what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

Files Date: 2014-09-11

VMware Security Advisory 2014-0008
Posted Sep 11, 2014
Authored by VMware | Site vmware.com

VMware Security Advisory 2014-0008 - VMware has updated vSphere third party libraries.

tags | advisory
advisories | CVE-2013-0242, CVE-2013-1914, CVE-2013-4322, CVE-2013-4590, CVE-2014-0050, CVE-2014-0114
MD5 | 39eac37f6e1dbb57e7d35ab3c27198e6
HP Security Bulletin HPSBMU03075
Posted Sep 11, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03075 - A potential security vulnerability has been identified with HP Network Node Manager I (NNMi) on Windows and Linux. This vulnerability could be exploited remotely to allow arbitrary code execution. Revision 1 of this advisory.

tags | advisory, arbitrary, code execution
systems | linux, windows
advisories | CVE-2014-2624
MD5 | 02ea15914ed6e0fe5a3f686dab4efa19
Cisco Security Advisory 20140908-ucse
Posted Sep 11, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Cisco Integrated Management Controller (Cisco IMC) SSH module of the Cisco Unified Computing System E-Series Blade servers could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to a failure to properly handle a crafted SSH packet. An attacker could exploit this vulnerability by sending a crafted packet to the SSH server running on the Cisco IMC of an affected device, which could result in the Cisco IMC becoming unresponsive. The operating system running on the blade will be unaffected. Cisco has released free software updates that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
MD5 | f068bdfb4e3bb1c05a1b5979af344544
HP Security Bulletin HPSBST03106
Posted Sep 11, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03106 - A potential security vulnerability has been identified in HP P2000 G3 MSA Array System running OpenSSL. This vulnerability could be exploited remotely resulting in unauthorized access or disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-0224
MD5 | df182296eaae3aa510bff8454eec38a6
Debian Security Advisory 3021-1
Posted Sep 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3021-1 - Multiple security issues have been found in file, a tool to determine a file type. These vulnerabilities allow remote attackers to cause a denial of service, via resource consumption or application crash.

tags | advisory, remote, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3538, CVE-2014-3587
MD5 | 6b0690a4f667c4dcba717146b49ace35
Ubuntu Security Notice USN-2343-1
Posted Sep 11, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2343-1 - Tyson Smith and Jesse Schwartzentruber discovered that NSS contained a race condition when performing certificate validation. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-1544
MD5 | af331b8b2758bc0c0f0ca0598dd435fe
Debian Security Advisory 3021-2
Posted Sep 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3021-2 - This update corrects DSA 3021-1, which introduced a regression in the detection of a some "Composite Document Files" (CDF), marking them look as corrupted, with the error: "Can't expand summary_info".

tags | advisory
systems | linux, debian
advisories | CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3538, CVE-2014-3587
MD5 | 7f73277b68e2744ae776ee776695aa12
Debian Security Advisory 3022-1
Posted Sep 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3022-1 - Two vulnerabilities have been discovered in cURL, an URL transfer library. They can be use to leak cookie information.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-3613, CVE-2014-3620
MD5 | b52c4477c88e22ee980d7fae79c345e6
Debian Security Advisory 3020-1
Posted Sep 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3020-1 - During a review for EDF, Raphael Geissert discovered that the acpi-support package did not properly handle data obtained from a user's environment. This could lead to program malfunction or allow a local user to escalate privileges to the root user due to a programming error.

tags | advisory, local, root
systems | linux, debian
advisories | CVE-2014-0484
MD5 | 34a7d6a3a8ed68d1abc2126d2f82aecf
Red Hat Security Advisory 2014-1173-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1173-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0547, CVE-2014-0548, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559
MD5 | fb8167733fc79e4ff1358fb11c709538
Red Hat Security Advisory 2014-1172-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1172-01 - The procmail program is used for local mail delivery. In addition to just delivering mail, procmail can be used for automatic filtering, presorting, and other mail handling jobs. A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send an email with specially crafted headers that, when processed by formail, could cause procmail to crash or, possibly, execute arbitrary code as the user running formail. All procmail users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

tags | advisory, remote, overflow, arbitrary, local
systems | linux, redhat
advisories | CVE-2014-3618
MD5 | e2bed76c20d01e93656d133df5cbab05
Slackware Security Advisory - seamonkey Updates
Posted Sep 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | afac68cf4d7a8ed179bceb5d9829981a
Red Hat Security Advisory 2014-1170-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1170-01 - This advisory contains instructions on how to resolve one security issue in the Elasticsearch component in Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-3120
MD5 | 966a987261ffcf13f466124411e6cfb0
Red Hat Security Advisory 2014-1171-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1171-01 - This advisory contains instructions on how to resolve one security issue in the Elasticsearch component in Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-3120
MD5 | 9c3d608f5533784e993f920183384133
Ubuntu Security Notice USN-2344-1
Posted Sep 11, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2344-1 - It was discovered that the Fileinfo component in php5 contains an integer overflow. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code via a crafted CDF file. It was discovered that the php_parserr function contains multiple buffer overflows. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code via crafted DNS records.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-3587, CVE-2014-3597
MD5 | d3b4ad4de5fdf06e7e8c2f9de75acc2e
Red Hat Security Advisory 2014-1168-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1168-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an interface.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2014-0222, CVE-2014-0223, CVE-2014-3535
MD5 | 7026426f42ff20fb0360c4cbd7fef79d
Red Hat Security Advisory 2014-1167-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1167-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futex_wait(). A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could lead to a use-after-free flaw, resulting in a system crash or, potentially, privilege escalation. A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an interface.

tags | advisory, remote, kernel, local
systems | linux, redhat
advisories | CVE-2014-0205, CVE-2014-3535, CVE-2014-3917, CVE-2014-4667
MD5 | c415b08deab80e3475be84fad802c015
OroCRM Cross Site Scripting
Posted Sep 11, 2014
Authored by Provensec

OroCRM suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | e724d4b6a32fe5012ab329695bc61c65
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close