Debian Linux Security Advisory 3058-1 - Chad Vizino reported a vulnerability in torque, a PBS-derived batch processing queueing system. A non-root user could exploit the flaw in the tm_adopt() library call to kill any process, including root-owned ones on any node in a job.
794e6fcde2a5edb7fde588274221b91b4eb16325a3b27ba4ad68854d85168f41HP Security Bulletin HPSBST03157 - A potential security vulnerability has been identified with HP StoreEver ESL E-series Tape Library and HP Virtual Library System (VLS) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
e9d6c975aaed8023b6f21f043ef708d1380c041f1f05607e46608de48932d0f7HP Security Bulletin HPSBMU03152 - A potential security vulnerability has been identified with HP Operations Orchestration running SSL. This is the SSLv3 vulnerability known as "POODLE" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
135b8b5df7d75054cff6030c520d1e1794639c655c17d21c329830247e297a86FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
cbb31ada31368bb2fd73684ca29466e42dfa89e775a24cae02d3f97036a0720aDebian Linux Security Advisory 3057-1 - Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior.
c144597c40829cd3ce82d549359e55e677fe9190523e5cc891a3339d0a6adef2Debian Linux Security Advisory 3056-1 - Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures. An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference.
7a048cf39a7d9acfccb3492f25d8e0dd5367015cd8eb9a4bcf864c1326fff9a5Ubuntu Security Notice 2389-1 - It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service.
2443af81993075cbf3ab7d7d43577a7bb30ddeb8657a971fdfb89d5beb9932ceGoogle Youtube suffered from filter bypass and persistent cross site scripting vulnerabilities.
d770de406168763951c7b1e69b163ca364a37b4375bbbcfe787d71ddb976530cFolder Plus version 2.5.1 suffers from a persistent script insertion vulnerability.
0d9379de014d59042085eb77716f79a35a01f81b490dc13cb07661d80dbf7b3eApple iOS version 8.0.2 suffers from a contact handling denial of service vulnerability.
a1a84f101f4184e559d71e0e1a38073ae08ce39f378f361a1febf0391522fef5iFileExplorer version 6.51 suffers from a local file inclusion vulnerability.
6a7264570706b9ef983a5bb3527fcbfd5eecaf9de9496bbac0bdc7e315ac69c7WebDisk+ version 2.1 suffers from a code execution vulnerability.
71f07cccbc9a64190d3c2e88330ea419e97de320b8090e569ac6b19094991712Zalewski has noted that binaries which have dependencies on libbfd may be leveraged for attacks due to libbfd having a large range of possibly exploitable out-of-bounds crashes.
482143b943dd09a0acc6d1703848e32a2c8bccd80bde134ced14a899fc368d68Tapatalk for vBulletin version 4.x suffers from multiple remote blind SQL injection vulnerabilities.
d36d583dbde6514335981c515060f0a23012897a4fad3c25d65225595aa63eafFilemaker Pro version 13.0v3 and Filemaker Pro Advanced version 12.0v4 suffers from login bypass and privilege escalation vulnerabilities.
8cef33d37feb867e637fd3a166cdd0fd88b209b252278408006320a2afaa8cbe
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed