ignore security and it'll go away
Showing 1 - 18 of 18 RSS Feed

Files Date: 2015-11-19

Kibana Cross Site Request Forgery
Posted Nov 19, 2015
Authored by Kevin Kluge

Kibana versions prior to 4.1.3 and 4.2.1 suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
advisories | CVE-2015-8131
MD5 | 7af17515188390948f9feaaa9365985e
VMware Security Advisory 2015-0008
Posted Nov 19, 2015
Authored by VMware | Site vmware.com

VMware Security Advisory 2015-0008 - VMware product updates address information disclosure issue.

tags | advisory, info disclosure
advisories | CVE-2015-3269
MD5 | 7ace39edff0170e76c46e56ab3390199
Red Hat Security Advisory 2015-2078-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2078-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.

tags | advisory, overflow, memory leak
systems | linux, redhat
advisories | CVE-2015-5288, CVE-2015-5289
MD5 | 29aaa713f926c68189ed7c3357d479d6
HP Security Bulletin HPSBGN03521 2
Posted Nov 19, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03521 2 - A potential security vulnerability has been identified in HP Operations Orchestration Central. The vulnerability could be exploited to allow Cross-Site Request Forgery (CSRF). Revision 2 of this advisory.

tags | advisory, csrf
advisories | CVE-2015-5451
MD5 | 9d710949a0073f13b8d7a1703d6ba8e0
Debian Security Advisory 3399-1
Posted Nov 19, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3399-1 - Several vulnerabilities have been discovered in the libpng PNG library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-7981, CVE-2015-8126
MD5 | a1b2d285dddbe99c7b148802d2b4c4ed
Wireshark Analyzer 2.0.0
Posted Nov 19, 2015
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple bug fixes and updates. Moved to new 2.x branch.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 5909af2a09a9a3023ba61bc62e787ad2
F5 iControl iCall::Script Root Command Execution
Posted Nov 19, 2015
Authored by Jon Hart, Tom | Site metasploit.com

This Metasploit module exploits an authenticated privilege escalation vulnerability in the iControl API on the F5 BIG-IP LTM (and likely other F5 devices). This requires valid credentials and the Resource Administrator role. The exploit should work on BIG-IP 11.3.0 - 11.6.0, (11.5.x < 11.5.3 HF2 or 11.6.x < 11.6.0 HF6, see references for more details).

tags | exploit
advisories | CVE-2015-3628
MD5 | 755ad54627fd7520d038f44c1eae892b
IBM i Access For Windows 7.1 Denial Of Service
Posted Nov 19, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

IBM i Access for Windows is vulnerability to a stack buffer overflow denial of service vulnerability.

tags | exploit, denial of service, overflow
systems | windows
advisories | CVE-2015-7422
MD5 | 917e8a2507ea8466c47676ae664064d7
IBM i Access For Windows 7.1 Buffer Overflow
Posted Nov 19, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

IBM i Access for Windows is vulnerable to a buffer overflow. A local attacker could overflow a buffer and execute arbitrary code on the Windows PC.

tags | exploit, overflow, arbitrary, local
systems | windows
advisories | CVE-2015-2023
MD5 | c40c0828f0febe3fa5864c0c90ecf05b
Horde Groupware 5.2.10 Cross Site Request Forgery
Posted Nov 19, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

Horde Groupware version 5.2.10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-7984
MD5 | 3a5cd258e72b93a855b8810a52553c1b
Adobe Premiere Clip 1.1.1 Filter Bypass
Posted Nov 19, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Adobe Premiere Clip version 1.1.1 suffers from a filter bypass vulnerability.

tags | exploit, bypass
MD5 | 4c446bdca3c3c463162d0a6ddff23809
Red Hat Security Advisory 2015-2068-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2068-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7181, CVE-2015-7182, CVE-2015-7183
MD5 | 1434d3e34c90af332f1399084f91bf51
Ubuntu Security Notice USN-2814-1
Posted Nov 19, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2814-1 - It was discovered that the NVIDIA graphics drivers incorrectly sanitized user mode inputs. A local attacker could use this issue to possibly gain root privileges.

tags | advisory, local, root
systems | linux, ubuntu
advisories | CVE-2015-7869
MD5 | 6a0c45433874a78bcb74b163854fac45
Red Hat Security Advisory 2015-2077-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2077-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.

tags | advisory, overflow, memory leak
systems | linux, redhat
advisories | CVE-2015-5288, CVE-2015-5289
MD5 | 5eb2ca6367e8cfc71edd5891e2e24839
Red Hat Security Advisory 2015-2083-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2083-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.

tags | advisory, overflow, memory leak
systems | linux, redhat
advisories | CVE-2015-5288, CVE-2015-5289
MD5 | e49dd74e05ac0fb56dcc4c0e50c72a31
Red Hat Security Advisory 2015-2081-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2081-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. All PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2015-5288
MD5 | 61346ab3558a21e3e622db71ce717662
Red Hat Security Advisory 2015-2086-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2086-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4835, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4872, CVE-2015-4881, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4903, CVE-2015-4911
MD5 | 41f826fa69ebc3e2fe435c3a5c789a23
HP Security Bulletin HPSBGN03521 1
Posted Nov 19, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03521 1 - A potential security vulnerability has been identified in HP Operations Orchestration Central. The vulnerability could be exploited to allow Cross-Site Request Forgery (CSRF). Revision 1 of this advisory.

tags | advisory, csrf
advisories | CVE-2015-5451
MD5 | da6f72ea88eeef1cb83077712bf4859e
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    5 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close