what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2015-03-27

MIMEDefang Email Scanner 2.76
Posted Mar 27, 2015
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: Added support for filter_wrapup callback. Various bug fixes, a typo fixed, and all perl function prototypes removed.
tags | tool
systems | windows, unix
MD5 | dac5c62ec43b6d26299e7a801752031a
Manage Engine Desktop Central 9 Unauthorized Administrative Password Reset
Posted Mar 27, 2015

A remote unauthenticated user can change the password of any Manage Engine Desktop Central user with the Administrator role (DCAdmin).

tags | exploit, remote
advisories | CVE-2015-2560
MD5 | 7240189a57fd5c2d8a5ae36d5098adac
Mandriva Linux Security Advisory 2015-077
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-077 - f2py insecurely used a temporary file. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running f2py.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2014-1858, CVE-2014-1859
MD5 | 2f3e29ce9c6d649f8f023dd6f3aacc00
Mandriva Linux Security Advisory 2015-076
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-076 - Updated python3 packages fix security vulnerabilities. ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zips. A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code. It was reported that a patch added to Python 3.2 caused a race condition where a file created could be created with world read/write permissions instead of the permissions dictated by the original umask of the process. This could allow a local attacker that could win the race to view and edit files created by a program using this call. Note that prior versions of Python, including 2.x, do not include the vulnerable _get_masked_mode() function that is used by os.makedirs() when exist_ok is set to True. Python are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the _json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value that is used an an array index, causing the scanstring function to access process memory outside of the string it is intended to access. The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary scripts in the server's document root.

tags | advisory, overflow, arbitrary, local, cgi, root, vulnerability, python
systems | linux, mandriva
advisories | CVE-2013-7338, CVE-2014-1912, CVE-2014-2667, CVE-2014-4616, CVE-2014-4650
MD5 | 3ab64607396afde2fe1ea09dc9c210cc
Mandriva Linux Security Advisory 2015-075
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-075 - A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code. This updates the python package to version 2.7.6, which fixes several other bugs, including denial of service flaws due to unbound readline() calls in the ftplib and nntplib modules. Denial of service flaws due to unbound readline() calls in the imaplib, poplib, and smtplib modules. A gzip bomb and unbound read denial of service flaw in python XMLRPC library. Python are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the _json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value that is used an an array index, causing the scanstring function to access process memory outside of the string it is intended to access. The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary scripts in the server's document root. Python before 2.7.8 is vulnerable to an integer overflow in the buffer type. When Python's standard library HTTP clients (httplib, urllib, urllib2, xmlrpclib) are used to access resources with HTTPS, by default the certificate is not checked against any trust store, nor is the hostname in the certificate checked against the requested host. It was possible to configure a trust root to be checked against, however there were no faculties for hostname checking. The python-pip and tix packages was added due to missing build dependencies.

tags | advisory, web, denial of service, overflow, arbitrary, cgi, root, python
systems | linux, mandriva
advisories | CVE-2013-1752, CVE-2013-1753, CVE-2014-1912, CVE-2014-4616, CVE-2014-4650, CVE-2014-7185, CVE-2014-9365
MD5 | 0b2b11d0c818af9e967e69377793be70
Mandriva Linux Security Advisory 2015-074
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-074 - The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service via an empty attribute list in a deref control in a search request. The updated packages provides a solution for these security issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2015-1545
MD5 | f2fd30030d4cf64bb2bb9626d292fe39
Mandriva Linux Security Advisory 2015-073
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-073 - The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service via an empty attribute list in a deref control in a search request. Double free vulnerability in the get_vrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service via a crafted search query with a matched values control. The updated packages provides a solution for these security issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2015-1545, CVE-2015-1546
MD5 | c9109ec80d92244ecebe8719e51fa6fa
Mandriva Linux Security Advisory 2015-072
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-072 - Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 3.1.x and gnutls 3.2.x. A version 1 intermediate certificate will be considered as a CA certificate by default. It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. A NULL pointer dereference flaw was discovered in GnuTLS's gnutls_x509_dn_oid_name(). The function, when called with the GNUTLS_X509_DN_OID_RETURN_OID flag, should not return NULL to its caller. However, it could previously return NULL when parsed X.509 certificates included specific OIDs. A flaw was found in the way GnuTLS parsed session ids from Server Hello packets of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code. An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC certificates or certificate signing requests. A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application compiled against GnuTLS (for example, certtool), could cause that application to crash or execute arbitrary code with the permissions of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2014-0092, CVE-2014-1959, CVE-2014-3465, CVE-2014-3466, CVE-2014-8564
MD5 | e566a58bdd0bfa6882bfa214b12d9c86
Mandriva Linux Security Advisory 2015-071
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-071 - The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PLTE chunk of zero bytes or a NULL palette, related to pngrtran.c and pngset.c. An integer overflow leading to a heap-based buffer overflow was found in the png_set_sPLT() and png_set_text_2() API functions of libpng. An attacker could create a specially-crafted image file and render it with an application written to explicitly call png_set_sPLT() or png_set_text_2() function, could cause libpng to crash or execute arbitrary code with the permissions of the user running such an application. An integer overflow leading to a heap-based buffer overflow was found in the png_set_unknown_chunks() API function of libpng. An attacker could create a specially-crafted image file and render it with an application written to explicitly call png_set_unknown_chunks() function, could cause libpng to crash or execute arbitrary code with the permissions of the user running such an application.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2013-6954, CVE-2013-7353, CVE-2013-7354
MD5 | 862ee5bb5181ea3897f2c156be9b33b8
Mandriva Linux Security Advisory 2015-070
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-070 - The qemuDomainMigratePerform and qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors. The XML getters for for save images and snapshots objects don't check ACLs for the VIR_DOMAIN_XML_SECURE flag and might possibly dump security sensitive information. A remote attacker able to establish a connection to libvirtd could use this flaw to cause leak certain limited information from the domain xml file. The updated packages provides the latest 1.1.3.9 version which has more robust fixes for MDVSA-2015:023 and MDVSA-2015:035.

tags | advisory, remote, denial of service, local
systems | linux, mandriva
advisories | CVE-2014-8136, CVE-2015-0236
MD5 | 70c78fd21bd05899c2390015e13dfb70
HP Security Bulletin HPSBMU03294 1
Posted Mar 27, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03294 1 - A potential security vulnerability has been identified with HP Process Automation running OpenSSL. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information.. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
MD5 | a7eb7aa4408dbe0ed4898be567baae3d
Mandriva Linux Security Advisory 2015-068
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-068 - The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. This is due to an incomplete fix for CVE-2015-0247.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2015-1572
MD5 | c435b8683bb2789d85dc740a16844a92
Mandriva Linux Security Advisory 2015-067
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-067 - The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. This is due to an incomplete fix for CVE-2015-0247.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2015-0247, CVE-2015-1572
MD5 | 8e0debf37d0603266303cba08ff177d3
Mandriva Linux Security Advisory 2015-066
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-066 - In GNU Cpio 2.11, the --no-absolute-filenames option limits extracting contents of an archive to be strictly inside a current directory. However, it can be bypassed with symlinks. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current directory.

tags | advisory
systems | linux, mandriva
advisories | CVE-2015-1197
MD5 | 1bac8dda82981ffa3f4ce71cfc47b339
Mandriva Linux Security Advisory 2015-065
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-065 - Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive. Additionally, a null pointer dereference in the copyin_link function which could cause a denial of service has also been fixed. In GNU Cpio 2.11, the --no-absolute-filenames option limits extracting contents of an archive to be strictly inside a current directory. However, it can be bypassed with symlinks. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current directory.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2014-9112, CVE-2015-1197
MD5 | 123e6bbf972f1a3138f627005c489163
Mandriva Linux Security Advisory 2015-064
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-064 - Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any remotely-controlled user input, this issue can cause a denial-of-service. A directory traversal issue in cabextract allows writing to locations outside of the current working directory, when extracting a crafted cab file that encodes the filenames in a certain manner.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-9556, CVE-2015-2060
MD5 | 1d77a712b1f4eb2c7997025b52d7857c
Mandriva Linux Security Advisory 2015-063
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-063 - Multiple vulnerabilities has been discovered and corrected in openssl. The updated packages have been upgraded to the 1.0.0r version where these security flaws has been fixed.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2015-0204, CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293
MD5 | 2f9f2e925923d773f1747f2ebe110519
Mandriva Linux Security Advisory 2015-062
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-062 - Multiple vulnerabilities has been discovered and corrected in openssl. The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0160, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206, CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293
MD5 | 9412decee50df63b317420ad5180fc9f
Debian Security Advisory 3205-1
Posted Mar 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3205-1 - Nicolas Gregoire and Kevin Schaller discovered that Batik, a toolkit for processing SVG images, would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files or cause resource consumption.

tags | advisory, arbitrary, xxe
systems | linux, debian
advisories | CVE-2015-0250
MD5 | 1db7a71a1205636f98cfd23eb1faa6b1
WebGate WinRDS 2.0.8 StopSiteAllChannel Stack Overflow
Posted Mar 27, 2015
Authored by Praveen Darshanam

WebGate WinRDS version 2.0.8 suffers from a StopSiteAllChannel stack overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2015-2094
MD5 | a7690e63c750714527b4f9c1cfebef5c
Internet Download Manager 6.20 Local Buffer Overflow
Posted Mar 27, 2015
Authored by TUNISIAN CYBER

Internet Download Manager version 6.20 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
MD5 | ec11f85037c43e91adc23ab723fd43bf
AfterLogic WebMail Lite Authentication Bypass
Posted Mar 27, 2015
Authored by Paulos Yibelo

AfterLogic WebMail Lite allows for an unauthenticated user to set an administrative password.

tags | exploit, bypass
MD5 | 4d87f913808ad9ff44266e63485355e5
CMS Builder 2.07 SQL Injection
Posted Mar 27, 2015
Authored by Provensec

CMS Builder version 2.07 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 54bc6a400463fa760b986afc419112fa
WebGate eDVR Manager 2.6.4 SiteName Stack Overflow
Posted Mar 27, 2015
Authored by Praveen Darshanam

WebGate eDVR Manager version 2.6.4 suffers from a SiteName stack overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2015-2098
MD5 | d0478829dba2bd81b397154b39002895
WebGate Control Center 4.8.7 GetThumbnail Stack Overflow
Posted Mar 27, 2015
Authored by Praveen Darshanam

WebGate Control Center version 4.8.7 suffers from a GetThumbnail stack overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2015-2099
MD5 | ce92341fd3225ce94fbeb7e45fedc234
Page 1 of 2
Back12Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close