ignore security and it'll go away
Showing 1 - 25 of 26 RSS Feed

Files Date: 2012-12-05 to 2012-12-06

Ubuntu Security Notice USN-1655-1
Posted Dec 5, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1655-1 - It was discovered that LibTIFF incorrectly handled certain malformed images using the DOTRANGE tag. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-5581
MD5 | f05b7dc35db4e2556717f1c8494e8789
Ubuntu Security Notice USN-1656-1
Posted Dec 5, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1656-1 - It was discovered that libxml2 had a heap-based buffer underflow when parsing entities. If a user or automated system were tricked into processing a specially crafted XML document, applications linked against libxml2 could be made to crash or possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-5134
MD5 | efe55fb8db2ebb47d1d137bc5c1d398d
Ubuntu Security Notice USN-1654-1
Posted Dec 5, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1654-1 - It was discovered that users in the lpadmin group could modify certain CUPS configuration options to escalate privileges. An attacker could use this to potentially gain root privileges.

tags | advisory, root
systems | linux, ubuntu
advisories | CVE-2012-5519
MD5 | ad2a716f4e370a692ccf206309552b03
Red Hat Security Advisory 2012-1547-01
Posted Dec 5, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1547-01 - On December 1st, 2012, per the life-cycle support policy, the following versions of Satellite and Proxy products, released on Red Hat Enterprise Linux 4, exited Production Phase 2 marking the end of their support by Red Hat.

tags | advisory
systems | linux, redhat
MD5 | 7b4a31fc2659c682499b55c0074fd954
Red Hat Security Advisory 2012-1546-01
Posted Dec 5, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1546-01 - On December 1st, 2012, per the life-cycle support policy, the following versions of Satellite and Proxy products, released on Red Hat Enterprise Linux 4, exited Production Phase 2 marking the end of their support by Red Hat.

tags | advisory
systems | linux, redhat
MD5 | 0d56e91d8fc4450621953381e3aa784d
FOOT Gestion CMS SQL Injection
Posted Dec 5, 2012
Authored by Emmanuel Farcy

FOOT Gestion CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c04d93814f479f921a7f5671334c4075
Buffalo Linkstation Privilege Escalation
Posted Dec 5, 2012
Authored by Hurgel Bumpf

Buffalo Linkstation (and various other Buffalo products) suffer from a privilege escalation vulnerability where a permanent guest account can be used to change the administrative password.

tags | exploit
MD5 | 64315014e43cda627c0eb6054ade938c
Kordil EDMS 2.2.60rc3 SQL Injection
Posted Dec 5, 2012
Authored by Woody Hughes

Kordil EDMS version 2.2.60rc3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4fef6ad839bbdd15c272e54909b3e451
Secunia Security Advisory 51484
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 769628c59506f2a46e1d60aa29264296
Secunia Security Advisory 51494
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities with unknown impacts have been reported in cPanel.

tags | advisory, vulnerability
MD5 | 06b7c781b16ea5ad4d8b1e3afbf60967
Secunia Security Advisory 51486
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Citrix has acknowledged multiple vulnerabilities in XenServer, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
MD5 | 4cd38bbf738ec0fa1bbd0076a1d5c304
Secunia Security Advisory 51472
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Red Hat CloudForms, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and perform certain actions with escalated privileges, by malicious users to disclose and manipulate certain data and cause a DoS (Denial of Service), and by malicious people to conduct cross-site scripting and SQL injection attacks, bypass certain security restrictions, manipulate certain data, cause a DoS, and compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability, xss, sql injection
systems | linux, redhat
MD5 | e5735cddb5a8a7facc9f21657481430d
Secunia Security Advisory 51425
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 02ba5e1ebb1cbe2b7c2b1130f04305b1
Secunia Security Advisory 51475
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has acknowledged a vulnerability in Red Hat Network Proxy and Red Hat Network Satellite Server, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, redhat
MD5 | 61e1be5be8b1292091b979b2def3a0bf
Secunia Security Advisory 51489
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Mesa, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 0691e2e82f72002ce1096e148abd698a
Secunia Security Advisory 51495
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for xen. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, suse
MD5 | 63b26cdc6cbddffdcd07bf4f551ad2d1
Secunia Security Advisory 51462
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Kaveh Ghaemmaghami has discovered a vulnerability in Opera, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
MD5 | aeea21be6de38d9a0e4cf08ccd3b0342
Secunia Security Advisory 51473
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
MD5 | 882f1c0bc223402024afb44115c0ac82
Secunia Security Advisory 51470
Posted Dec 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-ec2. This fixes a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, ubuntu
MD5 | a543262ee58142fe5a0fb52b2324411b
OpenDNSSEC 1.3.12
Posted Dec 5, 2012
Site opendnssec.org

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Changes: Multiple compilation issues addressed.
tags | tool
systems | unix
MD5 | 2fecd03a4d710d8e8c80fb1c0cb766ec
Ektron 8.02 XSLT Transform Remote Code Execution
Posted Dec 5, 2012
Authored by unknown, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability in Ektron CMS 8.02 (before SP5). The vulnerability exists due to the insecure usage of XslCompiledTransform, using a XSLT controlled by the user. The module has been tested successfully on Ektron CMS 8.02 over Windows 2003 SP2, which allows to execute arbitrary code with NETWORK SERVICE privileges.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2012-5357
MD5 | cfc9df9eacf0965d427078f202cfc0ac
Tectia SSH USERAUTH Change Request Password Reset
Posted Dec 5, 2012
Authored by Kingcope, sinn3r, bperry | Site metasploit.com

This Metasploit module exploits a vulnerability in Tectia SSH server for Unix-based platforms. The bug is caused by a SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ request before password authentication, allowing any remote user to bypass the login routine, and then gain access as root.

tags | exploit, remote, root
systems | unix
MD5 | 99b842280fc8ec78e6d006aec1abdf3a
ipset 6.16.1
Posted Dec 5, 2012
Authored by Jan Engelhardt | Site ipset.netfilter.org

ipset allows administration of sets of IP addresses/networks, ports, MAC addresses, and interfaces, which are stored in hash or bitmap data structures. These can then be used in conjunction with iptables to do fast presence lookups.

Changes: In this release, using protocol numbers is supported alongside their names. The number of maximum ipsets is now automatically increased as needed.
tags | tool
systems | unix
MD5 | 9fd70c825f052db7dc9d5ba0562b7083
Apache Tomcat CSRF Prevention Filter Bypass
Posted Dec 5, 2012
Authored by Mark Thomas | Site tomcat.apache.org

The CSRF prevention filter could be bypassed if a request was made to a protected resource without a session identifier present in the request. Tomcat versions 6.0.0 through 6.0.35 and 7.0.0 through 7.0.31 are affected.

tags | advisory
advisories | CVE-2012-4431
MD5 | 3b2c8c5c11b7071f89c169019d6bfe2f
Apache Tomcat Security Bypass
Posted Dec 5, 2012
Authored by Mark Thomas | Site tomcat.apache.org

When using FORM authentication it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of the URL if some other component (such as the Single-Sign-On valve) had called request.setUserPrincipal() before the call to FormAuthenticator#authenticate(). Tomcat versions 6.0.0 through 6.0.35 and 7.0.0 through 7.0.27 are affected.

tags | advisory
advisories | CVE-2012-3546
MD5 | 391be553d41461957cb228f658233e45
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close