what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files Date: 2015-07-10

FreeBSD Security Advisory - OpenSSL Certificate Forgery
Posted Jul 10, 2015
Authored by Adam Langley, David Benjamin | Site security.freebsd.org

FreeBSD Security Advisory - During certificate verification, OpenSSL will attempt to find an alternative certificate chain if the first attempt to build such a chain fails, unless the application explicitly specifies X509_V_FLAG_NO_ALT_CHAINS. An error in the implementation of this logic could erroneously mark certificate as trusted when they should not. An attacker could cause certain checks on untrusted certificates, such as the CA (certificate authority) flag, to be bypassed, which would enable them to use a valid leaf certificate to act as a CA and issue an invalid certificate.

tags | advisory
systems | freebsd
advisories | CVE-2015-1793
MD5 | 26ed640fe93813ad02963f1321eb4af2
VMware Security Advisory 2015-0005
Posted Jul 10, 2015
Authored by VMware | Site vmware.com

VMware Security Advisory 2015-0005 - VMware Workstation, Player, and Horizon View Client for Windows updates address a host privilege escalation vulnerability.

tags | advisory
systems | windows
advisories | CVE-2015-3650
MD5 | a2697888409cfe12bb5945f63544fc3a
Gentoo Linux Security Advisory 201507-15
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-15 - Certain checks on untrusted certificates can be bypassed. Versions less than 1.0.1p are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2015-1793
MD5 | fdb07e365e621306adddb2c0d75986a8
Gentoo Linux Security Advisory 201507-14
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-14 - Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components. Versions less than 1.8.0.31 are affected.

tags | advisory, java, remote, local, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3566, CVE-2014-6549, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0400, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412, CVE-2015-0413, CVE-2015-0421
MD5 | c82c15592058e1c4cf8195b77ce47c3e
Gentoo Linux Security Advisory 201507-13
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-13 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.481 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-0578, CVE-2015-3113, CVE-2015-3114, CVE-2015-3115, CVE-2015-3116, CVE-2015-3117, CVE-2015-3118, CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, CVE-2015-3123, CVE-2015-3124, CVE-2015-3125, CVE-2015-3126, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3130, CVE-2015-3131, CVE-2015-3132, CVE-2015-3133, CVE-2015-3134, CVE-2015-3135, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4429
MD5 | 90a8534488283326cd4e1b7412df8742
Gentoo Linux Security Advisory 201507-11
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-11 - A vulnerability in Perl allows a remote attacker to cause Denial of Service. Versions less than 5.20.1-r4 are affected.

tags | advisory, remote, denial of service, perl
systems | linux, gentoo
advisories | CVE-2013-7422
MD5 | 272a3a299e7cca1848d6179601eea258
Gentoo Linux Security Advisory 201507-10
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-10 - A buffer overflow in t1utils could result in execution of arbitrary code or Denial of Service. Versions less than 1.39 are affected.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2015-3905
MD5 | bba513acf68616319102fa3ca6a33762
HP Security Bulletin HPSBGN03371 1
Posted Jul 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03371 1 - Potential security vulnerabilities have been identified with HP IceWall Products running OpenSSL. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-1789, CVE-2015-1790, CVE-2015-1792
MD5 | 282c94868df7f35e331a5f04091888d3
Debian Security Advisory 3307-1
Posted Jul 10, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3307-1 - Toshifumi Sakaguchi discovered that the patch applied to pdns-recursor, a recursive DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service (service-affecting CPU spikes and in some cases a crash).

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2015-1868
MD5 | ff7df2615994561bc3f7e11930e43065
Debian Security Advisory 3306-1
Posted Jul 10, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3306-1 - Toshifumi Sakaguchi discovered that the patch applied to pdns, an authoritative DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service (service-affecting CPU spikes and in some cases a crash).

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2015-1868
MD5 | 3c8cb426da88553eb8391e5cc7f166b8
Slackware Security Advisory - openssl Updates
Posted Jul 10, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-1793
MD5 | 944acb9b8971711466b80206b6725921
Gentoo Linux Security Advisory 201507-19
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-19 - Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 5.6.24 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-0405, CVE-2015-0423, CVE-2015-0433, CVE-2015-0438, CVE-2015-0439, CVE-2015-0441, CVE-2015-0498, CVE-2015-0499, CVE-2015-0500, CVE-2015-0501, CVE-2015-0503, CVE-2015-0505, CVE-2015-0506, CVE-2015-0507, CVE-2015-0508, CVE-2015-0511, CVE-2015-2566, CVE-2015-2567, CVE-2015-2568, CVE-2015-2571, CVE-2015-2573
MD5 | 5c372031e565586a9d9ed9d18286e941
Gentoo Linux Security Advisory 201507-18
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-18 - Multiple vulnerabilities have been found in Chromium allowing remote attackers to bypass security restrictions. Versions less than 43.0.2357.130 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2015-1266, CVE-2015-1267, CVE-2015-1268, CVE-2015-1269
MD5 | 3e41aa863469c220f79f463103799701
Gentoo Linux Security Advisory 201507-17
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-17 - A vulnerability in SNMP could lead to Denial of Service condition. Versions less than 5.7.3_pre5-r1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2014-3565
MD5 | 1382d4b60b946c27ff9574071f7f2910
Gentoo Linux Security Advisory 201507-16
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-16 - A vulnerability in Portage's urlopen function could allow a remote attacker to conduct a man-in-the-middle attack. Versions less than 2.1.12.2 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2013-2100
MD5 | 6a21353ba83daf5c31b19ad598f27afe
ADB Backup APK Injection
Posted Jul 10, 2015
Authored by Imre Rad

The Android ABD utility backup manager, which invokes the custom BackupAgent, does not filter the data stream returned by the applications. While a BackupAgent is being executed during the backup process, it is able to inject additional applications (APKs) into the backup archive without the user's consent. The BackupAgent needs no Android permissions. Upon restoration of the backup archive, the system installs the injected, additional application (since it is part of the backup archive and the system believes it is authentic) with escalated privileges. Proof of concept code included.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2014-7952
MD5 | dca4e34e854215aabe54d26273992d37
EMC RecoverPoint For Virtual Machines Restriction Bypass
Posted Jul 10, 2015
Site emc.com

EMC RecoverPoint for VMs 4.3 contains fixes for a restriction bypass vulnerability that could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, bypass
advisories | CVE-2015-4526
MD5 | a3eb0258470e7220bdeccd21d66c9bc9
Arab Portal 3 SQL Injection
Posted Jul 10, 2015
Authored by ali ahmady

Arab Portal version 3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8dbf673c61ef64af7283255d148cfd28
UPNPD M-SEARCH ssdp:discover Reflection Denial Of Service
Posted Jul 10, 2015
Authored by Todor Donev

UPNPD M-Search ssdp:discover reflection denial of service exploit.

tags | exploit, denial of service
MD5 | 9d278e5870103380ca304147445a6c61
Page 1 of 1
Back1Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    2 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close