exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 56 RSS Feed

Files Date: 2015-08-21

HPE Security Bulletin HPSBUX03410 SSRT102175 1
Posted Aug 21, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03410 SSRT102175 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2015-5477
SHA-256 | 285ee505b9669d1854cd08aeb5674d644bd0b538eff60181220efd7a9afa9157
HPE Security Bulletin HPSBUX03369 SSRT102037 1
Posted Aug 21, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03369 SSRT102037 1 - A potential security vulnerability have been identified with HP-UX programs using the execve(2) system call. The vulnerability could be exploited locally to create an elevation of privilege. Revision 1 of this advisory.

tags | advisory
systems | hpux
advisories | CVE-2015-2132
SHA-256 | 555885bcc1ea1c4a4d6346039a6eac29109d2b40f6dbde463fffaafc40a61744
Debian Security Advisory 3342-1
Posted Aug 21, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3342-1 - Loren Maggiore of Trail of Bits discovered that the 3GP parser of VLC, a multimedia player and streamer, could dereference an arbitrary pointer due to insufficient restrictions on a writable buffer. This could allow remote attackers to execute arbitrary code via crafted 3GP files.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2015-5949
SHA-256 | a16d41b09a9384afe2a8b693f62e0412ecd3871bc6b7ef99bbf77ef482e96b20
Debian Security Advisory 3341-1
Posted Aug 21, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3341-1 - It was discovered that in certain configurations, if the relevant conntrack kernel module is not loaded, conntrackd will crash when handling DCCP, SCTP or ICMPv6 packets.

tags | advisory, kernel
systems | linux, debian
advisories | CVE-2015-6496
SHA-256 | 841d14d8ee9b3caf761b1f9bc2d5faef3983f910033d9a5335c49e371ab00488
Red Hat Security Advisory 2015-1650-01
Posted Aug 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1650-01 - Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. An improper permission check issue was discovered in the server admission control component in OpenShift. A user with build permissions could use this flaw to execute arbitrary shell commands on a build pod with the privileges of the root user. This issue was discovered by Cesar Wong of the Red Hat OpenShift Enterprise Team.

tags | advisory, arbitrary, shell, root
systems | linux, redhat
advisories | CVE-2015-5222
SHA-256 | ee56f2b637949907876dac0c204f0902be6b9a15308bd46485f1e81c2289d41c
Ubuntu Security Notice USN-2702-3
Posted Aug 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2702-3 - USN-2702-1 fixed vulnerabilities in Firefox. After upgrading, some users in the US reported that their default search engine switched to Yahoo. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-4475, CVE-2015-4477, CVE-2015-4478, CVE-2015-4484, CVE-2015-4488, CVE-2015-4489, CVE-2015-4490, CVE-2015-4491, CVE-2015-4492
SHA-256 | 0d37ac51a6eb9f125ccb7b770b241fe86f5a2549a14498c2537844e8a6a40b73
Ubuntu Security Notice USN-2721-1
Posted Aug 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2721-1 - It was discovered that the Subversion mod_dav_svn module incorrectly handled REPORT requests for a resource that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. It was discovered that the Subversion mod_dav_svn module incorrectly handled requests requiring a lookup for a virtual transaction name that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2014-3580, CVE-2014-8108, CVE-2015-0202, CVE-2015-0248, CVE-2015-0251, CVE-2015-3184, CVE-2015-3187
SHA-256 | bf924d06c07de07ad62f90ddaca26ec6d2f16b7478d76f99c2a041bc556bda43
Debian Security Advisory 3340-1
Posted Aug 21, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3340-1 - Dawid Golunski discovered that when running under PHP-FPM in a threaded environment, Zend Framework, a PHP framework, did not properly handle XML data in multibyte encoding. This could be used by remote attackers to perform an XML External Entity attack via crafted XML data.

tags | advisory, remote, php, xxe
systems | linux, debian
advisories | CVE-2015-5161
SHA-256 | 23d6416156f37ab76976ca96977e08ed7c0c6841cde302f768e47b512c50093f
Debian Security Advisory 3339-1
Posted Aug 21, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3339-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2015-2590, CVE-2015-2601, CVE-2015-2613, CVE-2015-2621, CVE-2015-2625, CVE-2015-2628, CVE-2015-2632, CVE-2015-2808, CVE-2015-4000, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
SHA-256 | cc5c31eaed80c0cd400ec91f3fd6136488f7855153b9eb4184a81e7c430e9138
Red Hat Security Advisory 2015-1647-01
Posted Aug 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1647-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. This update fixes several vulnerabilities in the MariaDB database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2015-0433, CVE-2015-0441, CVE-2015-0499, CVE-2015-0501, CVE-2015-0505, CVE-2015-2568, CVE-2015-2571, CVE-2015-2573, CVE-2015-2582, CVE-2015-2620, CVE-2015-2643, CVE-2015-2648, CVE-2015-3152, CVE-2015-4737, CVE-2015-4752, CVE-2015-4757
SHA-256 | c19074cc30ee10160461cba41a7fba14cc48c4e3c83b609a85394af1f0a48077
Red Hat Security Advisory 2015-1646-01
Posted Aug 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1646-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. This update fixes several vulnerabilities in the MariaDB database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2015-2582, CVE-2015-2611, CVE-2015-2617, CVE-2015-2620, CVE-2015-2639, CVE-2015-2641, CVE-2015-2643, CVE-2015-2648, CVE-2015-2661, CVE-2015-3152, CVE-2015-4737, CVE-2015-4752, CVE-2015-4756, CVE-2015-4757, CVE-2015-4761, CVE-2015-4767, CVE-2015-4769, CVE-2015-4771, CVE-2015-4772
SHA-256 | 9e48c3c96eb61113412af42e99c4dde3ed3ab5100ec726ea8c150027ea62ebc0
HPE Security Bulletin HPSBUX03400 SSRT102211 1
Posted Aug 21, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03400 SSRT102211 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2014-8500, CVE-2015-5477
SHA-256 | 928c02d212c071234ac998c1ccd542c75746befe86272f5fc87537250be7fe15
Security Flash Heap Use-After-Free In SurfaceFilterList::C​reateFromScriptAtom
Posted Aug 21, 2015
Authored by Google Security Research, bilou

Flash suffers from a use-after-free vulnerability in SurfaceFilterList::CreateFromScriptAtom.

tags | exploit
systems | linux
advisories | CVE-2015-5563
SHA-256 | f25272c8a1f372c28e643e729835debc9a97b7068e8da8e97a5a220acf1e5a89
Flash Bypass Of Length Vs. Cookie Validation
Posted Aug 21, 2015
Authored by Chris Evans, Google Security Research

Flash version 18.0.0.209 contains new mitigations to defend against corruptions of Vector.<uint> (and other) lengths. One of these mitigations, at Vector access time, compares the Vector's in-memory length with a representation of the same length XOR'ed with a secret cookie. The bypass comes about because the secret cookie value is stored inside a structure, and a pointer to that structure is stored alongside the Vector length.

tags | exploit
systems | linux
advisories | CVE-2015-5125
SHA-256 | fcdf12cd364c0ea733d2eac6b27e7d2f9f878fe5206bb8c75cbfc449ce599745
Flash AS2 Use After Free In TextField.filters
Posted Aug 21, 2015
Authored by Google Security Research, bilou

There is a use after free vulnerability in the ActionScript 2 TextField.filters array property.

tags | exploit
systems | linux
advisories | CVE-2015-5561
SHA-256 | 45e43f90ddcb052986798b06cfd1f46ebd1983e9b8561f2e5e9f429141da9e39
Adobe Flash Overflow In ID3 Tag Parsing
Posted Aug 21, 2015
Authored by Google Security Research, natashenka

If an mp3 file contains compressed ID3 data that is larger than 0x2aaaaaaa bytes, an integer overflow will occur in allocating the buffer to contain its converted string data, leading to a large copy into a small buffer. A sample fla, swf and mp3 are attached. Put id34.swf and tag.mp3 in the same folder to reproduce the issue. This issue only works on 64 bit platforms.

tags | exploit, overflow
systems | linux
advisories | CVE-2015-5560
SHA-256 | 35155caf981a1919c824478ec4353bf7b0386be80fed9f35592dd6d487b2c05c
Adobe Flash Shared Object Lacks Normal Check
Posted Aug 21, 2015
Authored by Google Security Research, natashenka

The Shared Object constructor does not check that the object it is provided is of type Object before setting it to be of type SharedObject. This can cause problems if another method (such as Sound.loadSound) calls into script between checking the input object type, and casting its native object.

tags | exploit
systems | linux
advisories | CVE-2015-5562
SHA-256 | 19f7464f744154d2d6dd211423377f3e324df119f1b2817fad6a0f7b4e6ae5f4
Microsoft Office 2007 MSPTLS Heap Index Integer Underflow
Posted Aug 21, 2015
Authored by Google Security Research, scvitti

A crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug also reproduced in Office 2010 running on Windows 7 x86.

tags | exploit, x86
systems | linux, windows
SHA-256 | 6730e4bcb74ff3ada116f87db7b421bf1d013003c83ef00b178f449904c4d335
Mozilla Maintenance Service Log File Overwrite Elevation Of Privilege
Posted Aug 21, 2015
Authored by Google Security Research, forshaw

The maintenance service creates a log file in a user writable location. It's possible to change the log file to a hardlink to another file to cause file corruption or elevation of privilege.

tags | exploit
systems | linux
advisories | CVE-2015-4481
SHA-256 | 9a1d92cce93d1ad86dd9eac6ec55a2b6aedcc3249f5d93fb13aea55da6b68ba6
Flash Heap-Based Buffer Overflow Due To Indexing Error When Loading FLV File
Posted Aug 21, 2015
Authored by Google Security Research, mjurczyk

Flash suffers from a heap-based buffer overflow due to an indexing error when loading FLV files.

tags | exploit, overflow
systems | linux
advisories | CVE-2015-5118
SHA-256 | 4673942893163cde81ade110d85287f3016da128ff399dfaf5a45be550ea11c7
Flash Heap-Based Buffer Overflow Loading FLV File With Nellymoser Audio Codec
Posted Aug 21, 2015
Authored by Google Security Research, mjurczyk

Flash suffers from a heap-based buffer overflow vulnerability.

tags | exploit, overflow
systems | linux
advisories | CVE-2015-4432
SHA-256 | 6dc90c34eaf395d7b5fc097c96fc3bbf1b826f568a8b16ab718447c06a8884a7
Microsoft Office 2007 Wwlib.dll FcPlcfFldMom Uninitialized Heap Usage
Posted Aug 21, 2015
Authored by Google Security Research, scvitti

A crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug also reproduced in Office 2010 running on Windows 7 x86. The crash is caused by a 1 bit delta from the original file at offset 0x31B.

tags | exploit, x86
systems | linux, windows
SHA-256 | 03f7aa286c6f7a41a1b151784a5669dfb726e0a84605f216c88584600f74d02f
Microsoft Office 2007 Wwlib.dll Type Confusion
Posted Aug 21, 2015
Authored by Google Security Research, scvitti

A crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug also reproduced in Office 2010 running on Windows 7 x86.

tags | exploit, x86
systems | linux, windows
SHA-256 | a0cd6e10f73a59037ae74f44a92933339dbaf1a11fe054b8edf070270dd6a4c0
Adobe Flash FileReference Class Is Missing Normal Check
Posted Aug 21, 2015
Authored by Google Security Research, natashenka

There is a type confusion issue in the TextFormat constructor that is reachable because the FileReference constructor does not verify that the incoming object is of type Object (it only checks that the object is not native backed). The TextFormat constructor first sets a new object to type TextFormat, and then calls into script several times before setting the native backing object. If one of these script calls then calls into the FileReference constructor, the object can be set to type FileReference, and then the native object will be set to the TextFormat, leading to type confusion.

tags | exploit
systems | linux
advisories | CVE-2015-5558
SHA-256 | 913b0be9845adb6b994362bb787074269b6c1eeb7980d5b0f158933108a65e1a
Microsoft Office 2007 OGL.dll DpOutputSpanStretch:OutputSpan Out Of Bounds Write
Posted Aug 21, 2015
Authored by Google Security Research, scvitti

A crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug also reproduced in Office 2010 running on Windows 7 x86. The crash is caused by a 1 bit delta from the original file at offset 0x4A45. OffViz identified this offset as OLESSRoot.DirectoryEntries[100].OLESSDirectoryEntry[20].sidLeft with an original value of 0x00000000 and a fuzzed value of 0x00008000.

tags | exploit, x86
systems | linux, windows
SHA-256 | 1abb29b1bfd3c4155dea845a8f4a1b457d8108a08fdcb085f1548e3efeb296aa
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close