what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2015-11-19 to 2015-11-20

Kibana Cross Site Request Forgery
Posted Nov 19, 2015
Authored by Kevin Kluge

Kibana versions prior to 4.1.3 and 4.2.1 suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
advisories | CVE-2015-8131
SHA-256 | 6045ea2c042b81972ed4a68e93347e2b9910ce5897698ea762510910c470cac1
VMware Security Advisory 2015-0008
Posted Nov 19, 2015
Authored by VMware | Site vmware.com

VMware Security Advisory 2015-0008 - VMware product updates address information disclosure issue.

tags | advisory, info disclosure
advisories | CVE-2015-3269
SHA-256 | 1c1a650290da77afa5cfb03bf88b3028205f532ac7c23a35fb455c034ad606fa
Red Hat Security Advisory 2015-2078-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2078-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.

tags | advisory, overflow, memory leak
systems | linux, redhat
advisories | CVE-2015-5288, CVE-2015-5289
SHA-256 | aac049a21ae427bf24643576d8701e697cfabc9ea4d02e806cb365d534decbce
HP Security Bulletin HPSBGN03521 2
Posted Nov 19, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03521 2 - A potential security vulnerability has been identified in HP Operations Orchestration Central. The vulnerability could be exploited to allow Cross-Site Request Forgery (CSRF). Revision 2 of this advisory.

tags | advisory, csrf
advisories | CVE-2015-5451
SHA-256 | e92f97e1cfb23f448556b38e851e40c4fae3071be411c7a5e4dfb582b77d66c5
Debian Security Advisory 3399-1
Posted Nov 19, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3399-1 - Several vulnerabilities have been discovered in the libpng PNG library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-7981, CVE-2015-8126
SHA-256 | fc770fc5d8fb31cbec5d8f894af8183e571f9cdcc0236dffad328691216700da
Wireshark Analyzer 2.0.0
Posted Nov 19, 2015
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple bug fixes and updates. Moved to new 2.x branch.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 90026c761a85701d7783c7e2eaa4c1de247dfbadbd53221df355f121e42691dd
F5 iControl iCall::Script Root Command Execution
Posted Nov 19, 2015
Authored by Jon Hart, Tom | Site metasploit.com

This Metasploit module exploits an authenticated privilege escalation vulnerability in the iControl API on the F5 BIG-IP LTM (and likely other F5 devices). This requires valid credentials and the Resource Administrator role. The exploit should work on BIG-IP 11.3.0 - 11.6.0, (11.5.x < 11.5.3 HF2 or 11.6.x < 11.6.0 HF6, see references for more details).

tags | exploit
advisories | CVE-2015-3628
SHA-256 | f329ba79799be3587e190db0a03ebd17f524e5bca267576582b6c1d628f1c3ce
IBM i Access For Windows 7.1 Denial Of Service
Posted Nov 19, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

IBM i Access for Windows is vulnerability to a stack buffer overflow denial of service vulnerability.

tags | exploit, denial of service, overflow
systems | windows
advisories | CVE-2015-7422
SHA-256 | 11b7e54cc3e17a00c343563a50236ca59bcf4030efc0d0a5c7c6a895e9014571
IBM i Access For Windows 7.1 Buffer Overflow
Posted Nov 19, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

IBM i Access for Windows is vulnerable to a buffer overflow. A local attacker could overflow a buffer and execute arbitrary code on the Windows PC.

tags | exploit, overflow, arbitrary, local
systems | windows
advisories | CVE-2015-2023
SHA-256 | c580fc339b55fe7d4d1b8c410eb204c7360f55941a779e5f137933f2389ba06d
Horde Groupware 5.2.10 Cross Site Request Forgery
Posted Nov 19, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

Horde Groupware version 5.2.10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-7984
SHA-256 | c4fc067423fe364eb06a86f8f53f8d241025ebcaec8ec8d5e2dbc2baea883140
Adobe Premiere Clip 1.1.1 Filter Bypass
Posted Nov 19, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Adobe Premiere Clip version 1.1.1 suffers from a filter bypass vulnerability.

tags | exploit, bypass
SHA-256 | 51ff395ba796da8216a974270c7449690e7f1776d4051a48b6068c307b81af02
Red Hat Security Advisory 2015-2068-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2068-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7181, CVE-2015-7182, CVE-2015-7183
SHA-256 | fe60a25cea587409eb3e69819ff10f018734fe33d7f5c69935f661f1071aa61d
Ubuntu Security Notice USN-2814-1
Posted Nov 19, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2814-1 - It was discovered that the NVIDIA graphics drivers incorrectly sanitized user mode inputs. A local attacker could use this issue to possibly gain root privileges.

tags | advisory, local, root
systems | linux, ubuntu
advisories | CVE-2015-7869
SHA-256 | 9cea44ac231bd8392a6ff769542f3eae7053e40d8eb4017356111b4dc0c88e83
Red Hat Security Advisory 2015-2077-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2077-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.

tags | advisory, overflow, memory leak
systems | linux, redhat
advisories | CVE-2015-5288, CVE-2015-5289
SHA-256 | b8119ca3b76675c365e5ec6e10e97a27a6c8163ea9d7805cb835c9fc98116c8b
Red Hat Security Advisory 2015-2083-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2083-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.

tags | advisory, overflow, memory leak
systems | linux, redhat
advisories | CVE-2015-5288, CVE-2015-5289
SHA-256 | c9f88ba809baf90f4a629479a98d8482fd5274e5a0d331f3a4316e0f0531d8a8
Red Hat Security Advisory 2015-2081-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2081-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. All PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2015-5288
SHA-256 | a9a97fccebbbe72476920331ce502e8ceb3f18514137ac2cdace7209eb1dcd74
Red Hat Security Advisory 2015-2086-01
Posted Nov 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2086-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4835, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4872, CVE-2015-4881, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4903, CVE-2015-4911
SHA-256 | 688052df79cb50ce4f3ff4ec55819b330ffd2d39fb32fb8e3b13e6ff8eac86d2
HP Security Bulletin HPSBGN03521 1
Posted Nov 19, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03521 1 - A potential security vulnerability has been identified in HP Operations Orchestration Central. The vulnerability could be exploited to allow Cross-Site Request Forgery (CSRF). Revision 1 of this advisory.

tags | advisory, csrf
advisories | CVE-2015-5451
SHA-256 | 2598d6a322739b3a2a0f9c9ce43bb8a1333a17d53479b18bd2784b21225a9fdb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close