Debian Linux Security Advisory 3031-1 - The Google Security Team discovered a buffer overflow vulnerability in the HTTP transport code in apt-get. An attacker able to man-in-the-middle a HTTP request to an apt repository can trigger the buffer overflow, leading to a crash of the 'http' apt method binary, or potentially to arbitrary code execution.
1868df8a88a13239945f034440fe682b0e121f18704c5b892e1bc8e05326064eRed Hat Security Advisory 2014-1292-01 - HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A buffer overflow flaw was discovered in the way HAProxy handled, under very specific conditions, data uploaded from a client. A remote attacker could possibly use this flaw to crash HAProxy. All haproxy users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
ea9afa70ec341e7cbc76477bb85a10d68d3e96ac7cd0d0fd2f67a7cf2af9b196Ubuntu Security Notice 2359-1 - Jack Morgenstein reported a flaw in the page handling of the KVM (Kernel Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. Jason Gunthorpe reported a flaw with SCTP authentication in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (NULL pointer dereference and OOPS). Various other issues were also addressed.
cf16b83f0cf1bc592f97d89975e48b9fc09cdb89e7cbea49009a9915a86c8c9bUbuntu Security Notice 2358-1 - Jack Morgenstein reported a flaw in the page handling of the KVM (Kernel Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. Jason Gunthorpe reported a flaw with SCTP authentication in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (NULL pointer dereference and OOPS). Various other issues were also addressed.
0d19c0cfd635887d874af2d1b5bf9dfce4d6a57b5a3961bb65c05caa2a2a30c8Ubuntu Security Notice 2355-1 - Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service (system crash or reboot). Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image, with a self-referential CL entry, either via a CD/DVD drive or a loopback mount could cause a denial of service (unkillable mount process). Various other issues were also addressed.
6bb051a04b06b8f356fa6ace8abe900b0e5f36a2d10b0d99e687194d614f39f8Ubuntu Security Notice 2357-1 - Jack Morgenstein reported a flaw in the page handling of the KVM (Kernel Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service (system crash or reboot). Various other issues were also addressed.
0ebb86614e3898d4a547dc9127eb1ace7ab6fa1c8b81e79dc053df7fce2da65eUbuntu Security Notice 2354-1 - Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service (system crash or reboot). Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image, with a self-referential CL entry, either via a CD/DVD drive or a loopback mount could cause a denial of service (unkillable mount process). Various other issues were also addressed.
cc00d48b3eea531226e9d223ac3a99209cf8c6e5080f17972bfb51e37ce4567eUbuntu Security Notice 2356-1 - Jack Morgenstein reported a flaw in the page handling of the KVM (Kerenl Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service (system crash or reboot). Various other issues were also addressed.
ce2fd3f7419d213c47c8c6b1fbeea798fbd8c810f8df48d686af866f5ffb68dbRed Hat Security Advisory 2014-1288-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was discovered that the implementation of org.hibernate.validator.util.ReflectionHelper together with the permissions required to run Hibernate Validator under the Java Security Manager could allow a malicious application deployed in the same application container to execute several actions with escalated privileges, which might otherwise not be possible. This flaw could be used to perform various attacks, including but not restricted to, arbitrary code execution in systems that are otherwise secured by the Java Security Manager.
c991ced44fef7bb991203a4ead263b61c8c1f6f53e189e60feca71610ed39418Ubuntu Security Notice 2353-1 - It was discovered that APT incorrectly handled certain http URLs. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to cause APT to crash, resulting in a denial of service, or possibly execute arbitrary code. In addition, this update fixes regressions introduced by the USN-2348-1 security update: APT incorrectly handled file:/// sources on a different partition, incorrectly handled Dir::state::lists set to a relative path, and incorrectly handled cdrom: sources. Various other issues were also addressed.
f18a6d99273ccea43f4ff13505d8b7b64673270f54fc2a22c95b75f5502949bcThis bulletin summary notes that MS14-055 has undergone a major revision increment as of September 23, 2014.
7e49f4a65656a8c1d41f3f15917fef8811b7317a8253711433dd361375197b18Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.
35ec31f9fe981aaa727b144ab3ff2eb655997d8ccabaf66586458f5dfc3a56ebI2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
ca314bec4e683919f75c4734e9c4190f9ac070ccc76e40b7d104404ade5b736bSuricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
677d97a829d9e05f664c82eb0372e870d5f6e9501ccee20130dfde4014bd5084Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
fdaaabd9e2d159af7677b8012a1ac6e0230e357918707732d7ca9d8b1156c135Secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.
580cca2d7b753cf793cd2a4d151a3efc7058eb942efc4db688b1427fd6e53cc7ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.
cdac5e50743056a686c528abf56c57bd2b390812de611eef34e90b44230c35bfX2Engine versions 4.1.7 and below suffer from an unrestricted file upload vulnerability due to poor use of a blacklist.
f7f0d377cb996b5e9e79057b4c8a18347d9ead55c06712219f6e0ee4196c0f23X2Engine versions 2.8 through 4.1.7 suffer from a PHP object injection vulnerability.
ce312d6d96cd4f148fb2b5cecb97b68cf00a123ef5c0ba90f41a768e2c83ad31Get Simple CMS version 3.3.3 suffers from cross site request forgery, clickjacking, and various cross site scripting vulnerabilities.
7faa651d8fdd22b54845204b42b632cb90d115af238c947e3a71f13b591e3ba9Modern virtualized service infrastructures expose attack vectors that enable attacks of high severity, such as attacks targeting hypervisors. A malicious user of a guest VM (virtual machine) may execute an attack against the underlying hypervisor via hypercalls, which are software traps from a kernel of a fully or partially paravirtualized guest VM to the hypervisor. The exploitation of a vulnerability of a hypercall handler may have severe consequences such as altering hypervisor's memory, which may result in the execution of malicious code with hypervisor privilege. Despite the importance of vulnerabilities of hypercall handlers, there is not much publicly available information on them. This significantly hinders advances towards securing hypercall interfaces. In this work, the researchers provide in-depth technical information on publicly disclosed vulnerabilities of hypercall handlers. Our vulnerability analysis is based on reverse engineering the released patches fixing the considered vulnerabilities. For each analyzed vulnerability, they provide background information essential for understanding the vulnerability, and information on the vulnerable hypercall handler and the error causing the vulnerability. The researchers also show how the vulnerability can be triggered and discuss the state of the targeted hypervisor after the vulnerability has been triggered.
7d90e4303005df5faec215e49bc919db7d1f13c6388d0b7871bb45c646e2e92axcode-select on Darwin kernel version 13.4.0 suffers from a buffer overflow vulnerability.
2cfb55fd81aab106c5b8d98a5ff07944ed05f81d33482b0074aa0884859772adDebian Linux Security Advisory 3030-1 - Multiple SQL injection vulnerabilities have been discovered in the Mantis bug tracking system.
7ec113a935c89ad9a311490ba16351ced2516ceca32df1676255c000535a79faDebian Linux Security Advisory 3029-1 - Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was possible to reuse cached SSL sessions in unrelated contexts, allowing virtual host confusion attacks in some configurations by an attacker in a privileged network position.
686cb84de4ba244efd0ea0a859ce45d3415fd2e9a99661b6e0d82901f605adddRed Hat Security Advisory 2014-1268-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. Two integer overflow flaws were found in the QEMU block driver for QCOW version 1 disk images. A user able to supply a malicious image file to QEMU or to helper tools used in image conversion by services such as glance and nova could potentially use these flaws to cause memory corruption, resulting in a crash or possibly arbitrary code execution.
fa9a090f061e49ebd6c9d9180ffd2781fd7e6e5ab6c7769ae73a3ad939cdc81f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed