Apple Security Advisory 2015-03-09-4 - Xcode 6.2 is now available and addresses spoofing and validation checking issues.
4a50eb3c136fe092fc8abd8396cccba8eb128f4a15cfe7c70ec4f0d941b01848Apple Security Advisory 2015-03-09-3 - Security Update 2015-002 is now available and addresses buffer overflow, off-by-one, type confusion, and secure transport vulnerabilities.
e2669321cbe28cd46bc8bf178977f84d20bc7697a29a74b80c2fe27664e28606Apple Security Advisory 2015-03-09-2 - AppleTV 7.1 is now available and addresses folder creation, code execution, and tls-related vulnerabilities.
020635beec9890ce5aa20321ca3adb375938c809061e1d9e83912740301fc4d9Apple Security Advisory 2015-03-09-1 - iOS 8.2 is now available and addresses null pointer dereference, code execution, buffer overflows, and various other vulnerabilities.
27df9c1ac94771e9e6eb1dc3ad8678e46015149a7920b10087847b58166e23f9Kguard SHA104 and SHA108 DVRs suffer from command injection, insufficient authentication and authorization, password disclosure, denial of service, and missing transport security vulnerabilities.
23f967513908ed1865432be70dd6383e588399ac116ed776c4f95b7a093d52b3Codoforum version 2.5.1 suffers from an arbitrary file download vulnerability.
2511ecea404416465ad294b78f8909c3c96ecbc68f034d3db2a6724194814c4dWordPress Fraction Theme version 1.1.1 suffers from a privilege escalation vulnerability.
514f51682d65cc17a08cfd688cea64b4379893537219d8ead242db19b88559cbManage Engine AD Audit Manager Plus versions below build 6270 suffer from a cross site scripting vulnerability.
4735134ce9bdd039e2630ec69133cc374c5e9bd945eade4e8fdf2b899bfb27a2Ubuntu Security Notice 2521-1 - Several out-of-bounds write bugs were discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. A use-after-free was discovered in the V8 bindings in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. Various other issues were also addressed.
8228ded3f488ccaf7fc494acaa20c51cf96f6f0b497bb4cff582aca2be4eae86Ubuntu Security Notice 2523-1 - Martin Holst Swende discovered that the mod_headers module allowed HTTP trailers to replace HTTP headers during request processing. A remote attacker could possibly use this issue to bypass RequestHeaders directives. Mark Montague discovered that the mod_cache module incorrectly handled empty HTTP Content-Type headers. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Various other issues were also addressed.
b5a9d704b449f39d01062d26900f37e7a1d8336e27bd24dc58719568e3d644a3Mandriva Linux Security Advisory 2015-057 - The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat expression, a different vulnerability than CVE-2013-7421. net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers. The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644. The updated packages provides a solution for these security issues.
c7e15d90dbbc5bc9948f7f6bf42febec7ed38b4fea44c971f7d0404e8e4aa6c6Cisco Security Advisory - On March 9, 2015, new research was published that takes advantage of a flaw in double data rate type 3 (DDR3) synchronous dynamic random-access memory (SDRAM) to perform privilege escalation attacks on systems that contain the affected hardware. The flaw is known as Row Hammer. To attempt an attack, the attacker must execute a malicious binary on an affected system. In addition, the research focused on consumer hardware that did not have a number of mitigations and memory protections that have been integrated into chipsets and memory modules used in Cisco server-class products. Of note in the paper is that the researchers were unable, in their testing, to exploit devices that use Error-Correcting Code (ECC) memory. Cisco offers a limited number of products that allow an unprivileged user to load and execute binaries.
2286a26f9db59216dc28aa29c4974718f3954d05d690b1c38ef155ef3fd79790tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
f59a2bb77612a1392973ecf1ee165028abf5c151e04ae3999b98f94fd9d04ae7Varnish Cache version 4.0.3 suffers from a buffer overflow vulnerability.
2b10a0518f442a736ea3e86364fcb47251a1b0e1853674a11d5a6b920b9b9cd1tcpdump versions prior to 4.7.2 suffer from denial of service and code execution vulnerabilities.
424e9f605486e00763107ba04d05715cae9df6c2c581eb92b22d3a813d361721Libpcap is a portable packet capture library which is used in many packet sniffers, including Tcpdump.
1a4abc1f268b68f97e69a497f53695c9acc7a13f1d522a4d940dea276e6698aeThis is a proof-of-concept exploit that is able to escape from Native Client's x86-64 sandbox on machines that are susceptible to the DRAM "rowhammer" problem. It works by inducing a bit flip in read-only code so that the code is no longer safe, producing instruction sequences that wouldn't pass NaCl's x86-64 validator. Note that this uses the CLFLUSH instruction, so it doesn't work in newer versions of NaCl where this instruction is disallowed by the validator.
e6593966ab188ce0527192162955cdd9d0be2836c92fe8c8ae35f4c97e8dbe65Digital Whisper Electronic Magazine issue 59. Written in Hebrew.
eafa4d0c3a8021a1d6a02757f60b4399c4a174f1d25cbefc012d42adf9dfa6ae
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed