Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-03-02

Red Hat Security Advisory 2016-0306-01
Posted Mar 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0306-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-0293, CVE-2015-3197, CVE-2016-0703, CVE-2016-0704, CVE-2016-0800
MD5 | 2f36ad9742f9b96b4e118c0c254db4cc
Red Hat Security Advisory 2016-0305-01
Posted Mar 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0305-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-3197, CVE-2016-0800
MD5 | d3b49601c460ff97ce020fdf8c82aa2d
Red Hat Security Advisory 2016-0332-01
Posted Mar 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0332-01 - An updated version of Red Hat Enterprise Linux Atomic Host is available as an OSTree.

tags | advisory
systems | linux, redhat
MD5 | 516c43c5d9b2c357e8da1713b99d117e
Red Hat Security Advisory 2016-0304-01
Posted Mar 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0304-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-0293, CVE-2015-3197, CVE-2016-0703, CVE-2016-0704, CVE-2016-0800
MD5 | 5070fe93898af747db9ee12243a2fb26
Red Hat Security Advisory 2016-0303-01
Posted Mar 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0303-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-0293, CVE-2015-3197, CVE-2016-0703, CVE-2016-0704, CVE-2016-0800
MD5 | cd9090d3d570d3faf68563b341e88263
Red Hat Security Advisory 2016-0302-01
Posted Mar 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0302-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-3197, CVE-2016-0797, CVE-2016-0800
MD5 | 56b560b581cb77d71c7aa815262dd5b9
Red Hat Security Advisory 2016-0301-01
Posted Mar 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0301-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-3197, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0800
MD5 | c5e03e7095e7922b8ab96f10ab5c7cde
WordPress CP Polls 1.0.8 Cross Site Request Forgery / Cross Site Scripting
Posted Mar 2, 2016
Authored by Joaquin Ramirez Martinez

WordPress CP Polls plugin version 1.0.8 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | a8c278ab09ed8b45b25ffdffbae3dc0e
Debian Security Advisory 3501-1
Posted Mar 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3501-1 - Stephane Chazelas discovered a bug in the environment handling in Perl. Perl provides a Perl-space hash variable, %ENV, in which environment variables can be looked up. If a variable appears twice in envp, only the last value would appear in %ENV, but getenv would return the first. Perl's taint security mechanism would be applied to the value in %ENV, but not to the other rest of the environment. This could result in an ambiguous environment causing environment variables to be propagated to subprocesses, despite the protections supposedly offered by taint checking.

tags | advisory, perl
systems | linux, debian
advisories | CVE-2016-2381
MD5 | ed3599b7967b413eac72bd0ef1844d48
Ubuntu Security Notice USN-2914-1
Posted Mar 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2914-1 - Yuval Yarom, Daniel Genkin, and Nadia Heninger discovered that OpenSSL was vulnerable to a side-channel attack on modular exponentiation. On certain CPUs, a local attacker could possibly use this issue to recover RSA keys. This flaw is known as CacheBleed. Adam Langley discovered that OpenSSL incorrectly handled memory when parsing DSA private keys. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799
MD5 | a6e8d23d1ba8b7f684856e8693de0261
Putty 0.66 DLL Hijacking
Posted Mar 2, 2016
Authored by Stefan Kanthak

Putty version 0.66 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 692cab11caddc43f284b30f19c017f42
Debian Security Advisory 3500-1
Posted Mar 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3500-1 - Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799
MD5 | f1b2d72ce831be1e0856a01cd6ecfdb1
WordPress CP Polls 1.0.8 File Upload / Cross Site Scripting
Posted Mar 2, 2016
Authored by Joaquin Ramirez Martinez

WordPress CP Polls plugin version 1.0.8 suffers from a persistent cross site scripting vulnerability via file upload.

tags | exploit, xss, file upload
MD5 | 35799603b69fe6d77b709b4eb08e9805
Vivint Sky Control Panel Unauthenticated Access
Posted Mar 2, 2016
Authored by Jeremy Scott

Vivint Sky Control Panel suffers from an unauthenticated access vulnerability.

tags | advisory
advisories | CVE-2014-8362
MD5 | becdb7e3ca89e9992af390d291e695be
WordPress CP Polls 1.0.8 Malicious File Download
Posted Mar 2, 2016
Authored by Joaquin Ramirez Martinez

WordPress CP Polls plugin version 1.0.8 suffers from a cross site request forgery vulnerability that can be leveraged to turn a file download into a malicious .bat file.

tags | advisory, csrf
MD5 | dbe083b893e422705f8ab69a8273cc3f
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    10 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close