the original cloud security
Showing 1 - 20 of 20 RSS Feed

Files Date: 2014-08-11

Ubuntu Security Notice USN-2311-1
Posted Aug 11, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2311-1 - Zhi Kun Liu discovered that pyCADF incorrectly filtered certain tokens. An attacker could possibly use this issue to obtain authentication tokens used in REST requests.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2014-4615
MD5 | 4afd2f3fc466894d1570abc7eb141727
IBM Sametime Meet Server 8.5 Cross Site Scripting
Posted Aug 11, 2014
Authored by Adriano Marcio Monteiro

IBM Sametime Meet Server version 8.5 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-4748
MD5 | ff4d90f02ce4b1e3ed55758b9d181014
IBM Sametime Meet Server 8.5 Password Disclosure
Posted Aug 11, 2014
Authored by Adriano Marcio Monteiro

IBM Sametime Meet Server version 8.5 suffers from a password disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2014-4747
MD5 | faf5fceef9fa90264d12c585019fcfcf
IBM Sametime Meet Server 8.5 Arbitrary File Upload
Posted Aug 11, 2014
Authored by Adriano Marcio Monteiro

IBM Sametime Meet Server version 8.8 suffers from a remote arbitrary file upload vulnerability.

tags | exploit, remote, arbitrary, file upload
advisories | CVE-2014-3088
MD5 | 87d71e13af96d6ae8293b36f3b77ed18
Ubuntu Security Notice USN-2310-1
Posted Aug 11, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2310-1 - It was discovered that Kerberos incorrectly handled certain crafted Draft 9 requests. A remote attacker could use this issue to cause the daemon to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. It was discovered that Kerberos incorrectly handled certain malformed KRB5_PADATA_PK_AS_REQ AS-REQ requests. A remote attacker could use this issue to cause the daemon to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-1016, CVE-2013-1415, CVE-2013-1416, CVE-2013-1418, CVE-2013-6800, CVE-2014-4341, CVE-2014-4342, CVE-2014-4343, CVE-2014-4344, CVE-2014-4345
MD5 | b34822d7ac81fe31a5839b4efb895fa8
Red Hat Security Advisory 2014-1042-01
Posted Aug 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1042-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2014-4208, CVE-2014-4209, CVE-2014-4218, CVE-2014-4219, CVE-2014-4220, CVE-2014-4221, CVE-2014-4227, CVE-2014-4244, CVE-2014-4252, CVE-2014-4262, CVE-2014-4263, CVE-2014-4265, CVE-2014-4266
MD5 | 4d100e39025ffd7a84c08f6d06592190
Red Hat Security Advisory 2014-1041-01
Posted Aug 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1041-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2014-4208, CVE-2014-4209, CVE-2014-4218, CVE-2014-4219, CVE-2014-4220, CVE-2014-4221, CVE-2014-4227, CVE-2014-4244, CVE-2014-4252, CVE-2014-4262, CVE-2014-4263, CVE-2014-4265, CVE-2014-4266
MD5 | b103d8e98533181e72fd106909e0b97b
Ubuntu Security Notice USN-2309-1
Posted Aug 11, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2309-1 - It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
MD5 | e702767df7661bd8d10a9d0e3ec28e86
WordPress GB Gallery Slideshow 1.5 SQL Injection
Posted Aug 11, 2014
Authored by Claudio Viviani

WordPress GB Gallery Slideshow plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 71606b9257528c11a5cc0b075a408350
Red Hat Security Advisory 2014-1040-01
Posted Aug 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1040-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the fix for CVE-2012-0818 was incomplete: external parameter entities were not disabled when the resteasy.document.expand.entity.references parameter was set to false. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2014-3490
MD5 | 11bd796beafff932300c49cc1b231547
Debian Security Advisory 3004-1
Posted Aug 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3004-1 - Sebastian Krahmer discovered that Kauth used Policykit insecurely by relying on the process ID. This could result in privilege escalation.

tags | advisory
systems | linux, debian
advisories | CVE-2014-5033
MD5 | 0af7c0cbd835873d60b53722081d6e45
Red Hat Security Advisory 2014-1039-01
Posted Aug 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1039-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the fix for CVE-2012-0818 was incomplete: external parameter entities were not disabled when the resteasy.document.expand.entity.references parameter was set to false. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2014-3490
MD5 | 30e1cca4cfdd16caeb5b0bc34c51becc
Red Hat Security Advisory 2014-1038-01
Posted Aug 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1038-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that several application-provided XML files, such as web.xml, content.xml, *.tld, *.tagx, and *.jspx, resolved external entities, permitting XML External Entity attacks. An attacker able to deploy malicious applications to Tomcat could use this flaw to circumvent security restrictions set by the JSM, and gain access to sensitive information on the system. Note that this flaw only affected deployments in which Tomcat is running applications from untrusted sources, such as in a shared hosting environment.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2013-4590, CVE-2014-0119
MD5 | 93cb4406ff382361c9f9fa930c431af2
Debian Security Advisory 3003-1
Posted Aug 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3003-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

tags | advisory
systems | linux, debian
advisories | CVE-2011-3934, CVE-2011-3935, CVE-2011-3946, CVE-2013-0848, CVE-2013-0851, CVE-2013-0852, CVE-2013-0860, CVE-2013-0868, CVE-2013-3672, CVE-2013-3674, CVE-2014-2263
MD5 | 328a710f725452ddfda18812bd743877
Debian Security Advisory 3002-1
Posted Aug 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3002-1 - Multiple vulnerabilities were discovered in the dissectors for Catapult DCT2000, IrDA, GSM Management, RLC ASN.1 BER, which could result in denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2014-5161, CVE-2014-5162, CVE-2014-5163, CVE-2014-5164, CVE-2014-5165
MD5 | 5b4fcd73cb63a8956383fd0e320fbdde
Debian Security Advisory 3001-1
Posted Aug 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3001-1 - Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure.

tags | advisory, web, denial of service, info disclosure
systems | linux, debian
MD5 | c62b118708f3e50a6edb3028d047cc64
Gentoo Linux Security Advisory 201408-02
Posted Aug 11, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201408-2 - A vulnerability in FreeType could result in execution of arbitrary code or Denial of Service. Versions less than 2.5.3-r1 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2014-2240
MD5 | 330c32cc9a26e1c2e95b86d15b4e4a58
Debian Security Advisory 3000-1
Posted Aug 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3000-1 - Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-4341, CVE-2014-4342, CVE-2014-4343, CVE-2014-4344, CVE-2014-4345
MD5 | e56a2c4abed937a19a110da6304ba0a2
Debian Security Advisory 2999-1
Posted Aug 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2999-1 - A denial of service vulnerability was discovered in Drupal, a fully-featured content management framework. A remote attacker could exploit this flaw to cause CPU and memory exhaustion and the site's database to reach the maximum number of open connections, leading to the site becoming unavailable or unresponsive.

tags | advisory, remote, denial of service
systems | linux, debian
MD5 | 2f97339761b443d6c52d8c83a0bd8c59
Slackware Security Advisory - openssl Updates
Posted Aug 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139
MD5 | ee50378e7840550d3a1fe6961874c571
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    6 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close