accept no compromises
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-01-15 to 2014-01-16

FreeBSD Security Advisory - ntpd Denial Of Service
Posted Jan 15, 2014
Site security.freebsd.org

FreeBSD Security Advisory - The ntpd(8) daemon supports a query 'monlist' which provides a history of recent NTP clients without any authentication. An attacker can send 'monlist' queries and use that as an amplification of a reflection attack.

tags | advisory
systems | freebsd
advisories | CVE-2013-5211
MD5 | be0d7bb36c9c32271fd39ae071238ffe
FreeBSD Security Advisory - OpenSSL Issues
Posted Jan 15, 2014
Site security.freebsd.org

FreeBSD Security Advisory - A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL pointer exception. A flaw in DTLS handling can cause an application using OpenSSL and DTLS to crash. A flaw in OpenSSL can cause an application using OpenSSL to crash when using TLS version 1.2.

tags | advisory
systems | freebsd
advisories | CVE-2013-6449, CVE-2013-4353, CVE-2013-6450
MD5 | 4ecd654abd0aaee44e4ef6858c4cc839
Debian Security Advisory 2844-1
Posted Jan 15, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2844-1 - It was discovered that djvulibre, the Open Source DjVu implementation project, can be crashed or possibly make it execute arbitrary code when processing a specially crafted djvu file.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2012-6535
MD5 | ae6301aec032f5365f94b811f4527c9e
Cisco Security Advisory 20140115-csacs
Posted Jan 15, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Secure Access Control System (ACS) is affected by privilege escalation, command injection, and unauthenticated user access vulnerabilities.

tags | advisory, vulnerability
systems | cisco
MD5 | 8e9290c8b81952b70ed882b0af1168ba
Red Hat Security Advisory 2014-0028-01
Posted Jan 15, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0028-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security bulletin APSB14-02, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.335.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0491, CVE-2014-0492
MD5 | 17341837280f9d8ee352bf42e106ed7b
Ubuntu Security Notice USN-2082-1
Posted Jan 15, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2082-1 - Jann Horn discovered that the CUPS lppasswd tool incorrectly read a user configuration file in certain configurations. A local attacker could use this to read sensitive information from certain files, bypassing access restrictions.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-6891
MD5 | 6271d256ce9a51a3b567eb57157c3831
FreeBSD Security Advisory - bsnmpd Denial Of Service
Posted Jan 15, 2014
Site security.freebsd.org

FreeBSD Security Advisory - The bsnmpd(8) daemon is prone to a stack-based buffer-overflow when it has received a specifically crafted GETBULK PDU request.

tags | advisory, overflow
systems | freebsd
advisories | CVE-2014-1452
MD5 | 7952c03a51d945c60f4f02ce261a6063
Red Hat Security Advisory 2014-0027-01
Posted Jan 15, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0027-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. An input validation flaw was discovered in the font layout engine in the 2D component. A specially crafted font file could trigger Java Virtual Machine memory corruption when processed. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the CORBA, JNDI, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2013-5878, CVE-2013-5884, CVE-2013-5893, CVE-2013-5896, CVE-2013-5907, CVE-2013-5910, CVE-2014-0368, CVE-2014-0373, CVE-2014-0376, CVE-2014-0411, CVE-2014-0416, CVE-2014-0422, CVE-2014-0423, CVE-2014-0428
MD5 | 580320dda81f9c9715b04a2affae5870
Red Hat Security Advisory 2014-0026-01
Posted Jan 15, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0026-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. An input validation flaw was discovered in the font layout engine in the 2D component. A specially crafted font file could trigger Java Virtual Machine memory corruption when processed. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the CORBA, JNDI, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2013-5878, CVE-2013-5884, CVE-2013-5893, CVE-2013-5896, CVE-2013-5907, CVE-2013-5910, CVE-2014-0368, CVE-2014-0373, CVE-2014-0376, CVE-2014-0411, CVE-2014-0416, CVE-2014-0422, CVE-2014-0423, CVE-2014-0428
MD5 | aa07c97c3f85397bef8f0022952ed5a8
Red Hat Security Advisory 2014-0029-01
Posted Jan 15, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0029-01 - Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan. This release of Red Hat JBoss Data Grid 6.2.0 serves as a replacement for Red Hat JBoss Data Grid 6.1.0. It includes various bug fixes and enhancements which are detailed in the Red Hat JBoss Data Grid 6.2.0 Release Notes.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6612, CVE-2013-1921, CVE-2013-2035, CVE-2013-3827, CVE-2013-4112, CVE-2013-6397, CVE-2013-6407, CVE-2013-6408
MD5 | afa08b7e4d2f26d826245d3a1b93e438
Spring XXE Injection Incomplete Fix
Posted Jan 15, 2014
Authored by Pivotal Security Team

The fix for the XXE injection vulnerability in Spring's framework was incomplete when addressing the issue outlined in CVE-2013-4152. Versions affected include Spring MVC 3.0.0 to 3.2.4 and Spring MVC 4.0.0.M1 to 4.0.0.RC1.

tags | advisory
advisories | CVE-2013-4152, CVE-2013-6429
MD5 | 4abbcfb4e619444ff74e9294573030a3
SmarterMail 11.x Cross Site Scripting
Posted Jan 15, 2014
Authored by Saeed reza Zamanian

SmarterMail Enterprise and Standard versions 11.x and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | bbd0ef2894d218f50b9d7d1927b33f40
XAMPP 3.2.1 Cross Site Scripting
Posted Jan 15, 2014
Authored by DevilScreaM

XAMPP version 3.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 837add17aa31566930850c6b0eef1a0b
Q-Pulse 0.6 Cross Site Scripting
Posted Jan 15, 2014
Authored by help AG Middle East

Q-Pulse version 0.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-1238
MD5 | fbc100ed35a47096b92d5392b2757ebc
Vacation Rental Script 3.0 CSRF / XSS / File Disclosure
Posted Jan 15, 2014
Authored by HackXBack

Vacation Rental Script version 3.0 suffers from file disclosure, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
MD5 | cb4ad797849e35e9d52fcfa2ad3860d1
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    22 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close