Debian Linux Security Advisory 3224-1 - Abhishek Arya discovered a buffer overflow in the MakeBigReq macro provided by libx11, which could result in denial of service or the execution of arbitrary code.
a5f77bfaa7d210ea68a4ad432597fc68d849d4c2d8662c2737c1c9a193bf60c3Ubuntu Security Notice 2569-1 - Apport incorrectly handled the crash reporting feature. A local attacker could use this issue to gain elevated privileges.
a92ad51b41492b7b06ec3def2af7b30dc49d053a5a7bcaedf82144c25bf84ab1Red Hat Security Advisory 2015-0803-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file could possibly use this flaw to escalate their privileges on the system.
2597df80a3aee352865bb8ca568338d9f7a11fa2f588d762a3f3d44f5341a025HP Security Bulletin HPSBOV03318 1 - Potential security vulnerabilities have been identified with HP SSL for OpenVMS. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.
129dd7a40e7e6c343394d324cf7519d1f2287cbcc20843ce0d55ddf846cc9eb7HP Security Bulletin HPSBHF03310 2 - Potential security vulnerabilities have been identified with certain HP Thin Clients running Windows Embedded Standard 7 (WES7) and Windows Embedded Standard 2009 (WES09) and all versions of HP Easy Deploy. The vulnerabilities could be exploited remotely to allow elevation of privilege and execution of code. Note: HP Easy Deploy was bundled in versions of HP Easy Tools prior to version 3.0.1.1650. Revision 2 of this advisory.
00d7441cf126b9f0446028ccd6537e324a41c9e2909aed58bc8db1e5c7b0ece2Ubuntu Security Notice 2568-1 - Abhishek Arya discovered that libX11 incorrectly handled memory in the MakeBigReq macro. A remote attacker could use this issue to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code. In addition, following the macro fix in libx11, a number of other packages have also been rebuilt as security updates including libxrender, libxext, libxi, libxfixes, libxrandr, libsdl1.2, libxv, libxp, and xserver-xorg-video-vmware. Various other issues were also addressed.
792c5ed587fee17a21e0ef4c357f91cc1dbdae4e0ba109cc622280458027c024Ubuntu Security Notice 2567-1 - Miroslav Lichvar discovered that NTP incorrectly validated MAC fields. A remote attacker could possibly use this issue to bypass authentication and spoof packets. Miroslav Lichvar discovered that NTP incorrectly handled certain invalid packets. A remote attacker could possibly use this issue to cause a denial of service. Juergen Perlinger discovered that NTP incorrectly generated MD5 keys on big-endian platforms. This issue could either cause ntp-keygen to hang, or could result in non-random keys. Various other issues were also addressed.
f4e7d2a64ad1b2d05baae4ecb770247d5d52d97054abde8fe8a011025ffbd6f9Ruxcon 2015 Call For Papers - Ruxcon is the premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations. This year the conference will take place over the weekend of the 24th and 25th of October at the CQ Function Centre, Melbourne, Australia.
a676d8b05a3036e8fccbea4e229d65d193e4eda232e50c32e895a58a3920e2d9SQLite has had 22 security bugs reported including stack buffer overflow and uninitialized memory vulnerabilities. Version 3.8.9 addresses these issues.
dfcb47d73272992e7252b26d33b182b0375b26d2dbe341b5d13c61cb13af7742WordPress Video Gallery plugin version 2.8 suffers from a remote SQL injection vulnerability.
2a03380193003bbe9235920994e16af47220139c1f116419515e226aad7aa622Jaws version 1.1.1 suffers from a cross site request forgery vulnerability.
e093ed379e0e16ef507961ff061e3d79edcba81e51a8b614e6a85e974c81eadaWordPress N-Media Website Contact Form with File Upload plugin version 1.3.4 suffers from a remote shell upload vulnerability.
d41218aa3071ffb2db81fe0f6d6cbe3647a9998ddb374231757e89456688781aThis is a python script that performs brute forcing against WordPress installs using a wordlist.
2d97133aba0d51470e503dd301f411312b3310db7a1d1bc94a2801174b8229caWeebly.com suffered from a direct object reference vulnerability.
c645b7f0837b58c733e25cc1871d200deb14eee56e6e2c785a55e1859b568576
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed