accept no compromises
Showing 1 - 17 of 17 RSS Feed

Files Date: 2014-09-22

Debian Security Advisory 3030-1
Posted Sep 22, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3030-1 - Multiple SQL injection vulnerabilities have been discovered in the Mantis bug tracking system.

tags | advisory, vulnerability, sql injection
systems | linux, debian
advisories | CVE-2014-1608, CVE-2014-1609
MD5 | 4874fbd70dcd5ea24e7c96cb069cf07c
Debian Security Advisory 3029-1
Posted Sep 22, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3029-1 - Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was possible to reuse cached SSL sessions in unrelated contexts, allowing virtual host confusion attacks in some configurations by an attacker in a privileged network position.

tags | advisory
systems | linux, debian
advisories | CVE-2014-3616
MD5 | 300985ce64b57db02a8b8f3e51b35cd5
Red Hat Security Advisory 2014-1268-01
Posted Sep 22, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1268-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. Two integer overflow flaws were found in the QEMU block driver for QCOW version 1 disk images. A user able to supply a malicious image file to QEMU or to helper tools used in image conversion by services such as glance and nova could potentially use these flaws to cause memory corruption, resulting in a crash or possibly arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4527, CVE-2013-4529, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-0222, CVE-2014-0223, CVE-2014-3461
MD5 | 91e622c21170c5b6e17f746a9fde5bb0
Red Hat Security Advisory 2014-1281-01
Posted Sep 22, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1281-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2014-3917
MD5 | 753d22bd9f7946cfde392dd29a3e194c
Ubuntu Security Notice USN-2352-1
Posted Sep 22, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2352-1 - Simon McVittie discovered that DBus incorrectly handled the file descriptors message limit. A local attacker could use this issue to cause DBus to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Alban Crequy discovered that DBus incorrectly handled a large number of file descriptor messages. A local attacker could use this issue to cause DBus to stop responding, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2014-3635, CVE-2014-3636, CVE-2014-3637, CVE-2014-3638, CVE-2014-3639
MD5 | efd4eb972880a504cce9c50bc42fb5e2
Ubuntu Security Notice USN-2351-1
Posted Sep 22, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2351-1 - Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that nginx incorrectly reused cached SSL sessions. An attacker could possibly use this issue in certain configurations to obtain access to information from a different virtual host.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2014-3616
MD5 | 62b95d97b0b60c8f63a32cd27d262414
Ubuntu Security Notice USN-2350-1
Posted Sep 22, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2350-1 - The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17 which includes the latest CA certificate bundle.

tags | advisory
systems | linux, ubuntu
MD5 | e70fe19baaf4211282df09c8544d467a
TP-LINK WDR4300 XSS / Denial Of Service
Posted Sep 22, 2014
Authored by Oz Elisyan

TP-LINK WDR4300 suffers from cross site scripting and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss
advisories | CVE-2014-4727, CVE-2014-4728
MD5 | e982f1b98ad5b73578f1a8b41028fbe3
Joomla Mac Gallery 1.5 Arbitrary File Download
Posted Sep 22, 2014
Authored by Claudio Viviani

Joomla Mac Gallery component versions 1.5 and below suffer from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | 23b1d6a451f4aba0578dbc053ddcc45b
HP Security Bulletin HPSBPI03107
Posted Sep 22, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI03107 - A potential security vulnerability has been identified with certain HP LaserJet Printers, MFPs and certain HP OfficeJet Enterprise Printers using OpenSSL. The vulnerability could be exploited remotely to allow remote unauthorized access. Note: This OpenSSL vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some HP printer products. This bulletin notifies HP Printer customers about impacted products. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2014-0224
MD5 | b509c7f749249bc087c82ba43998458a
Mandriva Linux Security Advisory 2014-180
Posted Sep 22, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-180 - The gnupg program before version 1.4.16 is vulnerable to an ELGAMAL side-channel attack.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-5270
MD5 | fd607a6534c92e1edca9f2aa0b534581
KonaKart Storefront Application Cross Site Request Forgery
Posted Sep 22, 2014
Authored by Christian Schneider | Site christian-schneider.net

KonaKart Storefront Application versions prior to 7.3.0.0 suffer from a cross site request forgery bypass vulnerability.

tags | exploit, bypass, csrf
advisories | CVE-2014-5516
MD5 | 67c28d9d0d2e5bfcc7c9598c7e37c930
Glype Proxy 1.4.9 Cross Site Request Forgery
Posted Sep 22, 2014
Authored by Securify B.V.

Glype Proxy version 1.4.9 privacy settings can be bypassed via cross site request forgery.

tags | exploit, csrf
MD5 | 6f3f3397ae8231fe1ed28113a2a49a93
Glype Proxy 1.4.9 Filter Bypass
Posted Sep 22, 2014
Authored by Securify B.V.

Glype Proxy version 1.4.9 suffers from a local address filer bypass vulnerability.

tags | exploit, local, bypass
MD5 | af6204eda9b3fa9d083cc91bc68793b1
Joomla Face Gallery 1.0 SQL Injection / File Download
Posted Sep 22, 2014
Authored by Claudio Viviani

Joomla Face Gallery component version 1.0 suffers from remote SQL injection and arbitrary file download vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, file inclusion
MD5 | 5f3f607c0512015b7becc85f5ac97f5b
Glype Proxy 1.4.9 Cookie Jar Path Traversal / Code Execution
Posted Sep 22, 2014
Authored by Securify B.V.

A path traversal vulnerability has been identified in the Glype web-based proxy that allows an attacker to run arbitrary PHP code on the server or to remove critical files from the filesystem. Version 1.4.9 is affected.

tags | exploit, web, arbitrary, php
MD5 | 1060db0b21471939a18f473514bf54d4
TomatoCart 1.1.8.6.1 Cross Site Scripting
Posted Sep 22, 2014
Authored by Kenneth F. Belva

TomatoCart version 1.1.8.6.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 51dfd42291060a613119252447a5c5d3
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close