Debian Linux Security Advisory 3352-1 - A vulnerability was found in screen causing a stack overflow which results in crashing the screen server process, resulting in denial of service.
47329d467435a8394168134d3808de35Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
2f5f79d7bf2909bc6ae2c34fce7c5e4fDebian Linux Security Advisory 3351-1 - Several vulnerabilities have been discovered in the chromium web browser.
b93ad99309b57931099c9490a9ed9269Red Hat Security Advisory 2015-1736-01 - Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Improper error handling in the API server can cause the master process to crash. A user with network access to the master could cause this to happen. This issue was discovered by Jordan Liggitt of the Red Hat OpenShift Enterprise Team.
7bdbc720d69e8fed1bd4aeeef67a74e7Red Hat Security Advisory 2015-1723-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. A denial of service flaw was found in the OpenStack Compute instance migration process. Because the migration process does not terminate when an instance is deleted, an authenticated user could bypass user quota and deplete all available disk space by repeatedly re-sizing and deleting an instance.
92e529ae61d0109881c3c47a1f1ccba7Red Hat Security Advisory 2015-1718-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory.
a1255e8a59bb2e8c64a11b14e7b80382This Metasploit module will install a payload that is executed during boot. It will be executed either at user logon or system startup via the registry value in "CurrentVersion\Run" (depending on privilege and selected method). The payload will be installed completely in registry.
04cc329f43130353235dbe565fd3c589This Metasploit module will bypass Windows UAC by utilizing the missing .manifest on the script host cscript/wscript.exe binaries.
984a5488ea8448b27d0c57a54b08cbf2Ubuntu Security Notice 2733-1 - It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.
0fa672d07ad761b45c9b94453f73f71aUbuntu Security Notice 2731-1 - Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel.
c381f5c88c07a0d11a7425f9d5c667d4Ubuntu Security Notice 2732-1 - Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel.
e8429e51c71ac053d7eebd1eb1c1a00eUbuntu Security Notice 2734-1 - It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.
18e0b722887935070bd6cd5d4ea19820Multiple buffer overflow vulnerabilities have been identified in Yahoo! Messenger versions 11.5.0.228 and below.
464fdcbb475517adc40408ae287a00e7EMC Documentum Content Server includes a privilege escalation vulnerability that could potentially be exploited by malicious, regular users to perform certain actions as the superuser. Unprivileged Content Server users may potentially escalate their privileges to become a superuser by creating and performing malicious operations on dm_job objects. This is due to improper authorization checks being performed on such objects and some of their attributes. The previous fix for CVE-2014-4626 was incomplete. Versions 7.2 and below are affected.
d204b92860a96221ad2e117024cc17baZhone ADSL2+ 4P Bridge bridge and router suffers from authentication bypass and information disclosure vulnerabilities.
4759831e4bebd65fd4f3c6974c35def7Checkmarx CxQL versions 7.1.5 and below suffer from a sandbox bypass vulnerability.
d41d8cd98f00b204e9800998ecf8427eAvaya one-X Agent version 2.5 SP2 suffers from having a hard-coded key and various cryptography use issues.
663999172b27a59db9403ab6303b9932OpenDocMan version 1.3.2. suffers from a cross site scripting vulnerability.
df5ed6fb348ed54136aa15a1a1011a1aMilw0rm Clone Script version 1.0 suffers from a cross site scripting vulnerability.
7a09ea70df6720b668a662a45bb33d44Virtual Freer versions prior to 1.57 suffers from an authentication bypass vulnerability.
219101ecab1af24ceef9b0890637dd74Anontwi is a tool for OAuth2 applications, such as GNUSocial and Twitter, that provides different layers of encryption, privacy methods and proxy features. It contains a GTk+ interface.
b154fef287fd52c289ea396493309051
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed