Ubuntu Security Notice 2415-1 - Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability).
3e554180c5667d7aacf3d3bc2f65d9975859566575d57d2d4037816b562f4ffbAIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
6945c8b7b78542cfaf46890b63dd1127694db6dc04e83d82d95dd78d39742c30Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
fa89fc4db07adae9b26ac9bbc6dcf3e0bf8f4d61f07500bb8fb320d6943315a8Ubuntu Security Notice 2414-1 - Tim Brown and Darron Burton discovered that KDE-Runtime incorrectly handled input validation. An attacker could possibly use this issue to execute arbitrary javascript.
a8e4d35135b503e43f7c352287cd61c345c6b291c09a386e9b98a354fd84ea40Red Hat Security Advisory 2014-1894-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. A flaw was found in the way Chromium parsed certain URL values. A malicious attacker could use this flaw to perform phishing attacks.
02987fb0dfe645698c6602689bde5f7ba35b81d62886d20d882c078fe28b3effGentoo Linux Security Advisory 201411-10 - Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service. Versions less than 11.13.1 are affected.
8cb3b44b05c040b60ed10a544ecb9a25244ce0962746f4d7d96926bcca8015f3Red Hat Security Advisory 2014-1893-01 - The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. Multiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server.
ba93cba4862f795071c932fc3c43b83e32cbef7456e8542d73f4034f3242c7cbGentoo Linux Security Advisory 201411-8 - Multiple vulnerabilities have been found in Aircrack-ng, possibly resulting in local privilege escalation, remote code execution, or Denial of Service. Versions prior to 1.2_rc1 are affected.
642f3d924ae079e3b509f1421890b09bd3d9ddf87237d95d6d6cb5a9eded2604Gentoo Linux Security Advisory 201411-9 - Multiple vulnerabilities have been found in Ansible which may allow local privilege escalation. Versions less than 1.6.8 are affected.
2864926da3458a61d02dbe8623f01598e75752b681274d074fedc48f55914d2fGentoo Linux Security Advisory 201411-7 - A NULL pointer dereference in Openswan may allow remote attackers to cause Denial of Service. Versions less than or equal to 2.6.39-r1 are affected.
a42a973e98382c25ce8f2f55f8d1cc8e767f20f6c33222680bbb0f05b22722b6Red Hat Security Advisory 2014-1892-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This roll up patch serves as a cumulative upgrade for Red Hat JBoss BPM Suite 6.0.3, and includes bug fixes and enhancements. It includes various bug fixes, which are listed in the README file included with the patch files.
4f5d88b23ad47c15d92aa56c346f2979074c221f17729cbe994092b16ae9f700Red Hat Security Advisory 2014-1891-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for Red Hat JBoss BRMS 6.0.3, and includes bug fixes and enhancements. It includes various bug fixes, which are listed in the README file included with the patch files. The following security issues are fixed with this release: It was discovered that Jakarta Commons HttpClient incorrectly extracted the host name from an X.509 certificate subject's Common Name field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate.
b592f8c8ee96a54967e2557353405052d49c187fecc92e620bc4dcf46ba2f8beThis paper introduces the reader to techniques that can be used to analyze ROP payloads that are used in exploits in the wild.
c59fd17c7b2afac02c08d3a8f60019731e7b3883890d412fa57a5ba5782de8a7A local privilege escalation vulnerability has been identified in the codemeter.exe Windows service. When installed with the default settings, this service allows Read/Write access to any user, meaning any user can modify the location of the binary executed by the service with SYSTEM privileges.
cc5d65935bbbef89a934423df07e12fdb85bb3c9bddcdf415a89cc055a1ac021Whitepaper called PCI/DSS - Payment Card Industry / Data Security Standard - Are the controls relevant? This paper goes into detail on risk management plans, policies, standards, and practices.
87590eb0d7c29454d5794747d95845ac7e822c0e4b7489dd10961f7ebed0e6b3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed