OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
671c36487785628a703374c652ad2cebea45fa920ae5681515df25d9f2c9a8c8OpenSSH versions 6.8 and below suffer from an issue where malicious servers, if a client connected to them using ssh -X, could connect to the SSH client's X server without being subject to X11 SECURITY restrictions.
b93cb274db294b1b58ca10d241e66406513c14742a39c0415077a90eff4dcd5bUbuntu Security Notice 2671-1 - Eric Peterson and Lin Hua Cheng discovered that Django incorrectly handled session records. A remote attacker could use this issue to cause a denial of service. Sjoerd Job Postmus discovered that DJango incorrectly handled newline characters when performing validation. A remote attacker could use this issue to perform header injection attacks.
0509283524a48dd31b057eda1e79a10c482b6a86458bd5ff727676cd15749875Ubuntu Security Notice 2656-1 - Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property. Looben Yan discovered 2 use-after-free issues when using XMLHttpRequest in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
8b8e1309051b659a9010aa4da8be7f871c23e5dcdb455674eaf7979c0a9f13b8Red Hat Security Advisory 2015-1219-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code.
f12d0457f7fa5153221b85bd57751a48d0a46a1f3e20662d0c23e31c3d87af18Red Hat Security Advisory 2015-1218-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_read_data() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.
f71a8aee7d3ef2bbf2887ea24776b5bd018766e584acec28464f0aaad7cffb13Gentoo Linux Security Advisory 201507-9 - A double free vulnerability in PyPAM could result in execution of arbitrary code or Denial of Service. Versions less than 0.5.0-r3 are affected.
60e9017808fbb14b2fd98b5951a4999a25a4d14a8178fbf8738bb09e5ec0c8c5Ubuntu Security Notice 2672-1 - Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property. Watson Ladd discovered that NSS incorrectly handled Elliptical Curve Cryptography (ECC) multiplication. A remote attacker could possibly use this issue to spoof ECDSA signatures. Various other issues were also addressed.
4be7b0e840bb29a6f1d98997375889e451adecbf983bb8a60512c613ea039d76During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and "issue" an invalid certificate. This issue will impact any application that verifies certificates including SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication. This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o.
cfc5b150eaaface19d5bc83171cbff00f8f18c960fc0ee96be5169072ac0faf9Debian Linux Security Advisory 3305-1 - Several vulnerabilities were discovered in Django, a high-level Python web development framework.
aed2a016c85ad2a0b21644993f12b4ef6e2aaf684e436b95f143ad5c88132dd7Cisco Security Advisory - Cisco Adaptive Security Appliance (ASA) Software is affected by denial of service, cross site scripting, and command injection vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of these vulnerabilities are available. Revision 3 of this advisory.
73c2b43841c0581e736853e7811618fa7ae0035143d6ec436127c92ae73885c5The fix for the EMC Documentum Content Server vulnerability as highlighted in CVE-2014-2513 appears to be partial and still exploitable via slightly modified means.
e93c2829969b19c504cd3f1c57ed73580f7207de2859d1e952e49e3a60186fc8Whitepaper called Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications. Twenty years ago, law enforcement organizations lobbied to require data and communication services to engineer their products to guarantee law enforcement access to all data. After lengthy debate and vigorous predictions of enforcement channels "going dark," these attempts to regulate the emerging Internet were abandoned. In the intervening years, innovation on the Internet flourished, and law enforcement agencies found new and more effective means of accessing vastly larger quantities of data. Today we are again hearing calls for regulation to mandate the provision of exceptional access mechanisms. In this report, a group of computer scientists and security experts, many of whom participated in a 1997 study of these same topics, has convened to explore the likely effects of imposing extraordinary access mandates. They have found that the damage that could be caused by law enforcement exceptional access requirements would be even greater today than it would have been 20 years ago. In the wake of the growing economic and social cost of the fundamental insecurity of today's Internet environment, any proposals that alter the security dynamics online should be approached with caution. Exceptional access would force Internet system developers to reverse "forward secrecy" design practices that seek to minimize the impact on user privacy when systems are breached. The complexity of today's Internet environment, with millions of apps and globally connected services, means that new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws. Beyond these and other technical vulnerabilities, the prospect of globally deployed exceptional access systems raises difficult problems about how such an environment would be governed and how to ensure that such systems would respect human rights and the rule of law.
b2cf2c1b7f4eb18e903bb934869b5489e8ecd5215e90c29f1411031756900e31File Roller version 3.4.1 denial of service proof of concept exploit.
81a244cce6b4a27fe23d8927d7d66e187e9231c727d0d2d883bd9c529ee6146bA Network Time Protocol (NTP) Amplification attack is an emerging form of Distributed Denial of Service (DDoS) that relies on the use of publicly accessible NTP servers to overwhelm a victim system with UDP traffic. The NTP service supports a monitoring service that allows administrators to query the server for traffic counts of connected clients. This information is provided via the "monlist" command. The basic attack technique consists of an attacker sending a "get monlist" request to a vulnerable NTP server, with the source address spoofed to be the victim's address. This tool is a proof of concept that demonstrates this attack.
48b0f0fb221c6a092ee7210ff8b830e0b5ba18fd3294e65cf266ee2f4b6a19f1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed