Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-02-03

MIT krb5 Security Advisory 2015-001
Posted Feb 3, 2015
Site web.mit.edu

MIT krb5 Security Advisory 2015-001 - The MIT krb5 team has discovered four vulnerabilities affecting kadmind. Some of these vulnerabilities may also affect server applications which use the gssrpc library or the gss_process_context_token() function. These are implementation vulnerabilities, not vulnerabilities in the Kerberos protocol.

tags | advisory, vulnerability, protocol
advisories | CVE-2014-5352
MD5 | 4def928b911324ac6b51db2961de2968
Red Hat Security Advisory 2015-0117-01
Posted Feb 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0117-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. This update fixes several vulnerabilities in the MariaDB database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2014-6568, CVE-2015-0374, CVE-2015-0381, CVE-2015-0382, CVE-2015-0391, CVE-2015-0411, CVE-2015-0432
MD5 | 14443b6696869a6793ac5446ef06b2c4
Red Hat Security Advisory 2015-0116-01
Posted Feb 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0116-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2014-6568, CVE-2015-0374, CVE-2015-0381, CVE-2015-0382, CVE-2015-0391, CVE-2015-0411, CVE-2015-0432
MD5 | 499fa1b6363e65ffc3077ab152d7f18d
Red Hat Security Advisory 2015-0115-01
Posted Feb 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0115-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's SCTP implementation handled malformed or duplicate Address Configuration Change Chunks. A remote attacker could use either of these flaws to crash the system. A flaw was found in the way the Linux kernel's SCTP implementation handled the association's output queue. A remote attacker could send specially crafted packets that would cause the system to use an excessive amount of memory, leading to a denial of service.

tags | advisory, remote, denial of service, kernel
systems | linux, redhat
advisories | CVE-2014-3673, CVE-2014-3687, CVE-2014-3688
MD5 | 68c8b2c7f90a441475aacec42a13e19b
Red Hat Security Advisory 2015-0118-01
Posted Feb 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0118-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. This update fixes several vulnerabilities in the MariaDB database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2014-6568, CVE-2015-0374, CVE-2015-0381, CVE-2015-0382, CVE-2015-0391, CVE-2015-0411, CVE-2015-0432
MD5 | 33e6460d4db68e73f79caaa505f58a0a
Ubuntu Security Notice USN-2489-1
Posted Feb 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2489-1 - Michal Zalewski discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9636
MD5 | f450edc3d7a5655fa144ca819a90aa97
Capstone 3.0.1
Posted Feb 3, 2015
Authored by Nguyen Anh Quynh | Site capstone-engine.org

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Changes: Release 3.0.1 is a stable version with important fixes in the core & Python bindings.
tags | tool
systems | linux, unix
MD5 | d559c0661391b91e3470859439c10190
Hewlett-Packard UCMDB 10.10 JMX-Console Authentication Bypass
Posted Feb 3, 2015
Authored by Hans-Martin Muench

Hewlett-Packard Universal CMDB version 10.10 suffers from a jmx-console related authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2014-7883
MD5 | 1bfb406bb52ae0ef19e951401d8628cb
My Little Forum 2.3.3 / 2.2 / 1.7 Cross Site Scripting
Posted Feb 3, 2015
Authored by Jing Wang

My Little Forum versions 2.3.3, 2.2, and 1.7 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 622d37d4023db5a2f552dd4402536e8a
ManageEngine Desktop Central 9 Cross Site Request Forgery
Posted Feb 3, 2015
Authored by Mohamed Idris

ManageEngine Desktop Central 9 suffers from a cross site request forgery vulnerability.

tags | advisory, csrf
advisories | CVE-2014-9331
MD5 | 5d0ef06ecf94cd95b27ee299fb871b7d
HP Security Bulletin HPSBMU03232 3
Posted Feb 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03232 3 - A potential security vulnerability has been identified with HP SiteScope. The vulnerability could be exploited remotely to allow elevation of privilege. Revision 3 of this advisory.

tags | advisory
advisories | CVE-2014-7882
MD5 | b7e572f0504c4cb6fac5cae508cdbe71
HP Security Bulletin HPSBGN03237 1
Posted Feb 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03237 1 - A potential security vulnerability has been identified with HP Insight Remote Support v7 Clients running SSLv3 which may affect WBEM, WS-MAN and WMI connections from monitored devices to an HP Insight Remote Support Hosting Device, such as an HP Insight Remote Support Central Management Server (CMS). This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. HP Insight Remote Support 7.2 allows the Hosting Device administrator to disable SSLv3 ciphers. Some monitored devices may require an update to support TLS encryption, while others may not support TLS encryption at all. Disabling SSLv3 on the hosting device can result in loss of communication with such monitored devices. HP has provided the ability to address POODLE in the Insight Remote Support 7.2 release, but disabling SSLv3 requires the Hosting Device administrator to take specific actions to address this vulnerability. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2014-3566
MD5 | 8e640a55e1d9c7d50476765212f64cd5
HP Security Bulletin HPSBGN03247 1
Posted Feb 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03247 1 - A potential security vulnerability has been identified with HP IceWall SSO Dfw using glibc. This vulnerability could be used to remotely execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2015-0235
MD5 | b9bc44af53b4347efc63b99a900da276
Debian Security Advisory 3152-1
Posted Feb 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3152-1 - A flaw was found in the test_compr_eb() function allowing out-of-bounds read and write access to memory locations. By carefully crafting a corrupt ZIP archive an attacker can trigger a heap overflow, resulting in application crash or possibly having other unspecified impact.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2014-9636
MD5 | 4ab23ceba6083e50e74104fe215dbd98
Debian Security Advisory 3151-1
Posted Feb 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3151-1 - Several vulnerabilities were discovered in Django, a high-level Python web development framework.

tags | advisory, web, vulnerability, python
systems | linux, debian
advisories | CVE-2015-0219, CVE-2015-0220, CVE-2015-0221
MD5 | 6c812b9422f0bd7c21f449cbb25a6fc0
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    1 Files
  • 18
    Nov 18th
    1 Files
  • 19
    Nov 19th
    3 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close