what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2015-07-07

OpenSCAP Libraries 1.2.5
Posted Jul 7, 2015
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Plugged memory leaks. Fixed fresh static analysis (coverity) findings. Fixed shellcheck warnings. Fixes for Solaris platform. Various other updates and improvements.
tags | protocol, library
systems | unix
SHA-256 | 7e0c56c108ff3042fd6a6650a808553de15e4dfc7ccc9fcdd6a839de827c47ed
Tinc Virtual Private Network Daemon 1.0.26
Posted Jul 7, 2015
Authored by Ivo Timmermans | Site tinc.nl.linux.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Tinc now forces glibc to reload /etc/resolv.conf for every hostname lookup. Fixed —logfile without a filename on Windows. Ensure tinc can be compiled when using musl libc.
tags | tool, encryption
systems | unix
SHA-256 | 2b4319ddb3bd2867e72532a233f640a58c2f4d83f1088183ae544b268646ba21
HP Security Bulletin HPSBGN03361 1
Posted Jul 7, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03361 1 - A potential security vulnerability has been identified with HP UCMDB, HP UCMDB Configuration Manager, HP UCMDB Browser, and HP Universal Discovery running TLS. Note: This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-4000
SHA-256 | d7f39361b740cd350c370d82a4abbf3a521be218d6102e8336f6c495e2a2be40
HP Security Bulletin HPSBMU03234 1
Posted Jul 7, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03234 1 - A potential security vulnerability has been identified with HP Vertica running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | 0294e954d25201f94470fffcc267e094019e350889ede165e6610c7c67533e94
Debian Security Advisory 3303-1
Posted Jul 7, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3303-1 - It was discovered that the texttopdf utility, part of cups-filters, was susceptible to multiple heap-based buffer overflows due to improper handling of print jobs with a specially crafted line size. This could allow remote attackers to crash texttopdf or possibly execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, debian
advisories | CVE-2015-3258, CVE-2015-3279
SHA-256 | c4cda9b519e70e14626d7d44c19ba37e1eff42e47edb6f66dae560941f93ea98
Red Hat Security Advisory 2015-1211-01
Posted Jul 7, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1211-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2015-1805
SHA-256 | ba69d5584217420f43b38d281a774af957454723c6b0f03bf60d4d62ff50c41b
Ubuntu Security Notice USN-2668-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2668-1 - It was discovered that HAProxy incorrectly handled certain buffers. A remote attacker could possibly use this issue to obtain sensitive information belonging to previous requests.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2015-3281
SHA-256 | b107f1345f2ab6dfdbdf52fda2fa1a45e08e413705d2abc04885e58aa92242de
Debian Security Advisory 3302-1
Posted Jul 7, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3302-1 - Insufficient input sanitising in libwmf, a library to process Windows metafile data, may result in denial of service or the execution of arbitrary code if a malformed WMF file is opened.

tags | advisory, denial of service, arbitrary
systems | linux, windows, debian
advisories | CVE-2015-0848, CVE-2015-4588, CVE-2015-4695, CVE-2015-4696
SHA-256 | 10317cb2a7565d19e7bf77a889b03d34ac783941edd2d5edcd17f7eb95e6649c
Ubuntu Security Notice USN-2666-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2666-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167, CVE-2015-4700
SHA-256 | 47d9b2874b908191ceb7d6cc05e67c129969a7a846612e0abf42f762272cf153
Ubuntu Security Notice USN-2667-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2667-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003
SHA-256 | 122e7a4e496bfa1708ef0318f8bb997c9f1c401557f2e3bc34b52513381ea323
Ubuntu Security Notice USN-2663-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2663-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9710, CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167
SHA-256 | 7d15aa2d77d66a412eb11604a0558247a40f8871ea54563f3265f6cf37232869
Ubuntu Security Notice USN-2664-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2664-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167, CVE-2015-4700
SHA-256 | fa189e6b6391daa79f6ab7ceb545b2f97b172e45e1ec80055aa050d2726b9e27
Ubuntu Security Notice USN-2665-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2665-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003
SHA-256 | 7fe5d45987e82d6beb0aa597ea875fbc6a50d820627071ddf51320c0b6d6db2e
Ubuntu Security Notice USN-2662-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2662-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9710, CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167
SHA-256 | fd94ef4c48a1bb7444100a0af1dc5c91028a7fce50fdaa1e423dcb48878649a3
Ubuntu Security Notice USN-2660-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2660-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420
SHA-256 | a7b057780c2a9c2c974c9d2ad831cb885a705477c84f727d40ba979a7e08c701
Ubuntu Security Notice USN-2661-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2661-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420
SHA-256 | ffb7e5a9faaa7d5d4aa3790f6cae60c6ac29ec24ba1853e3b7fec3cc4d2f3c94
Red Hat Security Advisory 2015-1210-01
Posted Jul 7, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1210-01 - ABRT is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. It was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users.

tags | advisory, kernel, local, info disclosure
systems | linux, redhat
advisories | CVE-2015-1869, CVE-2015-1870, CVE-2015-3142, CVE-2015-3147, CVE-2015-3159, CVE-2015-3315
SHA-256 | 47a1f50bad2069d1272bed01fda4923643f3bc2e6bea1f01b891e04347c5db10
Gentoo Linux Security Advisory 201507-08
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-8 - A vulnerability in libxml2 allows a remote attacker to cause Denial of Service. Versions less than 2.9.2-r1 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2015-1819
SHA-256 | a05e6be79f4500816569633da84b2fc86e92630dadb9318289f0641fce36a486
Gentoo Linux Security Advisory 201507-07
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-7 - Multiple vulnerabilities have been found in LibVNCServer, the worst of which could result in execution of arbitrary code or Denial of Service. Versions less than 0.9.10-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055
SHA-256 | 366d16a33ddb4170dce53307384a2c9a1c34ebb67784b0e2096ac1d54dd1cce4
Gentoo Linux Security Advisory 201507-06
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-6 - Multiple vulnerabilities have been found in UnRTF, the worst of which may result in execution of arbitrary code. Versions less than 0.21.9 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-9274, CVE-2014-9275
SHA-256 | 32d2427c7b5006399245f373a45eb4f51267c73c831f62852b6c53d4c5aa3906
Gentoo Linux Security Advisory 201507-05
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-5 - Multiple vulnerabilities have been found in SQLite, allowing context-dependent attackers to cause a Denial of Service condition. Versions less than 3.8.9 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-3414, CVE-2015-3415, CVE-2015-3416
SHA-256 | 25bb7312d841f5f3b900c3e5c0ec81e6d09713156772856e0dd985686dcd1bd2
Gentoo Linux Security Advisory 201507-04
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-4 - Multiple vulnerabilities have been found in International Components for Unicode, allowing attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 55.1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-8146, CVE-2014-8147
SHA-256 | 68075e049a9e07828a69a230cd6e54754b8c7b4e87d9bf4c7809aa42bf485264
Gentoo Linux Security Advisory 201507-03
Posted Jul 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-3 - A vulnerability in Exiv2 could lead to Denial of Service condition. Versions less than 0.24-r1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2014-9449
SHA-256 | 6eb2c18229fee3b2350b37ab8ca65dbabb91fcfbfa485a728d95b7645b11404c
Black Cat CMS 1.1.2 Cross Site Scripting
Posted Jul 7, 2015
Authored by Provensec

Black Cat CMS version 1.1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7e257693ee2ab7e64d8f6b1d6364b7b60a5af2d2310bd734bb67fcb1be88fd88
EMC Documentum Content Server ESA-2014-105 Fail
Posted Jul 7, 2015
Authored by Andrey B. Panfilov

A vulnerability exists in the EMC Documentum Content Server which allows an authenticated user to elevate privileges, hijack Content Server filesystem, or execute arbitrary commands by creating malicious dm_job objects. Although ESA-2014-105 claimed to remediate this issue, it persists.

tags | exploit, arbitrary
systems | linux
advisories | CVE-2014-4626
SHA-256 | c2fab15b7849733e911e9d40873b3af36fa3fddd78061a30c82067805f9a0abd
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close