exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2015-03-27

MIMEDefang Email Scanner 2.76
Posted Mar 27, 2015
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: Added support for filter_wrapup callback. Various bug fixes, a typo fixed, and all perl function prototypes removed.
tags | tool
systems | windows, unix
SHA-256 | 70d9c94ca2a62bcec53fa7a24c97e062048e24114aec3cc77bc65fbf40d8bf51
Manage Engine Desktop Central 9 Unauthorized Administrative Password Reset
Posted Mar 27, 2015

A remote unauthenticated user can change the password of any Manage Engine Desktop Central user with the Administrator role (DCAdmin).

tags | exploit, remote
advisories | CVE-2015-2560
SHA-256 | 4e564bd659684313462675a23bdcdb7cff6e5368a61d78b38a3ee71428ffb7f0
Mandriva Linux Security Advisory 2015-077
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-077 - f2py insecurely used a temporary file. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running f2py.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2014-1858, CVE-2014-1859
SHA-256 | f89f9be46e1441e3c3fc1a20beb2088a43bce60f5652ef7fd4db5c6aa2daa9ff
Mandriva Linux Security Advisory 2015-076
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-076 - Updated python3 packages fix security vulnerabilities. ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zips. A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code. It was reported that a patch added to Python 3.2 caused a race condition where a file created could be created with world read/write permissions instead of the permissions dictated by the original umask of the process. This could allow a local attacker that could win the race to view and edit files created by a program using this call. Note that prior versions of Python, including 2.x, do not include the vulnerable _get_masked_mode() function that is used by os.makedirs() when exist_ok is set to True. Python are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the _json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value that is used an an array index, causing the scanstring function to access process memory outside of the string it is intended to access. The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary scripts in the server's document root.

tags | advisory, overflow, arbitrary, local, cgi, root, vulnerability, python
systems | linux, mandriva
advisories | CVE-2013-7338, CVE-2014-1912, CVE-2014-2667, CVE-2014-4616, CVE-2014-4650
SHA-256 | ab76b20f26c250158d7fa23532b4b88bd262202a2dbe4ad2a031d1e8a96c39eb
Mandriva Linux Security Advisory 2015-075
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-075 - A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code. This updates the python package to version 2.7.6, which fixes several other bugs, including denial of service flaws due to unbound readline() calls in the ftplib and nntplib modules. Denial of service flaws due to unbound readline() calls in the imaplib, poplib, and smtplib modules. A gzip bomb and unbound read denial of service flaw in python XMLRPC library. Python are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the _json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value that is used an an array index, causing the scanstring function to access process memory outside of the string it is intended to access. The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary scripts in the server's document root. Python before 2.7.8 is vulnerable to an integer overflow in the buffer type. When Python's standard library HTTP clients (httplib, urllib, urllib2, xmlrpclib) are used to access resources with HTTPS, by default the certificate is not checked against any trust store, nor is the hostname in the certificate checked against the requested host. It was possible to configure a trust root to be checked against, however there were no faculties for hostname checking. The python-pip and tix packages was added due to missing build dependencies.

tags | advisory, web, denial of service, overflow, arbitrary, cgi, root, python
systems | linux, mandriva
advisories | CVE-2013-1752, CVE-2013-1753, CVE-2014-1912, CVE-2014-4616, CVE-2014-4650, CVE-2014-7185, CVE-2014-9365
SHA-256 | 3b0a1e39fae22b4d6476806ca1197785de85b0ad0d0836ae88ff10eef9f34bcf
Mandriva Linux Security Advisory 2015-074
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-074 - The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service via an empty attribute list in a deref control in a search request. The updated packages provides a solution for these security issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2015-1545
SHA-256 | b6b5087086a07ac0d1a6266398a8c4da950c64a0a6f16e0d111c0852f5dbde52
Mandriva Linux Security Advisory 2015-073
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-073 - The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service via an empty attribute list in a deref control in a search request. Double free vulnerability in the get_vrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service via a crafted search query with a matched values control. The updated packages provides a solution for these security issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2015-1545, CVE-2015-1546
SHA-256 | 9994917c7655dd037858b35273207005fbbb62aef30bf1f07e8f084ef7d08641
Mandriva Linux Security Advisory 2015-072
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-072 - Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 3.1.x and gnutls 3.2.x. A version 1 intermediate certificate will be considered as a CA certificate by default. It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. A NULL pointer dereference flaw was discovered in GnuTLS's gnutls_x509_dn_oid_name(). The function, when called with the GNUTLS_X509_DN_OID_RETURN_OID flag, should not return NULL to its caller. However, it could previously return NULL when parsed X.509 certificates included specific OIDs. A flaw was found in the way GnuTLS parsed session ids from Server Hello packets of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code. An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC certificates or certificate signing requests. A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application compiled against GnuTLS (for example, certtool), could cause that application to crash or execute arbitrary code with the permissions of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2014-0092, CVE-2014-1959, CVE-2014-3465, CVE-2014-3466, CVE-2014-8564
SHA-256 | d54e07c39568448fc8ce57614a5d9fa432224b556e5e7e077010ba9803d59272
Mandriva Linux Security Advisory 2015-071
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-071 - The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PLTE chunk of zero bytes or a NULL palette, related to pngrtran.c and pngset.c. An integer overflow leading to a heap-based buffer overflow was found in the png_set_sPLT() and png_set_text_2() API functions of libpng. An attacker could create a specially-crafted image file and render it with an application written to explicitly call png_set_sPLT() or png_set_text_2() function, could cause libpng to crash or execute arbitrary code with the permissions of the user running such an application. An integer overflow leading to a heap-based buffer overflow was found in the png_set_unknown_chunks() API function of libpng. An attacker could create a specially-crafted image file and render it with an application written to explicitly call png_set_unknown_chunks() function, could cause libpng to crash or execute arbitrary code with the permissions of the user running such an application.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2013-6954, CVE-2013-7353, CVE-2013-7354
SHA-256 | 79e6f9f1c0221f60661c24bfe726dbe52958e2b9547ab07f77561284659f24eb
Mandriva Linux Security Advisory 2015-070
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-070 - The qemuDomainMigratePerform and qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors. The XML getters for for save images and snapshots objects don't check ACLs for the VIR_DOMAIN_XML_SECURE flag and might possibly dump security sensitive information. A remote attacker able to establish a connection to libvirtd could use this flaw to cause leak certain limited information from the domain xml file. The updated packages provides the latest 1.1.3.9 version which has more robust fixes for MDVSA-2015:023 and MDVSA-2015:035.

tags | advisory, remote, denial of service, local
systems | linux, mandriva
advisories | CVE-2014-8136, CVE-2015-0236
SHA-256 | 796bd3102ef7c6389d24d91c773931cb0e9d2950fc7139ad29fcc5261a01992d
HP Security Bulletin HPSBMU03294 1
Posted Mar 27, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03294 1 - A potential security vulnerability has been identified with HP Process Automation running OpenSSL. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information.. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | 2563c6c0667cccf0d44015493dedaf10837d4fb443dc45d6bbfd09dfe7c6c1c5
Mandriva Linux Security Advisory 2015-068
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-068 - The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. This is due to an incomplete fix for CVE-2015-0247.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2015-1572
SHA-256 | b547da908cb77286fbeb20f7ea69d2f1207a558ac6ff96033a398ae85fdf31e0
Mandriva Linux Security Advisory 2015-067
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-067 - The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. This is due to an incomplete fix for CVE-2015-0247.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2015-0247, CVE-2015-1572
SHA-256 | 38751e11c91900e9c0695d3bf4ae0f4e529f2ae00cfb6443d6a315145ac890e0
Mandriva Linux Security Advisory 2015-066
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-066 - In GNU Cpio 2.11, the --no-absolute-filenames option limits extracting contents of an archive to be strictly inside a current directory. However, it can be bypassed with symlinks. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current directory.

tags | advisory
systems | linux, mandriva
advisories | CVE-2015-1197
SHA-256 | cf7f223bc5777ece0a5af880567cbdc70c6395f4ec426e5d05c820ce701f0078
Mandriva Linux Security Advisory 2015-065
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-065 - Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive. Additionally, a null pointer dereference in the copyin_link function which could cause a denial of service has also been fixed. In GNU Cpio 2.11, the --no-absolute-filenames option limits extracting contents of an archive to be strictly inside a current directory. However, it can be bypassed with symlinks. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current directory.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2014-9112, CVE-2015-1197
SHA-256 | 2169e30a4cbdc3a7e6b4e9836c0c4617fab77373ee097a98ae2b3bd84a76e6cc
Mandriva Linux Security Advisory 2015-064
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-064 - Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any remotely-controlled user input, this issue can cause a denial-of-service. A directory traversal issue in cabextract allows writing to locations outside of the current working directory, when extracting a crafted cab file that encodes the filenames in a certain manner.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-9556, CVE-2015-2060
SHA-256 | 931fdb4fcafd9e838a1c08896357eb4c4f8fc0bf9584c497194f34c4c0f8da5e
Mandriva Linux Security Advisory 2015-063
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-063 - Multiple vulnerabilities has been discovered and corrected in openssl. The updated packages have been upgraded to the 1.0.0r version where these security flaws has been fixed.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2015-0204, CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293
SHA-256 | 28254adfd982b7936c2aac76cf4ffbcd0b7369846e093adaf547cc5f825de1ed
Mandriva Linux Security Advisory 2015-062
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-062 - Multiple vulnerabilities has been discovered and corrected in openssl. The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0160, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206, CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293
SHA-256 | e171ec43c2e20ccaebff7416a52645d7f17fe5f2ac7aa5376af3eb0518dd7115
Debian Security Advisory 3205-1
Posted Mar 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3205-1 - Nicolas Gregoire and Kevin Schaller discovered that Batik, a toolkit for processing SVG images, would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files or cause resource consumption.

tags | advisory, arbitrary, xxe
systems | linux, debian
advisories | CVE-2015-0250
SHA-256 | 6e1aea3d8c41b78ffa32747b1dcaa58281ffe140531931a4580db32309a685ca
WebGate WinRDS 2.0.8 StopSiteAllChannel Stack Overflow
Posted Mar 27, 2015
Authored by Praveen Darshanam

WebGate WinRDS version 2.0.8 suffers from a StopSiteAllChannel stack overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2015-2094
SHA-256 | 7484b0bcf3d1e469356ad299ee2cba7f18f007b4e21729c676d7230e1f1e2a47
Internet Download Manager 6.20 Local Buffer Overflow
Posted Mar 27, 2015
Authored by TUNISIAN CYBER

Internet Download Manager version 6.20 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | ea86e49c3a444a60d3b5c98219843360bca802d317a568dcc2c43328eeaa2b0f
AfterLogic WebMail Lite Authentication Bypass
Posted Mar 27, 2015
Authored by Paulos Yibelo

AfterLogic WebMail Lite allows for an unauthenticated user to set an administrative password.

tags | exploit, bypass
SHA-256 | bf60678dc4156a2c4163e6ba2c9b3dc300a0635313915e2001465b0a83a9262a
CMS Builder 2.07 SQL Injection
Posted Mar 27, 2015
Authored by Provensec

CMS Builder version 2.07 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c4201a21853e4a6784d1c052e5fbb68edb638e21dcf654d0dd2c9e82dbe865f2
WebGate eDVR Manager 2.6.4 SiteName Stack Overflow
Posted Mar 27, 2015
Authored by Praveen Darshanam

WebGate eDVR Manager version 2.6.4 suffers from a SiteName stack overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2015-2098
SHA-256 | 5df7b5793f8ec4d06789688a50828baf77cfb3868727f09a842762f8508b84a9
WebGate Control Center 4.8.7 GetThumbnail Stack Overflow
Posted Mar 27, 2015
Authored by Praveen Darshanam

WebGate Control Center version 4.8.7 suffers from a GetThumbnail stack overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2015-2099
SHA-256 | bd49f9a4c75f66f7c2c9d9eca3fd8dc32f72b07f451b96dde8ed0722f0a23a66
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close