what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2015-03-16

Microsoft Security Bulletin Re-Release For March, 2015
Posted Mar 16, 2015
Site microsoft.com

This bulletin summary lists two re-released Microsoft security bulletins for March, 2015.

tags | advisory
SHA-256 | eacd11a5eed47da129ea03490336b6cccfdc6256d2ce4ac7022e98699f2f4e98
Ubuntu Security Notice USN-2532-1
Posted Mar 16, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2532-1 - It was discovered that cups-browsed incorrectly filtered remote printer names and strings. A remote attacker could use this issue to possibly execute arbitrary commands.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-2265
SHA-256 | 81d78c706a9de8fdfbf4298e0382e1cc20670a5bd37daf257659ed3aa536ef26
Ubuntu Security Notice USN-2531-1
Posted Mar 16, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2531-1 - Matthew Daley discovered that Requests incorrectly handled cookies without host values when being redirected. A remote attacker could possibly use this issue to perform session fixation or cookie stealing attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2015-2296
SHA-256 | 3b5dfa3d2870523dde7bcde40ac0889a5386922682bebc6bf6ce36c3c40c4224
Ubuntu Security Notice USN-2533-1
Posted Mar 16, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2533-1 - Jakub Wilk and Stephane Chazelas discovered that Sudo incorrectly handled the TZ environment variable. An attacker with Sudo access could possibly use this issue to open arbitrary files, bypassing intended permissions.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9680
SHA-256 | 573e2aa3b05b68bd981113b01018240eb543aee0746c894f53e648ca346e152e
Mandriva Linux Security Advisory 2015-061
Posted Mar 16, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-061 - Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this flaw to cause a denial of service. Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. Various other issues have also been addressed.

tags | advisory, denial of service, overflow, arbitrary, local, code execution
systems | linux, mandriva
advisories | CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4377, CVE-2013-4526, CVE-2013-4527, CVE-2013-4529, CVE-2013-4530, CVE-2013-4531, CVE-2013-4533, CVE-2013-4534, CVE-2013-4535, CVE-2013-4536, CVE-2013-4537, CVE-2013-4538, CVE-2013-4539, CVE-2013-4540, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0142, CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0146, CVE-2014-0147, CVE-2014-0148
SHA-256 | efc025d8f78ef3f1361bcdb1317e0ecdf4463dd8790e6a8c095fd9e4a59acb0b
Debian Security Advisory 3191-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3191-1 - Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2015-0282, CVE-2015-0294
SHA-256 | 4cea3e333f93e92a70ce8a0058a1d87ff6af965bf6a5c3e197f7f0e4be034b0a
Debian Security Advisory 3189-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3189-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

tags | advisory
systems | linux, debian
advisories | CVE-2014-7933, CVE-2014-8543, CVE-2014-8544, CVE-2014-8547, CVE-2014-8548, CVE-2014-9604
SHA-256 | be933a8db84e2d2a5cb751ad0e4b6bf9e8c3ccfb67c9811f29f7ee0a56e2b36d
Debian Security Advisory 3190-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3190-1 - Patrick Coleman discovered that the Putty SSH client failed to wipe out unused sensitive memory.

tags | advisory
systems | linux, debian
advisories | CVE-2015-2157
SHA-256 | 25e80cf2fedefcaa877a76f0881067f5d372efc21c6a716a89bb08a46ae08ee8
Debian Security Advisory 3188-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3188-1 - Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2014-9656, CVE-2014-9657, CVE-2014-9658, CVE-2014-9660, CVE-2014-9661, CVE-2014-9663, CVE-2014-9664, CVE-2014-9666, CVE-2014-9667, CVE-2014-9669, CVE-2014-9670, CVE-2014-9671, CVE-2014-9672, CVE-2014-9673, CVE-2014-9675
SHA-256 | a20668f8db8083d4e55f9d72e09394b68908dfd1bbf6c65d7ed199563219642d
Debian Security Advisory 3187-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3187-1 - Several vulnerabilities were discovered in the International Components for Unicode (ICU) library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419, CVE-2014-6585, CVE-2014-6591, CVE-2014-7923, CVE-2014-7926, CVE-2014-7940, CVE-2014-9654
SHA-256 | 64876d739a618d4738968aa9618e06e3e4463eb6a94b3a4385ce569612e895cf
Mandriva Linux Security Advisory 2015-060
Posted Mar 16, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-060 - Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a specially-crafted YAML document that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat, mandriva
advisories | CVE-2013-6393, CVE-2014-2525, CVE-2014-9130
SHA-256 | 56470a30e5f6b760649df63508ee009d83bf4056c3e840432b96b2d9ef9768bb
Mandriva Linux Security Advisory 2015-059
Posted Mar 16, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-059 - Multiple vulnerabilities has been found and corrected in the Mozilla NSS and NSPR packages. The updated packages provides a solution for these security issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2014-1492, CVE-2014-1544, CVE-2014-1545, CVE-2014-1568, CVE-2014-1569
SHA-256 | 59256243393f23f58ede14a8157f3106d5b951ae5d805857b9f01d335602857b
Gentoo Linux Security Advisory 201503-07
Posted Mar 16, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-7 - An out-of-bounds error in hivex may result in execution of arbitrary code or Denial of Service. Versions less than 1.3.11 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2014-9273
SHA-256 | 73c8c77e48347246dad4e6a64664dec946e38a9f8a880890e8d51494e870cfdf
Gentoo Linux Security Advisory 201503-06
Posted Mar 16, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-6 - Multiple vulnerabilities have been found in ICU, possibly resulting in Denial of Service. Versions less than 54.1-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-7923, CVE-2014-7926, CVE-2014-7940, CVE-2014-9654
SHA-256 | c5d993eeb91b30c1b8c6937c07a1c05ecd7be7753c708804f154c441eb93a20f
Foxit Reader 7.0.6.1126 Privilege Escalation
Posted Mar 16, 2015
Authored by Aljaz Ceru | Site zeroscience.mk

Foxit Reader version 7.0.6.1126 suffers from an unquoted service path elevation of privilege vulnerability.

tags | exploit
SHA-256 | 4d83018ce3fed6a597450c72fc1ee410034f069adb4f2c2c40680fafe152cb05
724CMS 5.01 / 4.59 / 4.01 / 3.01 Directory Traversal
Posted Mar 16, 2015
Authored by Wang Jing

724CMS versions 5.01, 4.59, 4.01, and 3.01 suffer from directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
SHA-256 | 3d0fafa6b355dddb83a9aedfad6f5a78c568e14a2a8986ac2f669596c4c8292f
WordPress Reflex Gallery 3.1.3 Shell Upload
Posted Mar 16, 2015
Authored by Cleiton Pinheiro

WordPress Reflex Gallery plugin version 3.1.3 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 6f6077fb138d9af502aa58092022e9d24de2532b93fddc77dd4cb542c63ea916
724CMS 5.01 / 4.59 / 4.01 / 3.01 Information Leakage
Posted Mar 16, 2015
Authored by Wang Jing

724CMS versions 5.01, 4.59, 4.01, and 3.01 suffer from multiple information leakage vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 56422de54a0c4ffb36f3d659c814015116f0ffd599b8a62c86ffa1b6b1da8135
Windows x86/x64 Download/Execute Shellcode
Posted Mar 16, 2015
Authored by Ali Razmjoo

Obfuscated shellcode for Windows x86/x64 that downloads and executes a binary using powershell.

tags | x86, shellcode
systems | windows
SHA-256 | 348d120d5baf304e63b1c5ab2993742618be236479f44c107de8511fa29bb10d
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close