exploit the possibilities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2015-09-03

Ubuntu Security Notice USN-2728-1
Posted Sep 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2728-1 - Hanno Boeck discovered that Bind incorrectly handled certain malformed keys when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-5722
MD5 | da4c833a2081989341c60865a2a6423f
Debian Security Advisory 3348-1
Posted Sep 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3348-1 - Several vulnerabilities were discovered in qemu, a fast processor emulator.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-3214, CVE-2015-5154, CVE-2015-5165, CVE-2015-5225, CVE-2015-5745
MD5 | ad724548dee479962cae24e186d6961a
Debian Security Advisory 3349-1
Posted Sep 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3349-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-5165, CVE-2015-5745
MD5 | 26775a5626a810a65e9166a5a3e8acf5
Cisco Security Advisory 20150902-cimcs
Posted Sep 3, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director contain a remote file overwrite vulnerability that could allow an unauthenticated, remote attacker to overwrite arbitrary system files, resulting in system instability or a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote, denial of service, arbitrary
systems | cisco
MD5 | 5c5c7762b79e05f2e41db5b0b9e8fc3a
Red Hat Security Advisory 2015-1713-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1713-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2014-8137, CVE-2014-8138, CVE-2015-1841, CVE-2015-3247
MD5 | 1a9e0d2f6c7edddbc77d574532119db2
Red Hat Security Advisory 2015-1714-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1714-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. A race condition flaw, leading to a heap-based memory corruption, was found in spice's worker_update_monitors_config() function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the privileges of the host QEMU-KVM process.

tags | advisory, remote, arbitrary, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2015-3247
MD5 | 7945065014ba1fd4255be18183fda22b
Red Hat Security Advisory 2015-1715-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1715-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. A race condition flaw, leading to a heap-based memory corruption, was found in spice's worker_update_monitors_config() function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the privileges of the host QEMU-KVM process.

tags | advisory, remote, arbitrary, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2015-3247
MD5 | 786398b8d8effcfffa123ba867980ebc
Ubuntu Security Notice USN-2729-1
Posted Sep 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2729-1 - Florian Weimer discovered that libvdpau incorrectly handled certain environment variables. A local attacker could possibly use this issue to gain privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2015-5198, CVE-2015-5199, CVE-2015-5200
MD5 | 242bcea36d6d2244eb8e3bb57ddce285
Ubuntu Security Notice USN-2730-1
Posted Sep 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2730-1 - Georgi Geshev discovered that OpenSLP incorrectly handled processing certain service requests. A remote attacker could possibly use this issue to cause OpenSLP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Qinghao Tang discovered that OpenSLP incorrectly handled processing certain messages. A remote attacker could possibly use this issue to cause OpenSLP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-4428, CVE-2015-5177
MD5 | a6b52f7ac3f86b985a1b6a432a97c4fb
Red Hat Security Advisory 2015-1712-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1712-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. All Chromium users should upgrade to these updated packages, which contain Chromium version 45.0.2454.85, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-1291, CVE-2015-1292, CVE-2015-1293, CVE-2015-1294, CVE-2015-1295, CVE-2015-1296, CVE-2015-1297, CVE-2015-1298, CVE-2015-1299, CVE-2015-1300, CVE-2015-1301
MD5 | c1be01bafe210eaa1ac18673dd183150
Red Hat Security Advisory 2015-1704-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1704-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems—such as multiple databases, XML files, and even Hadoop systems—appear as a set of tables in a local database. This roll up patch serves as a cumulative upgrade for Red Hat JBoss Data Virtualization 6.1.0. It includes various bug fixes, which are listed in the README file included with the patch files.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2015-1818
MD5 | d893508f8586f830bdff01decdb4ba5d
Red Hat Security Advisory 2015-1708-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1708-01 - The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. An integer truncation flaw was discovered in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server.

tags | advisory, overflow, arbitrary, local
systems | linux, redhat
advisories | CVE-2015-1802, CVE-2015-1803, CVE-2015-1804
MD5 | 7ff3c9b6ca364daf306d2bc467d7b8f2
Slackware Security Advisory - bind Updates
Posted Sep 3, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-5722, CVE-2015-5986
MD5 | 9de9b0a397dd7d29100cde91334cb5c5
Debian Security Advisory 3350-1
Posted Sep 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3350-1 - Hanno Boeck discovered that incorrect validation of DNSSEC-signed records in the Bind DNS server could result in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2015-5722
MD5 | 17ca3fe9b87bd1e131d6dc586ad2fd67
Red Hat Security Advisory 2015-1706-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1706-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query that would cause named functioning as a validating resolver to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-5722
MD5 | 7df8d79363946afd222469de855f014b
Red Hat Security Advisory 2015-1705-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1705-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query that would cause named functioning as a validating resolver to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-5722
MD5 | 9e67b9213a176e67002ec612158c35b9
Red Hat Security Advisory 2015-1707-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1707-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query that would cause named functioning as a validating resolver to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-5722
MD5 | bc0de5e1b241afd08477f41581dbaebd
Debian Security Advisory 3347-1
Posted Sep 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3347-1 - Pyry Hakulinen and Ashish Shakla at Automattic discovered that pdns, an authoritative DNS server, was incorrectly processing some DNS packets; this would enable a remote attacker to trigger a DoS by sending specially crafted packets causing the server to crash.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2015-5230
MD5 | 09f533d5590c026eeacc5d46b82a4c48
GPON G-93RG1 Cross Site Request Forgery / Code Execution
Posted Sep 3, 2015
Authored by Phan Thanh Duy

GPON home router version G-93RG1 suffers from a cross site request forgery vulnerability that allows for arbitrary command execution.

tags | exploit, arbitrary, csrf
MD5 | 585b48648b2694f73551f05c4821ae00
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close