-4014, CVE-2014-4608, CVE-2014-4611, CVE-2014-4943
MD5 | 81d5aec154cc3a74cf3b9789d007860a
Ubuntu Security Notice USN-2286-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2286-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-1739, CVE-2014-3144, CVE-2014-3145, CVE-2014-3917, CVE-2014-4014, CVE-2014-4608, CVE-2014-4943
MD5 | 511e7bed6e9a39ca49b13f35d58bbc2b
Ubuntu Security Notice USN-2285-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2285-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-1739, CVE-2014-3917, CVE-2014-4014, CVE-2014-4027, CVE-2014-4608, CVE-2014-4943
MD5 | 92ee8694d934c79d704e603326788380
Ubuntu Security Notice USN-2284-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2284-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-4608, CVE-2014-4943
MD5 | 5c888cabfce03a74dcac1627ea05e92a
Ubuntu Security Notice USN-2283-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2283-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-4608, CVE-2014-4943
MD5 | d61639718797a9d491be7240e8bb5803
Ubuntu Security Notice USN-2292-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2292-1 - It was discovered that the LWP::Protocol::https perl module incorrectly disabled peer certificate verification completely when only hostname verification was requested to be disabled. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could possibly be exploited in certain scenarios to alter or compromise confidential information in applications that used the LWP::Protocol::https module.

tags | advisory, remote, web, perl, protocol
systems | linux, ubuntu
advisories | CVE-2014-3230
MD5 | b61d2123f38c984d4e741cd9f7ace0e7
Red Hat Security Advisory 2014-0900-01
Posted Jul 17, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0900-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free function) arbitrary kernel memory.

tags | advisory, arbitrary, kernel, local
systems | linux, redhat
advisories | CVE-2014-1737, CVE-2014-1738, CVE-2014-3153
MD5 | 35b271bd30196de17ba6d8af95ea83e6
Ubuntu Security Notice USN-2291-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2291-1 - Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2014-2494, CVE-2014-4207, CVE-2014-4258, CVE-2014-4260
MD5 | 5f823146c4cbd7e5a31ff57c51376687
Ubuntu Security Notice USN-2282-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2282-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. A flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-3917, CVE-2014-4608, CVE-2014-4943
MD5 | 879b6df0b9dfaecf056060eba4f921f9
Debian Security Advisory 2765-2
Posted Jul 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2765-2 - The update released for davfs2 in DSA 2765 had a version number for Debian 7 "wheezy" that sorts lower than the version in Debian 6 "squeeze", causing problems on upgrades. This update makes a package of davfs2 in wheezy available which corrects only the version number.

tags | advisory
systems | linux, debian
advisories | CVE-2013-4362
MD5 | ae2b52cc13512a87176d7f1639fb7393
Red Hat Security Advisory 2014-0899-01
Posted Jul 17, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0899-01 - The openstack-neutron packages provide Openstack Networking, the virtual network service. OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. It was discovered that an authenticated user could add a security group rule with an invalid CIDR causing the openvswitch-agent process to fail and prevent further rules from being applied.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-0187, CVE-2014-4167
MD5 | 02b96ea5ab3e4ca463bd9173d8c288b7
Ubuntu Security Notice USN-2289-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2289-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-3917, CVE-2014-4014, CVE-2014-4608, CVE-2014-4611, CVE-2014-4943
MD5 | b08b56e0bb535ea41f5a788c7a55e90e
Ubuntu Security Notice USN-2281-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2281-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. A flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-3917, CVE-2014-4608, CVE-2014-4943
MD5 | 7413b78159a6df879d59c6c0dae60934
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close