Ubuntu Security Notice 2154-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20130906 package.
db0bb7598d0ce78b823879d8616fc042fa6c46ae17e6aa342b29fc69a0ba253aUbuntu Security Notice 2153-1 - Kees Cook discovered that initramfs-tools incorrectly mounted /run without the noexec option, contrary to expected behaviour.
0c0be50832191b5dd596c547394e1fef8f12e9e8ef6f54a4d8205d8eaaae8cdaRSA BSAFE MES 4.0.5 contains fix for a security vulnerability that could potentially be exploited by malicious users to deny access to the affected system.
dfe19b0d0c102e00ac21bfdce90d832a779c6e7fcfdf9adf1d7faa4dce766eeaDebian Linux Security Advisory 2883-1 - Several vulnerabilities have been discovered in the chromium web browser.
20d2cc124c759b4aeafe649d18d538e924cbb1dda3765de0b62d0d053aa72638php-font-lib version 0.3 suffers from a reflective cross site scripting vulnerability.
1a474dde8ce092bdffb789154f90356da33e4828fac208b7fd109580e7cc335dUbuntu Security Notice 2152-1 - Ning Zhang & Amin Tora discovered that the mod_dav module incorrectly handled whitespace characters in CDATA sections. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. Rainer M Canavan discovered that the mod_log_config module incorrectly handled certain cookies. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. Various other issues were also addressed.
70897e4a151774b44bf8ff4c6dde27469165bc65253008e06cba703d1f29a859Red Hat Security Advisory 2014-0323-01 - Red Hat JBoss Fuse 6.0.0 is an integration platform based on Apache ServiceMix. Red Hat JBoss A-MQ 6.0.0, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.0.0 and Red Hat JBoss A-MQ 6.0.0. It includes bug fixes, which are documented in the readme file included with the patch files.
4033631904ad3db4b86abd7def5c87820283de0a4d5d1c79aaedd5f2366bee35Red Hat Security Advisory 2014-0322-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmpd, the Net-SNMP daemon, handled subagent timeouts. A remote attacker able to trigger a subagent timeout could use this flaw to cause snmpd to loop infinitely or crash.
82b41a8b11f98433502f365e31a509572e514c0d50441c3f75ead69dbd1d31f9Red Hat Security Advisory 2014-0321-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A buffer overflow flaw was found in the way the decode_icmp_msg() function in the ICMP-MIB implementation processed Internet Control Message Protocol message statistics reported in the /proc/net/snmp file. A remote attacker could send a message for each ICMP message type, which could potentially cause the snmpd service to crash when processing the /proc/net/snmp file.
eed20b6823d411b76ec67ad4e096e4db4919dcef35c74801bb53e46ffbac5c15Debian Linux Security Advisory 2873-2 - It was discovered that the recent file update, DSA-2873-1, introduced a regression in the recognition of Perl scripts containing BEGIN code blocks.
139056d024e837938143454b0c60fea8616e2792361357360989db9949788139PHP Login Script version 2.0 suffers from a cross site scripting vulnerability.
6a12219997b095202cbd5aaa5f2d6ac30483abe8709a9d07c4bd74eca78aa35cKCFinder versions 2.51 through 2.53 suffers from a remote shell upload vulnerability.
ca0d1095ee9a88abe10850735a99afc8f80ac67e0259e5a9cce07bb9ba0e8bafBigDump version 0.35b suffers from a remote shell upload vulnerability.
f9f701ce6b05bbb8f7d2b195365909e13439c58f11865e01dded6e4c81696c59Windows Media Player version 11.0.5721.5230 memory corruption proof of concept exploit.
5dc8e0ebd404657746cdcfc7d783e3ef7ba754bf8126c1f3fae1c69ac25052c2jetVideo version 8.1.1 Basic local crash proof of concept denial of service exploit.
a248304c0afdce390b860cd251654d000c396faa7166423af81b7b7bc21e485cLight Audio Player version 1.0.14 memory corrupt proof of concept exploit.
0d21a7cb66715b9c8732cdd3b1fd335aee82aba26fa64acdc26d8e53f1eb513d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed