what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2014-06-17

Debian Security Advisory 2963-1
Posted Jun 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2963-1 - Multiple vulnerabilities were found in Solr, an open source enterprise search server based on Lucene, resulting in information disclosure or code execution.

tags | advisory, vulnerability, code execution, info disclosure
systems | linux, debian
advisories | CVE-2013-6397, CVE-2013-6407, CVE-2013-6408
SHA-256 | 3226bb057733365b0ea15b5668653bc6949b848105b6f6682ec03fe9ea85782b
Debian Security Advisory 2962-1
Posted Jun 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2962-1 - Abhiskek Arya discovered an out of bounds write in the cvt_t() function of the NetScape Portable Runtime Library which could result in the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2014-1545
SHA-256 | 8ae3868fe8152a96118f4b1e810a8b6126eb04436554c9e5c1037d8e4a07a310
HP Security Bulletin HPSBMU03048
Posted Jun 17, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03048 - A potential security vulnerability has been identified with HP Executive Scorecard. The vulnerability could be exploited remotely to allow remote code execution and directory traversal. Revision 1 of this advisory.

tags | advisory, remote, code execution
advisories | CVE-2014-2609, CVE-2014-2610, CVE-2014-2611
SHA-256 | 213e14c884fc213da0fdb80f32a44b94ce6dd87743ec5983bcf3445557d1422e
HP Security Bulletin HPSBUX03046 SSRT101590 2
Posted Jun 17, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03046 SSRT101590 2 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, bypass security restrictions, disclose information, or allow unauthorized access. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-0076, CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
SHA-256 | 82b711db58c11d9acdbe01d1244f27e7cce6fb0f760c5bd171d01059147203d5
Ubisoft Rayman Legends 1.2.103716 Buffer Overflow
Posted Jun 17, 2014
Authored by LiquidWorm | Site zeroscience.mk

Ubisoft Rayman Legends version 1.2.103716 suffers from a remote stack buffer overflow vulnerability. The vulnerability is caused due to a memset() boundary error in the processing of incoming data thru raw socket connections on TCP port 1001, which can be exploited to cause a stack based buffer overflow by sending a long string of bytes on the second connection. Successful exploitation could allow execution of arbitrary code on the affected node.

tags | exploit, remote, overflow, arbitrary, tcp
SHA-256 | 71391cda216f22eb5ea2ceed3fe0654826cc8437d19457f4b2403e070cbbf860
Ubuntu Security Notice USN-2247-1
Posted Jun 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2247-1 - Darragh O'Reilly discovered that OpenStack Nova did not properly set up its sudo configuration. If a different flaw was found in OpenStack Nova, this vulnerability could be used to escalate privileges. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS. Bernhard M. Wiedemann and Pedraig Brady discovered that OpenStack Nova did not properly verify the virtual size of a QCOW2 images. A remote authenticated attacker could exploit this to create a denial of service via disk consumption. This issue did not affect Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-1068, CVE-2013-4463, CVE-2013-4469, CVE-2013-6491, CVE-2013-7130, CVE-2014-0134, CVE-2014-0167
SHA-256 | c061c326f8e2fd51cf3da4f0196f40f3e8ce883bba777d9e41fe4665ea5c141a
Ubuntu Security Notice USN-2246-1
Posted Jun 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2246-1 - Jakub Wilk discovered that APT did not correctly validate signatures when downloading source packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered source packages.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2014-0478
SHA-256 | 02149d90e10050b8b15bd3bf795cc65698917322da68d3c7a2d6fb0cd74529c6
ZTE WXV10 W300 Disclosure / CSRF / Default
Posted Jun 17, 2014
Authored by Osanda Malith

ZTE WXV10 W300 suffers from suffers from backup disclosure, cross site request forgery, denial of service, and file disclosure vulnerabilities.

tags | exploit, denial of service, vulnerability, info disclosure, csrf
advisories | CVE-2014-4018, CVE-2014-4019, CVE-2014-4154, CVE-2014-4155
SHA-256 | 3b6602fb3def8dbbee56c271ace4a69b13e376896e28039dcb7457677213450e
BarracudaDrive 6.7.2 Cross Site Scripting
Posted Jun 17, 2014
Authored by Govind Singh

BarracudaDrive version 6.7.2 suffers from cross site scripting vulnerabilities in the administrative panel.

tags | exploit, vulnerability, xss
SHA-256 | 5c6c8a50ef195216ce00593e8168ec1c27fc28b8f6fa774cc26bd199c3f20acb
Zabbix 1.8.x - 2.2.x XXE Injection
Posted Jun 17, 2014
Authored by pnig0s

Zabbix versions 1.8.x through 2.2.x suffer from an XML external entity attack vulnerability.

tags | advisory, xxe
SHA-256 | 58c8a52d7fba50ef0b5bff2b0868272d62ff90398c6d604f69d6a653058e7dcd
Clam AntiVirus Toolkit 0.98.4
Posted Jun 17, 2014
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This release addressed build problems on Solaris, OpenBSD, and AIX. Additional issues on Windows, Mac OS X, and Solaris 10 have been resolved.
tags | tool, virus
systems | unix
SHA-256 | d3006747abcf750f395a8bfa8267ab314c7b63196c4b41e7717948aaaafa3e1c
Rocket Servergraph Admin Center fileRequestor Remote Code Execution
Posted Jun 17, 2014
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module abuses several directory traversal flaws in Rocket Servergraph Admin Center for Tivoli Storage Manager. The issues exist in the fileRequestor servlet, allowing a remote attacker to write arbitrary files and execute commands with administrative privileges. This Metasploit module has been tested successfully on Rocket ServerGraph 1.2 over Windows 2008 R2 64 bits, Windows 7 SP1 32 bits and Ubuntu 12.04 64 bits.

tags | exploit, remote, arbitrary
systems | linux, windows, ubuntu
advisories | CVE-2014-3914
SHA-256 | 6e5d60b2a820df1fa23141aca83b453d17a395a8fac173dda8ddc42205721c6f
Ubuntu Security Notice USN-2214-3
Posted Jun 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2214-3 - USN-2214-1 fixed vulnerabilities in libxml2. The upstream fix introduced a number of regressions. This update fixes the problem. Daniel Berrange discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
SHA-256 | b8ca3b18f9831d34c0464420a76c23b14a760faa58fe6f074b4b06d29b558801
Debian Security Advisory 2961-1
Posted Jun 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2961-1 - It was discovered that PHP, a general-purpose scripting language commonly used for web application development, is vulnerable to a heap-based buffer overflow in the DNS TXT record parsing. A malicious server or man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application uses dns_get_record() to perform a DNS query.

tags | advisory, web, overflow, arbitrary, php
systems | linux, debian
advisories | CVE-2014-4049
SHA-256 | 946b22608c26f85311d93ae2c51a26d572a981793976824e42be9b3507f437be
Debian Security Advisory 2950-2
Posted Jun 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2950-2 - This update updates the upstream fix for CVE-2014-0224 to address problems with CCS which could result in problems with the Postgres database.

tags | advisory
systems | linux, debian
advisories | CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
SHA-256 | f151f5f5f15dae8af04e0f433f6ad6ef33c50c6d4e2928146538a0f0cb46b400
Gentoo Linux Security Advisory 201406-17
Posted Jun 17, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-17 - Multiple vulnerabilities have been found in Adobe Flash Player, worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.378 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-0531, CVE-2014-0532, CVE-2014-0533, CVE-2014-0534, CVE-2014-0535, CVE-2014-0536
SHA-256 | 63b09a8eb3d0f4e8d7b16baa8c238f63b29aa9870472b974cfe306e898b67d31
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close