what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2014-09-11

VMware Security Advisory 2014-0008
Posted Sep 11, 2014
Authored by VMware | Site vmware.com

VMware Security Advisory 2014-0008 - VMware has updated vSphere third party libraries.

tags | advisory
advisories | CVE-2013-0242, CVE-2013-1914, CVE-2013-4322, CVE-2013-4590, CVE-2014-0050, CVE-2014-0114
SHA-256 | 961f1fa58ab6b80903bbc3ac882d262194e375452629d457597ffbc1b2b2c93c
HP Security Bulletin HPSBMU03075
Posted Sep 11, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03075 - A potential security vulnerability has been identified with HP Network Node Manager I (NNMi) on Windows and Linux. This vulnerability could be exploited remotely to allow arbitrary code execution. Revision 1 of this advisory.

tags | advisory, arbitrary, code execution
systems | linux, windows
advisories | CVE-2014-2624
SHA-256 | 045e91742bf0a51854d6e5c29dec360e40077d54bb40679404151c3b61dec485
Cisco Security Advisory 20140908-ucse
Posted Sep 11, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Cisco Integrated Management Controller (Cisco IMC) SSH module of the Cisco Unified Computing System E-Series Blade servers could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to a failure to properly handle a crafted SSH packet. An attacker could exploit this vulnerability by sending a crafted packet to the SSH server running on the Cisco IMC of an affected device, which could result in the Cisco IMC becoming unresponsive. The operating system running on the blade will be unaffected. Cisco has released free software updates that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
SHA-256 | 3f247458f5de3f93abd4ed9c538945e9d37f45d46ccead5e184b48fc8aa2c4c7
HP Security Bulletin HPSBST03106
Posted Sep 11, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03106 - A potential security vulnerability has been identified in HP P2000 G3 MSA Array System running OpenSSL. This vulnerability could be exploited remotely resulting in unauthorized access or disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-0224
SHA-256 | 6891a70dfa7d48dde4bae12899b26516b067ffccc859961ca28b52e4c6c9c942
Debian Security Advisory 3021-1
Posted Sep 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3021-1 - Multiple security issues have been found in file, a tool to determine a file type. These vulnerabilities allow remote attackers to cause a denial of service, via resource consumption or application crash.

tags | advisory, remote, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3538, CVE-2014-3587
SHA-256 | 115bf94ed1ae10d5933506efacb195641342c54b763f1ee67edf43028f3516c2
Ubuntu Security Notice USN-2343-1
Posted Sep 11, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2343-1 - Tyson Smith and Jesse Schwartzentruber discovered that NSS contained a race condition when performing certificate validation. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-1544
SHA-256 | 49306aadb794c2b489013336e93c2da224228735ef3f3bda3d06f7c656dfdae6
Debian Security Advisory 3021-2
Posted Sep 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3021-2 - This update corrects DSA 3021-1, which introduced a regression in the detection of a some "Composite Document Files" (CDF), marking them look as corrupted, with the error: "Can't expand summary_info".

tags | advisory
systems | linux, debian
advisories | CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3538, CVE-2014-3587
SHA-256 | d8bc3a976a77d945fa9729274dcb77beef67b36b7e76cce28961d31ec075b64d
Debian Security Advisory 3022-1
Posted Sep 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3022-1 - Two vulnerabilities have been discovered in cURL, an URL transfer library. They can be use to leak cookie information.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-3613, CVE-2014-3620
SHA-256 | 5c7afe71736f0b0541d990e07c5812c715b4de0cb69860da5982335e93295eab
Debian Security Advisory 3020-1
Posted Sep 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3020-1 - During a review for EDF, Raphael Geissert discovered that the acpi-support package did not properly handle data obtained from a user's environment. This could lead to program malfunction or allow a local user to escalate privileges to the root user due to a programming error.

tags | advisory, local, root
systems | linux, debian
advisories | CVE-2014-0484
SHA-256 | 35f75e3e676cc36fd363cb90a7635889f195d3d10b2f4a7885833ebd0cb47cc8
Red Hat Security Advisory 2014-1173-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1173-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0547, CVE-2014-0548, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559
SHA-256 | 82eb0208711b7cdea78181be2b4903736f3d9617389e5850b54bab2b6fcdec61
Red Hat Security Advisory 2014-1172-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1172-01 - The procmail program is used for local mail delivery. In addition to just delivering mail, procmail can be used for automatic filtering, presorting, and other mail handling jobs. A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send an email with specially crafted headers that, when processed by formail, could cause procmail to crash or, possibly, execute arbitrary code as the user running formail. All procmail users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

tags | advisory, remote, overflow, arbitrary, local
systems | linux, redhat
advisories | CVE-2014-3618
SHA-256 | dd9d7e5491f3b4e1e82321feba769af71e75c8968902e4b898b38d9b46ad56f7
Slackware Security Advisory - seamonkey Updates
Posted Sep 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | b417399551892d9f1c461d372a319a3669c34f99ca2a6b21c185e1ab67930915
Red Hat Security Advisory 2014-1170-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1170-01 - This advisory contains instructions on how to resolve one security issue in the Elasticsearch component in Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-3120
SHA-256 | cda8a55812eca23934b2ebd4c0cfda1feb81d8ddd544746c00205873c1e7ddd0
Red Hat Security Advisory 2014-1171-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1171-01 - This advisory contains instructions on how to resolve one security issue in the Elasticsearch component in Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-3120
SHA-256 | 7de6d8f79c743d6c37c8104e7cee5b3a934147a40c2f09b0aac27afd5d2f12e8
Ubuntu Security Notice USN-2344-1
Posted Sep 11, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2344-1 - It was discovered that the Fileinfo component in php5 contains an integer overflow. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code via a crafted CDF file. It was discovered that the php_parserr function contains multiple buffer overflows. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code via crafted DNS records.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-3587, CVE-2014-3597
SHA-256 | 03372400c70b371cdf5ed00c4c33da42ee3f6e763d7c09635eb62ec8542b43bc
Red Hat Security Advisory 2014-1168-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1168-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an interface.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2014-0222, CVE-2014-0223, CVE-2014-3535
SHA-256 | 1be37b2188323742fc027667a63f88039cdc650a7fd1a4ae10d8c70579adb720
Red Hat Security Advisory 2014-1167-01
Posted Sep 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1167-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futex_wait(). A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could lead to a use-after-free flaw, resulting in a system crash or, potentially, privilege escalation. A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an interface.

tags | advisory, remote, kernel, local
systems | linux, redhat
advisories | CVE-2014-0205, CVE-2014-3535, CVE-2014-3917, CVE-2014-4667
SHA-256 | f4cef6046c510265613db29bd8c542c592cf332bb9e20ce25867d4caa0282acd
OroCRM Cross Site Scripting
Posted Sep 11, 2014
Authored by Provensec

OroCRM suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 84996ee9bc53114b04b4bfff8064bb94359d641af5420bd761a209d98f948364
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close