exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 39 of 39 RSS Feed

Files Date: 2015-08-18 to 2015-08-19

Debian Security Advisory 3325-2
Posted Aug 18, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3325-2 - The security update from DSA-3325-1 caused a regression for the oldstable distribution (wheezy). In some configurations, apache2 would fail to start with a spurious error message about the certificate chain. This update fixes this problem.

tags | advisory
systems | linux, debian
advisories | CVE-2015-3183, CVE-2015-3185
SHA-256 | fd4d8ea6fb703a779ebd203d0b03250043668ae38cf071ff46e94eebb23692e2
Ubuntu Security Notice USN-2719-1
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2719-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3212
SHA-256 | 76c28116bbdcbd54ba0a647a437d7adcf059560beea7da39f655547b545fe635
Red Hat Security Advisory 2015-1639-01
Posted Aug 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1639-01 - OpenStack Image Service provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. A flaw was found in the OpenStack Image Service import task action. When processing a malicious qcow2 header, glance could be tricked into reading an arbitrary file from the glance host. Only setups using the glance V2 API are affected by this flaw.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2015-5163
SHA-256 | d026dfb8e0c6a24ed1480809b2c8412f1cd4ea4019d36f5dec65624cee87ba49
Ubuntu Security Notice USN-2717-1
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2717-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3212
SHA-256 | 8d89ec079302bf6432681d4eefcfaba157b9b1ed7fae54681fc70c63905f3606
Ubuntu Security Notice USN-2718-1
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2718-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3212
SHA-256 | 9246c46fbea047b8f474b74085a423e569edfe56ee7e7eb9d09f5c99c181b93d
Ubuntu Security Notice USN-2716-1
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2716-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3212
SHA-256 | 3d52f120702bc2878f07f1146b86322de5ad5f3fd6f2152bd2a39875cf93ef24
OpenText Secure MFT 2014 R2 SP4 Cross Site Scripting
Posted Aug 18, 2015
Authored by Dr. Adrian Vollmer, Alexander Strassheim | Site syss.de

OpenText Secure MFT version 2014 R2 SP4 and some prior versions suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0ca2f8ce2ac1e8fd0292e44455cd17e0bc3afed80f5f026aa383e3aa9639351c
Trend Micro Deep Discovery 3.7.1096 Authentication Bypass
Posted Aug 18, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Deep Discovery Threat Appliance version 3.7.1096 Certain Deep Discovery Inspector URLs including the system log and whitelist/blacklist are accessible to a non-administrator user because the pages do not properly check for authorization. An unauthenticated user without administrator privileges may thus gain access to and modify certain system configuration settings.

tags | exploit
advisories | CVE-2015-2873
SHA-256 | 2f3b650b488ea428a91118a4744eb72ff92980a194e44fe5a2d45641ddf7748d
EMC Secure Remote Services Virtual Edition Insecure Certificate Check
Posted Aug 18, 2015
Authored by Securify B.V., Han Sahin

It was discovered that the server certificate validation checks performed by EMC Secure Remote Services Virtual Edition are insecure. Weak certificate validation allows attackers to perform a man in the middle attack against ESRS connections. This allows for eavesdropping on, and spoofing of provisioned devices in ESRS VE (including but not limited to home calls to the ESRS portal esrs.emc.com). Versions 3.02, 3.03, and 3.04 are affected.

tags | advisory, remote, spoof
advisories | CVE-2015-0543
SHA-256 | 895ec0911f275467cdc882bab4fd519470eb66160a1c9ff1d02204173cd0bc37
SAP NetWeaver AS Java XXE Injection
Posted Aug 18, 2015
Authored by Vahagn Vardanyan

SAP NetWeaver AS Java version 7.4 suffers from an XXE injection vulnerability. Related CVE Number: CVE-2015-4091.

tags | advisory, java, xxe
SHA-256 | 6cfc59352a8bee96dd51e5b8172b86529f4d78b89fc4d04fbb33af78e0cd1d52
EMC Documentum WebTop Cross Site Request Forgery
Posted Aug 18, 2015
Site emc.com

EMC Documentum WebTop and WebTop-based clients are affected by a cross site request forgery vulnerability. An attacker can potentially exploit this vulnerability by tricking authenticated users of the application to click on links embedded within an email, web page, or another source, and perform Docbase operations with that user's privileges.

tags | advisory, web, csrf
advisories | CVE-2015-4530
SHA-256 | ad1a83f8c864d27f64af80a01849f2edf8a6a00ce286cec429b553b3059f4c4f
UNIT4TETA TETA WEB 22.62.3.4 Authorization Bypass
Posted Aug 18, 2015
Authored by Lukasz Miedzinski

UNIT4TETA TETA WEB version 22.62.3.4 suffers from an authorization bypass vulnerability.

tags | advisory, web, bypass
advisories | CVE-2015-1173
SHA-256 | fdd28477bf2f54627c01a32c396aeec05fd01c67d3b979bdbca2491f59e2b4f0
Cumulus Linux 2.5.3 Privilege Escalation
Posted Aug 18, 2015
Authored by Gregory Pickett | Site hellfiresecurity.com

Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, is vulnerable to local privilege escalation via command injection. Cumulus Linux's clcmd_server, when receiving commands that end in user supplied labels, will execute any other command appended to the end of it whether it is in the Rosetta or not. And it will do so using its own running credentials which are root. Versions 2.5.3 and earlier are affected.

tags | exploit, local, root
systems | linux
advisories | CVE-2015-5699
SHA-256 | a1fb04f6cf34bae2b04ccf1d59b164a1842267b7fa3db86f1b9bd93597c10072
Pligg CMS 2.0.2 Open Redirect
Posted Aug 18, 2015
Authored by Arash Khazaei

Pligg CMS version 2.0.2 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 8de2916fb64edab5627798231d00a3bccfd6941441919181802ea8d1d12632d0
Page 2 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close