FreeBSD Security Advisory - Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. A remote attacker can deliberately trigger the failed assertion which will cause an affected server to terminate, by using a query that requires a response from a zone containing a malformed key, resulting in a denial of service condition. Recursive servers are at greatest risk, however, an authoritative server could also be affected, if an attacker controls a zone that the server must query against to perform its zone service.
19a32d5376ff03333088cddc32b4e99e806201efa92da2f753a45e3f50b0db3c
This bulletin summary lists one bulletin that has undergone a major revision increment for September, 2015.
0b4f5c3e106f8ebc0109153ab6315d29398976075b13fc7e2d503bfd4949ad4e
34 bytes small NULL byte free OS X x64 /bin/sh shellcode.
62604cfda35d5ea48e784d6b5bfb83d4ce2aa61f09505d7ee7a39833737dc0ef
EMC Atmos is affected by an XML eXternal Entity (XXE) injection vulnerability due to the configuration of the XML parser shipped with the product. An XXE injection attack may occur when XML input containing a reference to an external entity is processed by an affected XML parser. XXE injection might allow attackers to gain unauthorized access to files containing sensitive information or might be used to cause denial of service.
79c60afb2e7da3e86b0c5b23c6697b2aca1590bf50e05cab1ddeb39c9963b319
Cerb version 7.0.3 suffers from a cross site request forgery vulnerability.
c699a5692fdd4ddc1593268207023f7b4e79ce962b2ef31354be29390c9ad1a6
Slackware Security Advisory - New gdk-pixbuf2 packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue.
f4fdff970299f2475ebb18fa930a064a597b1bea319c54560c6f85bea1880641
The Vulnerability Laboratory Core Research Team discovered a restriction filter bypass in the official PayPal Inc Mobile API for Apple iOS.
aebf28b1409e41a13475d9756d4f6dcf370b04518d3a09a7f95d6ed6787c1200
It was discovered that the HipChat For JIRA plugin had a resource that combined user input into a velocity template source and subsequently rendered it. Authenticated attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of the HipChat For JIRA plugin enabled. To exploit this issue attackers need to be able to access the JIRA web interface and log into JIRA. All versions of JIRA from 6.3.5 before 6.4.11 are affected by this vulnerability. All versions of HipChat For JIRA plugin from 1.3.2 before 6.30.0 are affected by this vulnerability.
83c334c08327df0dc9754cc92b35813430f7bacb3e42061816848445100e76f0
Edimax BR6228nS and BR6228nC suffer from cross site request forgery, HTTP response splitting, and cross site scripting vulnerabilities.
a2b8cd31154b3c6a39734848ac06f8ed4c68b1c6f456a7450692337343f1227c
Thomson Wireless VoIP cable modem TWG850-4B ST9C.05.08 suffers from an arbitrary file access vulnerability.
cc7ead9f9d43a9b976d526ce0f466b6130a963ec4e21cdf19a548e9339601218
A vulnerability within the xrvkp module allows an attacker to inject memory they control into an arbitrary location they define. This vulnerability can be used to overwrite function pointers in HalDispatchTable resulting in an elevation of privilege.
77a97ac2af8e5d412b8fd4eb9a999feef3db9cd52adba3ce10f5fa61cc3aa2ae
Vulnerabilities within the srvkp module allows an attacker to inject memory they control into an arbitrary location they define or cause memory corruption. IOCTL request codes 0x96002400 and 0x96002404 have been demonstrated to trigger these vulnerabilities. These vulnerabilities can be used to obtain control of code flow in a privileged process and ultimately be used to escalate the privilege of an attacker. Version affected is 6.14.10.3930.
a2a0c9af7028c25243f0a56d26ca9915265d443f37f6c6fd0844ddb64354f2ce
Core Security Technologies Advisory - FortiClient drivers are prone to multiple attacks and expose a wide surface that allows users to easily get SYSTEM privileges.
eb3989d1b9f1a9ea82e128163f3dd7af6b06b7a269e82b874287736be1633b3f
HP Security Bulletin HPSBMU03339 1 - A potential security vulnerability has been identified with HP LoadRunner Controller. The vulnerability could be exploited locally to allow execution of arbitrary code. Revision 1 of this advisory.
7a713cd4bffa57a1204b1f948279e5148ffa6c7ae6bc4545b95855e98fb5deb7
Red Hat Security Advisory 2015-1700-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. A command injection flaw was found in the pcsd web UI. An attacker able to trick a victim that was logged in to the pcsd web UI into visiting a specially crafted URL could use this flaw to execute arbitrary code with root privileges on the server hosting the web UI. A race condition was found in the way the pcsd web UI backend performed authorization of user requests. An attacker could use this flaw to send a request that would be evaluated as originating from a different user, potentially allowing the attacker to perform actions with permissions of a more privileged user.
caa0579af87245b036a5b5b06d31782c44383e9a1a5c8713f7fbdcc5478fd98b
Ubuntu Security Notice 2727-1 - It was discovered that GnuTLS incorrectly handled parsing CRL distribution points. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. Kurt Roeckx discovered that GnuTLS incorrectly handled a long DistinguishedName (DN) entry in a certificate. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
192c813a19adfd132097ba2c222523fcc3d5791f010f4fa6e8fb9645cbe46c10
Red Hat Security Advisory 2015-1699-01 - Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks.
d3c9cb091d58aa8f9dc6414b7b0a1a9624b6707856e727dc031344882458705f
SphereFTP server version 2.0 crash proof of concept exploit.
b24fcee98e74af8d4f9fdf83eb713b5f57f245e38942e3e8b0676d7dbf215824
Mainframe/System Z bindshell shellcode.
74793b6e155ad22b8943ca1e8e8e722c1bc7a82470c6182190b0a0cadfd1635d
The rdtsc (Read Time-Stamp Counter) instruction is used to determine how many CPU ticks took place since the processor was reset. It is commonly used as a timing defense (anti-debugging technique). This is assembler that demonstrates this functionality.
9bfdca451768b6da9c782a6982027fffa643051d6ce5acb5bcfddea28faba675