accept no compromises
Showing 1 - 25 of 31 RSS Feed

Files Date: 2015-07-07

OpenSCAP Libraries 1.2.5
Posted Jul 7, 2015
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Plugged memory leaks. Fixed fresh static analysis (coverity) findings. Fixed shellcheck warnings. Fixes for Solaris platform. Various other updates and improvements.
tags | protocol, library
systems | unix
MD5 | c65f61382837de143f00e508844d5b20
Tinc Virtual Private Network Daemon 1.0.26
Posted Jul 7, 2015
Authored by Ivo Timmermans | Site tinc.nl.linux.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Tinc now forces glibc to reload /etc/resolv.conf for every hostname lookup. Fixed —logfile without a filename on Windows. Ensure tinc can be compiled when using musl libc.
tags | tool, encryption
systems | unix
MD5 | a8c168227fa42cbfcd4983247bf609ca
HP Security Bulletin HPSBGN03361 1
Posted Jul 7, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03361 1 - A potential security vulnerability has been identified with HP UCMDB, HP UCMDB Configuration Manager, HP UCMDB Browser, and HP Universal Discovery running TLS. Note: This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-4000
MD5 | 423b34be117adb9050214fae7b53b139
HP Security Bulletin HPSBMU03234 1
Posted Jul 7, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03234 1 - A potential security vulnerability has been identified with HP Vertica running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
MD5 | 7f861a529ffac8e97c44bd8eedd2a906
Debian Security Advisory 3303-1
Posted Jul 7, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3303-1 - It was discovered that the texttopdf utility, part of cups-filters, was susceptible to multiple heap-based buffer overflows due to improper handling of print jobs with a specially crafted line size. This could allow remote attackers to crash texttopdf or possibly execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, debian
advisories | CVE-2015-3258, CVE-2015-3279
MD5 | f607ffce2109c0d259f5dcd8b0894c8d
Red Hat Security Advisory 2015-1211-01
Posted Jul 7, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1211-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2015-1805
MD5 | fb77d21c99540f347daaff0194267691
Ubuntu Security Notice USN-2668-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2668-1 - It was discovered that HAProxy incorrectly handled certain buffers. A remote attacker could possibly use this issue to obtain sensitive information belonging to previous requests.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2015-3281
MD5 | 925cbc5f0e234c7fda0fcee338dbdee1
Debian Security Advisory 3302-1
Posted Jul 7, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3302-1 - Insufficient input sanitising in libwmf, a library to process Windows metafile data, may result in denial of service or the execution of arbitrary code if a malformed WMF file is opened.

tags | advisory, denial of service, arbitrary
systems | linux, windows, debian
advisories | CVE-2015-0848, CVE-2015-4588, CVE-2015-4695, CVE-2015-4696
MD5 | ae20b9bef1deac5b0dbf9f675d83562e
Ubuntu Security Notice USN-2666-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2666-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167, CVE-2015-4700
MD5 | 201a361d8f4da2b576e0c9755364b9e1
Ubuntu Security Notice USN-2667-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2667-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003
MD5 | c8750104b996f794fc4cfd7fbf1cd465
Ubuntu Security Notice USN-2663-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2663-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9710, CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167
MD5 | 553c805e30360d815f4bfc8613663385
Ubuntu Security Notice USN-2664-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2664-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167, CVE-2015-4700
MD5 | bd99a36ce8f2c9e2d4256bac885bde2f
Ubuntu Security Notice USN-2665-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2665-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003
MD5 | dc664107d152c7b55821628a6f04f559
Ubuntu Security Notice USN-2662-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2662-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9710, CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167
MD5 | 35ff0d826d13daf55a94cf200068053c
Ubuntu Security Notice USN-2660-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2660-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420
MD5 | df6550d0213022876fa9157828496d8b
Ubuntu Security Notice USN-2661-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2661-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420
MD5 | 69667835bc58acb656d44d427aee604b
Red Hat Security Advisory 2015-1210-01
Posted Jul 7, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1210-01 - ABRT is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. It was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users.

tags | advisory, kernel, local, info disclosure
systems | linux, redhat
advisories | CVE-2015-1869, CVE-2015-1870, CVE-2015-3142, CVE-2015-3147, CVE-2015-3159, CVE-2015-3315
MD5 | 1edfd830dffb0a0ece498f079e2ab1df
Gentoo Linux Security Advisory 201507-08
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-8 - A vulnerability in libxml2 allows a remote attacker to cause Denial of Service. Versions less than 2.9.2-r1 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2015-1819
MD5 | 0256ee3a28012af513fcb7aa0c303989
Gentoo Linux Security Advisory 201507-07
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-7 - Multiple vulnerabilities have been found in LibVNCServer, the worst of which could result in execution of arbitrary code or Denial of Service. Versions less than 0.9.10-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055
MD5 | ec9f67c4370c5a39cb8cac505772dc3b
Gentoo Linux Security Advisory 201507-06
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-6 - Multiple vulnerabilities have been found in UnRTF, the worst of which may result in execution of arbitrary code. Versions less than 0.21.9 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-9274, CVE-2014-9275
MD5 | bc6c7821649c76b011463049cef85ff6
Gentoo Linux Security Advisory 201507-05
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-5 - Multiple vulnerabilities have been found in SQLite, allowing context-dependent attackers to cause a Denial of Service condition. Versions less than 3.8.9 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-3414, CVE-2015-3415, CVE-2015-3416
MD5 | 4ed09268f59705f860e2ff73eafd9485
Gentoo Linux Security Advisory 201507-04
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-4 - Multiple vulnerabilities have been found in International Components for Unicode, allowing attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 55.1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-8146, CVE-2014-8147
MD5 | 134376411e97c688d7cf50dcacb15896
Gentoo Linux Security Advisory 201507-03
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-3 - A vulnerability in Exiv2 could lead to Denial of Service condition. Versions less than 0.24-r1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2014-9449
MD5 | 931326a425abc1576a32166fa97f63c4
Black Cat CMS 1.1.2 Cross Site Scripting
Posted Jul 7, 2015
Authored by Provensec

Black Cat CMS version 1.1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | de54f7bf649441829e51d5b10c8a4f18
EMC Documentum Content Server ESA-2014-105 Fail
Posted Jul 7, 2015
Authored by Andrey B. Panfilov

A vulnerability exists in the EMC Documentum Content Server which allows an authenticated user to elevate privileges, hijack Content Server filesystem, or execute arbitrary commands by creating malicious dm_job objects. Although ESA-2014-105 claimed to remediate this issue, it persists.

tags | exploit, arbitrary
systems | linux
advisories | CVE-2014-4626
MD5 | 3c5534f71cf98accfe6458c9df5ebddf
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close