what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-09-30

RSA OneStep 6.9 Path Traversal
Posted Sep 30, 2015
Site emc.com

RSA OneStep is potentially affected by a path traversal vulnerability. Attackers could potentially exploit this vulnerability to access unauthorized information by supplying specially crafted strings in input parameters of the application. Versions 6.9 prior to build 559 are affected.

tags | advisory
advisories | CVE-2015-4546
SHA-256 | d03b4b51818c3702e50eb4646e8c602ca6e5e245e452febf9a09050e7347f504
FreeBSD Security Advisory - rpcbind(8) Denial Of Service
Posted Sep 30, 2015
Site security.freebsd.org

FreeBSD Security Advisory - In rpcbind(8), netbuf structures are copied directly, which would result in two netbuf structures that reference to one shared address buffer. When one of the two netbuf structures is freed, access to the other netbuf structure would result in an undefined result that may crash the rpcbind(8) daemon. A remote attacker who can send specifically crafted packets to the rpcbind(8) daemon can cause it to crash, resulting in a denial of service condition.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2015-7236
SHA-256 | 3878ab5590562a5fd5ca50aa28fff88a0aafae68e4b7788d01ccb77fe3e7103d
Kaseya Virtual System Administrator Code Execution / Privilege Escalation
Posted Sep 30, 2015
Authored by Pedro Ribeiro

Kaseya Virtual System Administrator suffers from multiple code execution vulnerabilities and a privilege escalation vulnerability. VSA versions 7.0.0.0 through 7.0.0.32, 8.0.0.0 through 8.0.0.22, 9.0.0.0 through 9.0.0.18, and 9.1.0.0 through 9.1.0.8 are affected.

tags | exploit, vulnerability, code execution
advisories | CVE-2015-6589, CVE-2015-6922
SHA-256 | 1c99f00ec0d2ed27ea5157a13205f5e690ec57a19a7df31ce5375b1b3e123c64
Mitsubishi Melsec FX3G-24M Denial Of Service
Posted Sep 30, 2015
Authored by Ralf Spenneberg

Mitsubishi Melsec FX3G-24M suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2015-3938
SHA-256 | 11305edb69fbaa63801ee810fdf8c773dad4fb7309cec538b632d1ce094cd87e
RSA Web Threat Detection Privilege Escalation / Information Disclosure
Posted Sep 30, 2015
Site emc.com

RSA Web Threat Detection versions prior to 5.1 SP1 suffer from information disclosure and privilege escalation vulnerabilities.

tags | advisory, web, vulnerability, info disclosure
advisories | CVE-2015-4547, CVE-2015-4548
SHA-256 | 2024bffad25c1834ef402bcbdfd21f38a0a47c4ad346146576728f0000db62fc
Western Digital My Cloud Command Injection
Posted Sep 30, 2015
Authored by absane

Western Digital My Cloud with firmware versions 04.01.03-421 and 04.01.04-422 suffer from a command injection vulnerability.

tags | exploit
SHA-256 | 5d13f0de1e0b2a53135158203c1905e87a858a9bdaaed71017ec7b5b3450f136
Red Hat Security Advisory 2015-1841-01
Posted Sep 30, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1841-01 - Chromium is an open-source web browser, powered by WebKit. Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to bypass cross origin restrictions, and access or modify data from an unrelated web site. All Chromium users should upgrade to these updated packages, which contain Chromium version 45.0.2454.101, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2015-1303, CVE-2015-1304
SHA-256 | 456b42479e1bee74eee40f4fe565aa49f0e5a59ac2e3de9a9a161243c0c64bbe
Red Hat Security Advisory 2015-1840-01
Posted Sep 30, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1840-01 - OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. A flaw was found in the way the OpenLDAP server daemon parsed certain Basic Encoding Rules data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. All openldap users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-6908
SHA-256 | 2b8db859613f053e6c09246eb10db2943893cddb4c9cda9cb50ffde1360f2a63
Ubuntu Security Notice USN-2752-1
Posted Sep 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2752-1 - Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5697, CVE-2015-6252
SHA-256 | 43c8af60617a3cb82c13b8eea007dc203afb51c8b9ee1c3bc727f761b34d969c
Ubuntu Security Notice USN-2751-1
Posted Sep 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2751-1 - Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5697, CVE-2015-6252
SHA-256 | 405924714667abca6dd52a948eb668373582fe5cba40c4a1e880bf55c253e392
Ubuntu Security Notice USN-2749-1
Posted Sep 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2749-1 - Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5697, CVE-2015-6252
SHA-256 | 1ad33970177e89c201e06657bf2522131da69327d6e514c9f7cc7029cbe0d992
Ubuntu Security Notice USN-2750-1
Posted Sep 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2750-1 - It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5707
SHA-256 | 84ba5906bcfde9a5c24394d70086061660eaebde607ead784b3440ce4c078184
Ubuntu Security Notice USN-2753-1
Posted Sep 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2753-1 - Roman Fiedler discovered a directory traversal flaw in lxc-start. A local attacker with access to an LXC container could exploit this flaw to run programs inside the container that are not confined by AppArmor or expose unintended files in the host to the container.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2015-1335
SHA-256 | bf728d8d9557ae32a0f457e004e3e1252ff88f1b5ac7dfef985bd1728212d762
freeswitch Heap Overflow
Posted Sep 30, 2015
Authored by Marcello Duarte

The JSON parser in freeswitch versions prior to 1.6.2 and 1.4.23 suffer from a heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2015-7392
SHA-256 | de3aaff5638707412bde78c6ccb88f499aec5c4ddc637410c1b6a1234caa7426
WordPress mTheme-Unus Local File Inclusion
Posted Sep 30, 2015
Authored by Milad Hacking

WordPress mTheme-Unus theme versions prior to 2.3 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 12285bc1e496cd6d4315b9ec60b09a7ec673603539932383c3d6766aa6187a63
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close