what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files Date: 2015-07-10

FreeBSD Security Advisory - OpenSSL Certificate Forgery
Posted Jul 10, 2015
Authored by Adam Langley, David Benjamin | Site security.freebsd.org

FreeBSD Security Advisory - During certificate verification, OpenSSL will attempt to find an alternative certificate chain if the first attempt to build such a chain fails, unless the application explicitly specifies X509_V_FLAG_NO_ALT_CHAINS. An error in the implementation of this logic could erroneously mark certificate as trusted when they should not. An attacker could cause certain checks on untrusted certificates, such as the CA (certificate authority) flag, to be bypassed, which would enable them to use a valid leaf certificate to act as a CA and issue an invalid certificate.

tags | advisory
systems | freebsd
advisories | CVE-2015-1793
MD5 | 26ed640fe93813ad02963f1321eb4af2
VMware Security Advisory 2015-0005
Posted Jul 10, 2015
Authored by VMware | Site vmware.com

VMware Security Advisory 2015-0005 - VMware Workstation, Player, and Horizon View Client for Windows updates address a host privilege escalation vulnerability.

tags | advisory
systems | windows
advisories | CVE-2015-3650
MD5 | a2697888409cfe12bb5945f63544fc3a
Gentoo Linux Security Advisory 201507-15
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-15 - Certain checks on untrusted certificates can be bypassed. Versions less than 1.0.1p are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2015-1793
MD5 | fdb07e365e621306adddb2c0d75986a8
Gentoo Linux Security Advisory 201507-14
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-14 - Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components. Versions less than 1.8.0.31 are affected.

tags | advisory, java, remote, local, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3566, CVE-2014-6549, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0400, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412, CVE-2015-0413, CVE-2015-0421
MD5 | c82c15592058e1c4cf8195b77ce47c3e
Gentoo Linux Security Advisory 201507-13
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-13 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.481 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-0578, CVE-2015-3113, CVE-2015-3114, CVE-2015-3115, CVE-2015-3116, CVE-2015-3117, CVE-2015-3118, CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, CVE-2015-3123, CVE-2015-3124, CVE-2015-3125, CVE-2015-3126, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3130, CVE-2015-3131, CVE-2015-3132, CVE-2015-3133, CVE-2015-3134, CVE-2015-3135, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4429
MD5 | 90a8534488283326cd4e1b7412df8742
Gentoo Linux Security Advisory 201507-11
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-11 - A vulnerability in Perl allows a remote attacker to cause Denial of Service. Versions less than 5.20.1-r4 are affected.

tags | advisory, remote, denial of service, perl
systems | linux, gentoo
advisories | CVE-2013-7422
MD5 | 272a3a299e7cca1848d6179601eea258
Gentoo Linux Security Advisory 201507-10
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-10 - A buffer overflow in t1utils could result in execution of arbitrary code or Denial of Service. Versions less than 1.39 are affected.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2015-3905
MD5 | bba513acf68616319102fa3ca6a33762
HP Security Bulletin HPSBGN03371 1
Posted Jul 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03371 1 - Potential security vulnerabilities have been identified with HP IceWall Products running OpenSSL. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-1789, CVE-2015-1790, CVE-2015-1792
MD5 | 282c94868df7f35e331a5f04091888d3
Debian Security Advisory 3307-1
Posted Jul 10, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3307-1 - Toshifumi Sakaguchi discovered that the patch applied to pdns-recursor, a recursive DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service (service-affecting CPU spikes and in some cases a crash).

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2015-1868
MD5 | ff7df2615994561bc3f7e11930e43065
Debian Security Advisory 3306-1
Posted Jul 10, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3306-1 - Toshifumi Sakaguchi discovered that the patch applied to pdns, an authoritative DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service (service-affecting CPU spikes and in some cases a crash).

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2015-1868
MD5 | 3c8cb426da88553eb8391e5cc7f166b8
Slackware Security Advisory - openssl Updates
Posted Jul 10, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-1793
MD5 | 944acb9b8971711466b80206b6725921
Gentoo Linux Security Advisory 201507-19
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-19 - Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 5.6.24 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-0405, CVE-2015-0423, CVE-2015-0433, CVE-2015-0438, CVE-2015-0439, CVE-2015-0441, CVE-2015-0498, CVE-2015-0499, CVE-2015-0500, CVE-2015-0501, CVE-2015-0503, CVE-2015-0505, CVE-2015-0506, CVE-2015-0507, CVE-2015-0508, CVE-2015-0511, CVE-2015-2566, CVE-2015-2567, CVE-2015-2568, CVE-2015-2571, CVE-2015-2573
MD5 | 5c372031e565586a9d9ed9d18286e941
Gentoo Linux Security Advisory 201507-18
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-18 - Multiple vulnerabilities have been found in Chromium allowing remote attackers to bypass security restrictions. Versions less than 43.0.2357.130 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2015-1266, CVE-2015-1267, CVE-2015-1268, CVE-2015-1269
MD5 | 3e41aa863469c220f79f463103799701
Gentoo Linux Security Advisory 201507-17
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-17 - A vulnerability in SNMP could lead to Denial of Service condition. Versions less than 5.7.3_pre5-r1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2014-3565
MD5 | 1382d4b60b946c27ff9574071f7f2910
Gentoo Linux Security Advisory 201507-16
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-16 - A vulnerability in Portage's urlopen function could allow a remote attacker to conduct a man-in-the-middle attack. Versions less than 2.1.12.2 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2013-2100
MD5 | 6a21353ba83daf5c31b19ad598f27afe
ADB Backup APK Injection
Posted Jul 10, 2015
Authored by Imre Rad

The Android ABD utility backup manager, which invokes the custom BackupAgent, does not filter the data stream returned by the applications. While a BackupAgent is being executed during the backup process, it is able to inject additional applications (APKs) into the backup archive without the user's consent. The BackupAgent needs no Android permissions. Upon restoration of the backup archive, the system installs the injected, additional application (since it is part of the backup archive and the system believes it is authentic) with escalated privileges. Proof of concept code included.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2014-7952
MD5 | dca4e34e854215aabe54d26273992d37
EMC RecoverPoint For Virtual Machines Restriction Bypass
Posted Jul 10, 2015
Site emc.com

EMC RecoverPoint for VMs 4.3 contains fixes for a restriction bypass vulnerability that could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, bypass
advisories | CVE-2015-4526
MD5 | a3eb0258470e7220bdeccd21d66c9bc9
Arab Portal 3 SQL Injection
Posted Jul 10, 2015
Authored by ali ahmady

Arab Portal version 3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8dbf673c61ef64af7283255d148cfd28
UPNPD M-SEARCH ssdp:discover Reflection Denial Of Service
Posted Jul 10, 2015
Authored by Todor Donev

UPNPD M-Search ssdp:discover reflection denial of service exploit.

tags | exploit, denial of service
MD5 | 9d278e5870103380ca304147445a6c61
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close