exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2015-09-03 to 2015-09-04

Ubuntu Security Notice USN-2728-1
Posted Sep 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2728-1 - Hanno Boeck discovered that Bind incorrectly handled certain malformed keys when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-5722
SHA-256 | 9e9bbd0c17fcb514ece8705a5dfed06161b5de9b92526a55ba59e532db466ae1
Debian Security Advisory 3348-1
Posted Sep 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3348-1 - Several vulnerabilities were discovered in qemu, a fast processor emulator.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-3214, CVE-2015-5154, CVE-2015-5165, CVE-2015-5225, CVE-2015-5745
SHA-256 | d4caecd611d7206d6b576bd6b6ffb531a65be402acb6ce80027292d74d548c49
Debian Security Advisory 3349-1
Posted Sep 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3349-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-5165, CVE-2015-5745
SHA-256 | a395f8c3820b53a91478fcb7cfc0e4a17fdccee3d8adedad3ab0c731eea869aa
Cisco Security Advisory 20150902-cimcs
Posted Sep 3, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director contain a remote file overwrite vulnerability that could allow an unauthenticated, remote attacker to overwrite arbitrary system files, resulting in system instability or a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote, denial of service, arbitrary
systems | cisco
SHA-256 | 2c5fa2f319df0e8038c3c808cf4c1fd51307ba39049a7b64a242c1c3f5166208
Red Hat Security Advisory 2015-1713-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1713-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2014-8137, CVE-2014-8138, CVE-2015-1841, CVE-2015-3247
SHA-256 | 49ffce759a42d047289bf21d9fd788ae2b62ae17d37d4840d504985163ddb7ab
Red Hat Security Advisory 2015-1714-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1714-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. A race condition flaw, leading to a heap-based memory corruption, was found in spice's worker_update_monitors_config() function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the privileges of the host QEMU-KVM process.

tags | advisory, remote, arbitrary, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2015-3247
SHA-256 | 67ebee277f3cd76edbe898b78436f68f47fec2dd708a890b3ac0866c3ac388a8
Red Hat Security Advisory 2015-1715-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1715-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. A race condition flaw, leading to a heap-based memory corruption, was found in spice's worker_update_monitors_config() function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the privileges of the host QEMU-KVM process.

tags | advisory, remote, arbitrary, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2015-3247
SHA-256 | c4547ebbe58f54a0a80e200003e1cbaa72cff169bf784f916595c052c72bac9d
Ubuntu Security Notice USN-2729-1
Posted Sep 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2729-1 - Florian Weimer discovered that libvdpau incorrectly handled certain environment variables. A local attacker could possibly use this issue to gain privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2015-5198, CVE-2015-5199, CVE-2015-5200
SHA-256 | f9bb1d4710e93939b4c98a47c6a7b4e286980b12fd75b827893ce3701b6495cc
Ubuntu Security Notice USN-2730-1
Posted Sep 3, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2730-1 - Georgi Geshev discovered that OpenSLP incorrectly handled processing certain service requests. A remote attacker could possibly use this issue to cause OpenSLP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Qinghao Tang discovered that OpenSLP incorrectly handled processing certain messages. A remote attacker could possibly use this issue to cause OpenSLP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-4428, CVE-2015-5177
SHA-256 | c828c7a0101c438f4133e60c1b2ebbf201bf3c3c316e8350e3739ea2b9f7a33c
Red Hat Security Advisory 2015-1712-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1712-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. All Chromium users should upgrade to these updated packages, which contain Chromium version 45.0.2454.85, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-1291, CVE-2015-1292, CVE-2015-1293, CVE-2015-1294, CVE-2015-1295, CVE-2015-1296, CVE-2015-1297, CVE-2015-1298, CVE-2015-1299, CVE-2015-1300, CVE-2015-1301
SHA-256 | c3b6fa97ecf534ca6a487b174db66835be6d6de7b85ceaa2b38e3ee2924630de
Red Hat Security Advisory 2015-1704-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1704-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems—such as multiple databases, XML files, and even Hadoop systems—appear as a set of tables in a local database. This roll up patch serves as a cumulative upgrade for Red Hat JBoss Data Virtualization 6.1.0. It includes various bug fixes, which are listed in the README file included with the patch files.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2015-1818
SHA-256 | 53f1c421b8c99655529546bc290c8b85fdd359c1e40f2e93223dfd184b20d2ec
Red Hat Security Advisory 2015-1708-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1708-01 - The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. An integer truncation flaw was discovered in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server.

tags | advisory, overflow, arbitrary, local
systems | linux, redhat
advisories | CVE-2015-1802, CVE-2015-1803, CVE-2015-1804
SHA-256 | b4c72f1baca33b69f444c7d54c609270e1c6b3023adf8a3f5b00f5bf23f3c79c
Slackware Security Advisory - bind Updates
Posted Sep 3, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-5722, CVE-2015-5986
SHA-256 | 71e9021c7dd146c2fbdff8344b3ed3f5124096ad070583b42adb31fadb00ccda
Debian Security Advisory 3350-1
Posted Sep 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3350-1 - Hanno Boeck discovered that incorrect validation of DNSSEC-signed records in the Bind DNS server could result in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2015-5722
SHA-256 | a2ee59fa7b049499a7e64ecff9e271c325fb9143bcb165a3d51166b25c1d8f20
Red Hat Security Advisory 2015-1706-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1706-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query that would cause named functioning as a validating resolver to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-5722
SHA-256 | 0f900569386df1dc61133ad536d7a6be8fb800f54e491aea114bf372975f9225
Red Hat Security Advisory 2015-1705-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1705-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query that would cause named functioning as a validating resolver to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-5722
SHA-256 | e5f6596d38308d8d26b67eedfe979735bd15143a2a88ace16efc1fd0cb6124cf
Red Hat Security Advisory 2015-1707-01
Posted Sep 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1707-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query that would cause named functioning as a validating resolver to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-5722
SHA-256 | 63d1d6e4246dcf1b0ac3622f8df657ee68462300f5c59a8db18a06f95c87c54a
Debian Security Advisory 3347-1
Posted Sep 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3347-1 - Pyry Hakulinen and Ashish Shakla at Automattic discovered that pdns, an authoritative DNS server, was incorrectly processing some DNS packets; this would enable a remote attacker to trigger a DoS by sending specially crafted packets causing the server to crash.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2015-5230
SHA-256 | b2e88d5dacbd68488cd3d0c8ac1beea24ead6d7d4d5aa16c4216d923501f8782
GPON G-93RG1 Cross Site Request Forgery / Code Execution
Posted Sep 3, 2015
Authored by Phan Thanh Duy

GPON home router version G-93RG1 suffers from a cross site request forgery vulnerability that allows for arbitrary command execution.

tags | exploit, arbitrary, csrf
SHA-256 | ff049e29a1d5430e473f234eb2a8e28f171226e886b3714de5fd087d7f4b134f
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close