exploit the possibilities
Showing 1 - 23 of 23 RSS Feed

Files Date: 2014-12-11

Apple Security Advisory 2014-12-11-1
Posted Dec 11, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-12-11-1 - Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2 are now available and include the security content of Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1.

tags | advisory
systems | apple
MD5 | cb67f8ad517282d7514a3e6f5e3318e5
ResourceSpace 6.4.5976 XSS / SQL Injection / Insecure Cookie Handling
Posted Dec 11, 2014
Authored by Petri Iivonen

ResourceSpace suffers from cross site scripting, html injection, insecure cookie handling, and remote SQL injection vulnerabilities. Versions 6.4.5976 and below are affected.

tags | exploit, remote, vulnerability, xss, sql injection, insecure cookie handling
MD5 | 03e800ad1662493c04875984cc1a6531
BMC TrackIt! 11.3 Unauthenticated Local User Password Change
Posted Dec 11, 2014
Authored by Brandon Perry

BMC TrackIt! version 11.3 suffers from an unauthenticated local user password change vulnerability.

tags | exploit, local, bypass
MD5 | 4c6009239ffe2032589ed47818ed15ac
Red Hat Security Advisory 2014-1983-01
Posted Dec 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1983-01 - X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges.

tags | advisory, overflow, arbitrary, root, protocol
systems | linux, redhat
advisories | CVE-2014-8091, CVE-2014-8092, CVE-2014-8093, CVE-2014-8094, CVE-2014-8095, CVE-2014-8096, CVE-2014-8097, CVE-2014-8098, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102, CVE-2014-8103
MD5 | 9db118c1e3aac7287b2c7952c6859031
Red Hat Security Advisory 2014-1982-01
Posted Dec 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1982-01 - X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges.

tags | advisory, overflow, arbitrary, root, protocol
systems | linux, redhat
advisories | CVE-2014-8091, CVE-2014-8092, CVE-2014-8093, CVE-2014-8095, CVE-2014-8096, CVE-2014-8097, CVE-2014-8098, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102
MD5 | c12448a70066ff6436d253b8096beec7
Ubuntu Security Notice USN-2439-1
Posted Dec 11, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2439-1 - Michael S. Tsirkin discovered that QEMU incorrectly handled certain parameters during ram load while performing a migration. An attacker able to manipulate savevm data could use this issue to possibly execute arbitrary code on the host. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 14.10. Paolo Bonzini discovered that QEMU incorrectly handled memory in the Cirrus VGA device. A malicious guest could possibly use this issue to write into memory of the host, leading to privilege escalation. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-7840, CVE-2014-8106
MD5 | 403c97a9ec1fe9934395d8988fe62c3e
Debian Security Advisory 3098-1
Posted Dec 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3098-1 - Joshua Rogers discovered a format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz, a rich set of graph drawing tools. An attacker could use this flaw to cause graphviz to crash or possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2014-9157
MD5 | 1ab1e5ca2893815bc5f04404cb92d515
Ubuntu Security Notice USN-2440-1
Posted Dec 11, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2440-1 - Jakub Wilk discovered that the write_one_header function in mutt did not properly handle newline characters at the beginning of a header. An attacker could specially craft an email to cause mutt to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2014-9116
MD5 | 097006b6193727738d861a043cb703b4
RedCloth Cross Site Scripting
Posted Dec 11, 2014
Authored by Kousuke Ebihara

RedCloth suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3ff61ca5a493cb73c7aab0d851709ebe
Slackware Security Advisory - mozilla-firefox Updates
Posted Dec 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 356fcabbf0745c5a2e999770dee3219d
Slackware Security Advisory - pidgin Updates
Posted Dec 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current.

tags | advisory
systems | linux, slackware
MD5 | a3847d5bc4896e6bd2a4abaf92a5f490
Slackware Security Advisory - bind Updates
Posted Dec 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-8500
MD5 | 475a97c8a9ac43ab0b48478351e96793
Slackware Security Advisory - seamonkey Updates
Posted Dec 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 16688a6b6bb9b14047a5d673635f4e30
Slackware Security Advisory - openvpn Updates
Posted Dec 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-8104
MD5 | 8e2ec6e5cbec5c8b235c700c0759c962
Debian Security Advisory 3096-1
Posted Dec 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3096-1 - Florian Maury from ANSSI discovered a flaw in pdns-recursor, a maliciously-constructed zones or a rogue server could affect the performance of pdns-recursor, thus leading to resource exhaustion and a potential denial-of-service.

tags | advisory
systems | linux, debian
advisories | CVE-2014-8601
MD5 | b9626a9936a1e9653f3c696824a8b569
Gentoo Linux Security Advisory 201412-07
Posted Dec 11, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-7 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.425 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-0580, CVE-2014-0587, CVE-2014-8439, CVE-2014-8443, CVE-2014-9162, CVE-2014-9163, CVE-2014-9164
MD5 | 8fec0383da89dc517fb94ba56c309336
Gentoo Linux Security Advisory 201412-06
Posted Dec 11, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-6 - A vulnerability in libxml2 could result in Denial of Service. Versions less than 2.9.2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2014-3660
MD5 | 8a0a171f716f5f5c5b1995edbcefd642
Debian Security Advisory 3097-1
Posted Dec 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3097-1 - Florian Maury from ANSSI discovered that unbound, a validating, recursive, and caching DNS resolver, was prone to a denial of service vulnerability. An attacker crafting a malicious zone and able to emit (or make emit) queries to the server can trick the resolver into following an endless series of delegations, leading to resource exhaustion and huge network usage.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2014-8602
MD5 | 4f0ae45bfbb1fe5036b46674698896c2
Slackware Security Advisory - openssh Updates
Posted Dec 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssh packages are available for Slackware 14.0, 14.1, and -current.

tags | advisory
systems | linux, slackware
MD5 | 179ae48c379e4232e78a52ff463998bf
Slackware Security Advisory - wpa_supplicant Updates
Posted Dec 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New wpa_supplicant packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-3686
MD5 | 0b5afebc5dc250d7ee6543c90fe57f3a
Gentoo Linux Security Advisory 201412-05
Posted Dec 11, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-5 - A vulnerability in Clam AntiVirus can lead to a Denial of Service condition. Versions less than 0.98.5 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2014-9050
MD5 | 91768ef0b49df37678a65b15f4d6cf13
OpenDNSSEC 1.4.7
Posted Dec 11, 2014
Site opendnssec.org

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Changes: Fixed crash and zone updating getting stuck.
tags | tool
systems | unix
MD5 | 363387b90624acc2e3f6d33fea23c2d3
FreeBSD Security Advisory - BIND Denial Of Service
Posted Dec 11, 2014
Site security.freebsd.org

FreeBSD Security Advisory - By causing queries to be made against a maliciously-constructed zone or against a malicious DNS server, an attacker who is able to cause specific queries to be sent to a nameserver can cause named(8) to crash, leading to a denial of service. All recursive BIND DNS servers are vulnerable to this. Authoritative servers are only vulnerable if the attacker is able to control a delegation traversed by the authoritative server in order to serve the zone.

tags | advisory, denial of service
systems | freebsd
advisories | CVE-2014-8500
MD5 | d2f30f8ceebe3a4fe442cc6090bc853f
Page 1 of 1
Back1Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    2 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close