what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2015-08-03

Debian Security Advisory 3321-1
Posted Aug 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3321-1 - The InCommon Shibboleth Training team discovered that XMLTooling, a C++ XML parsing library, did not properly handle an exception when parsing well-formed but schema-invalid XML. This could allow remote attackers to cause a denial of service (crash) via crafted XML data.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2015-0851
SHA-256 | 6462eb2e7a56fdae86610f9b33d418d4615b8b5f180b0203a1a861ff20fb9b41
Ubuntu Security Notice USN-2700-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2700-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Andy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | 943cf9af07e288f748c0571d7b91e0f511f1efcb344bcbd3cf30c83ca200c663
Ubuntu Security Notice USN-2701-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2701-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Andy Lutomirski discovered a flaw that allows user to cause the Linux kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged user could exploit this flaw to potentially cause the system to miss important NMIs resulting in unspecified effects. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3290, CVE-2015-3291, CVE-2015-5157
SHA-256 | b8bb77c070e7f389017664b2a2f1b7c79949709d710b497024adf5699d50ff3d
Debian Security Advisory 3320-1
Posted Aug 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3320-1 - It was discovered that OpenAFS, the implementation of the distributed filesystem AFS, contained several flaws that could result in information leak, denial-of-service or kernel panic.

tags | advisory, kernel
systems | linux, debian
advisories | CVE-2015-3282, CVE-2015-3283, CVE-2015-3284, CVE-2015-3285, CVE-2015-3287
SHA-256 | 2ed0f85cf16cc180c20925fb79ff7ba5a5d1e90330f06f5c029ece633836b05a
Red Hat Security Advisory 2015-1526-01
Posted Aug 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1526-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid.

tags | advisory, java, protocol
systems | linux, redhat
advisories | CVE-2015-2590, CVE-2015-2601, CVE-2015-2621, CVE-2015-2625, CVE-2015-2628, CVE-2015-2632, CVE-2015-2808, CVE-2015-4000, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
SHA-256 | 28932cde7e1e54b5faa2a128d70fecb9ba81b65dd119ddde1d9ba9ffd2dfed25
Red Hat Security Advisory 2015-1525-01
Posted Aug 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1525-01 - Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.3 release serves as a replacement for JBoss Operations Network 3.3.2, and includes several bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-3267
SHA-256 | 1f3955d5c9dcc4a4d449f91f650cd5a15f31a76b11dca7fc589ea77d37050e1b
Ubuntu Security Notice USN-2698-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2698-1 - It was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. Michal Zalewski discovered that SQLite incorrectly handled dequoting of collation-sequence names. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416
SHA-256 | 937b9f09e2a968893a7d63eceeef3020011624592253a0fec716f4b4f447004f
Ubuntu Security Notice USN-2699-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2699-1 - Enrico Zini discovered that HPLIP used a short GPG key ID when downloading keys from the keyserver. An attacker could possibly use this to return a different key with a duplicate short key id and perform a man-in-the-middle attack on printer plugin installations.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2015-0839
SHA-256 | 41797d8c5e7da29c64727415987d33f892e37e4bff37cc76a08a1cc9d86488b6
Cisco Security Advisory 20150730-asr1k
Posted Aug 3, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the code handling the reassembly of fragmented IP version 4 (IPv4) or IP version 6 (IPv6) packets of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a crash of the Embedded Services Processor (ESP) processing the packet. The vulnerability is due to improper processing of crafted, fragmented packets. An attacker could exploit this vulnerability by sending a crafted sequence of fragmented packets. An exploit could allow the attacker to cause a reload of the affected platform. Cisco has released software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

tags | advisory, remote
systems | cisco, osx
SHA-256 | 927bb8bedea60ec82b1e53204a9f62223814ed18dd75bae126ded3c6b1eec619
Ubuntu Security Notice USN-2697-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2697-1 - William Robinet and Stefan Cornelius discovered that Ghostscript did not correctly handle certain Postscript files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-3228
SHA-256 | 22db086cbac83e658a8859ae66a6198f75f09d172119cfebab54fa87bdf63433
Ubuntu Security Notice USN-2696-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2696-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. Several vulnerabilities were discovered in the cryptographic components of the OpenJDK JRE. An attacker could exploit these to expose sensitive data over the network. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2015-2590, CVE-2015-2601, CVE-2015-2613, CVE-2015-2621, CVE-2015-2625, CVE-2015-2628, CVE-2015-2632, CVE-2015-2808, CVE-2015-4000, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
SHA-256 | 8ac70ef5d3ffc3c065a0c52d7f424e904636f1c7c4b12a1196a9cf9750c40c26
Ubuntu Security Notice USN-2695-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2695-1 - Fernando Munoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data, applications linked against HTML Tidy could be made to crash, leading to a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-5522, CVE-2015-5523
SHA-256 | 336dfd98983f47de9f0d69470b93d230134fc1c320550ad9eac0643342f45923
Ubuntu Security Notice USN-2694-1
Posted Aug 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2694-1 - Michele Spagnuolo discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. Kai Lu discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-8964, CVE-2015-2325, CVE-2015-2326, CVE-2015-3210, CVE-2015-5073
SHA-256 | 8804417254216ccc530798963467d9a6a6c33083c90ac34da9d1be7bcc0c39c8
HP Security Bulletin HPSBGN03366 1
Posted Aug 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03366 1 - A potential security vulnerability has been identified with HP Business Process Insight. This is the RC4 vulnerability known as the Bar Mitzvah attack, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-2808
SHA-256 | b918864d7cae5bf0425fd2d28c0c3223ad3d2d2b921317b80ddd094e6a36d29d
HP Security Bulletin HPSBGN03367 1
Posted Aug 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03367 1 - A potential security vulnerability has been identified with HP TransactionVision. This is the RC4 vulnerability known as the Bar Mitzvah attack, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-2808
SHA-256 | 31eae33287034323bb0d9fd5c9218b3a0251c8fde99b7f03b778550f7585a298
Red Hat Security Advisory 2015-1495-01
Posted Aug 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1495-01 - Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Red Hat Gluster Storage's Unified File and Object Storage is built on OpenStack's Object Storage. A flaw was found in the metadata constraints in OpenStack Object Storage. By adding metadata in several separate calls, a malicious user could bypass the max_meta_count constraint, and store more metadata than allowed by the configuration.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-5338, CVE-2014-5339, CVE-2014-5340, CVE-2014-7960
SHA-256 | 84376bdb91826099c8d1fa4579e5493c43a6f53f2686c6e646e7dfa8e57ef9c7
Red Hat Security Advisory 2015-1515-01
Posted Aug 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1515-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5477
SHA-256 | 92bd0030856a69af4da7d4c2b799173e40b1c3de179c0a3b4bf343d9f48bc64d
Red Hat Security Advisory 2015-1514-01
Posted Aug 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1514-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5477
SHA-256 | fafac577a237e448434eceb55f708fb50b5c609fb601b4668cdf9613c1951e3e
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close