Red Hat Security Advisory 2015-0065-01 - After May 29 2015, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite versions 5.5 or older.
8ddbe2e2a5db2bd170831a5210dd832eRed Hat Security Advisory 2015-0062-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's SCTP implementation handled malformed or duplicate Address Configuration Change Chunks. A remote attacker could use either of these flaws to crash the system. A flaw was found in the way the Linux kernel's SCTP implementation handled the association's output queue. A remote attacker could send specially crafted packets that would cause the system to use an excessive amount of memory, leading to a denial of service.
0814abb1bcaa76a6a33c32b5d097b4c4Red Hat Security Advisory 2015-0068-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.
91c13ea4627e7df3e06f6f27f085ae49The signature check of FRITZ!Box firmware images is flawed. Malicious code can be injected into firmware images without breaking the RSA signature. The code will be executed either if a manipulated firmware image is uploaded by the victim or if the victim confirms an update on the webinterface during a MITM attack.
9c78c8aae68fb41e3f584edb820c5a30articleFR CMS version 3.0.5 suffers from a remote SQL injection vulnerability.
0eab7a2c26d3b0784eb457fe3d50ed18HP Security Bulletin HPSBUX03235 SSRT101750 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
93570893c0524a7bc365d374cd7160e9Debian Linux Security Advisory 3134-1 - A vulnerability has been discovered in the web interface of sympa, a mailing list manager. An attacker could take advantage of this flaw in the newsletter posting area, which allows sending to a list, or to oneself, any file located on the server filesystem and readable by the sympa user.
58e34524c766aa925a165998735ea443OS X 10.9.5 IOKit IntelAccelerator suffers from a null pointer dereference vulnerability. This is the proof of concept exploit released by Google.
1ae0774711afbf121c80129584461b87OS X 10.10 IOKit IntelAccelerator suffers from a null pointer dereference vulnerability. This is the proof of concept exploit released by Google.
5101afae5f6148ea15c0034a88d441ceExif Pilot version 4.7.2 SEH-based buffer overflow exploit.
3d0bd0dd5cd32cf14c0979fb26e04e3farticleFR CMS version 3.0.5 suffers from a remote shell upload vulnerability.
18a59d282dc7f299d70b511fdbcba08dPhotoSync version 1.1.3 suffers from a command injection vulnerability.
a1c7c49775d6e8961210dd2469f6f4cbMalwareBytes Anti-Exploit versions 1.03.1.1220 and 1.04.1.1012 suffer from a denial of service vulnerability.
fe3efe7b9291e9d274d6230b3a1c89f6LizardSquad DDoS Stresser suffers from cross site scripting and session tampering vulnerabilities.
2fb416de39e1cde92e1daf62c168369fRedaxScript version 2.1.0 suffers from a privilege escalation vulnerability.
f399f855d1c0346b946538374d9ce5b2Sites powered by Mangallam suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
fde827ab706304167b87000dea08b2f6
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed