what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files Date: 2015-02-26

Secure rm 1.2.15
Posted Feb 26, 2015
Authored by Matthew Gauthier | Site srm.sourceforge.net

Secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.

Changes: Various updates.
tags | tool
systems | unix
SHA-256 | 7583c1120e911e292f22b4a1d949b32c23518038afd966d527dae87c61565283
FreeBSD Security Advisory - BIND Denial Of Service
Posted Feb 26, 2015
Site security.freebsd.org

FreeBSD Security Advisory - BIND servers which are configured to perform DNSSEC validation and which are using managed keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit unpredictable behavior due to the use of an improperly initialized variable. A remote attacker can trigger a crash of a name server that is configured to use managed keys under specific and limited circumstances. However, the complexity of the attack is very high unless the attacker has a specific network relationship to the BIND server which is targeted.

tags | advisory, remote
systems | freebsd
advisories | CVE-2015-1349
SHA-256 | 0e416654c22a1367cdad06ceb1a67ec74bb5ad43931cfbbd4d5e066547480619
FreeBSD Security Advisory - IGMP Integer Overflow
Posted Feb 26, 2015
Authored by Marek Kroemeke, Mateusz Kocielski | Site security.freebsd.org

FreeBSD Security Advisory - An integer overflow in computing the size of IGMPv3 data buffer can result in a buffer which is too small for the requested operation. An attacker who can send specifically crafted IGMP packets could cause a denial of service situation by causing the kernel to crash.

tags | advisory, denial of service, overflow, kernel
systems | freebsd
advisories | CVE-2015-1414
SHA-256 | 76ae1889e6e180016123dbcd9d01a3c9f96266857a6c54bf55851337ed754719
TangoBB 1.5.0-A3 Cross Site Scripting
Posted Feb 26, 2015
Authored by Dennis Veninga

TangoBB version 1.5.0-A3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f14175c8ce177339644aee54e883870979db753dec8cfea37dfd6eec3d7e585d
Enano CMS 1.1.8pl1 Cross Site Scripting
Posted Feb 26, 2015
Authored by Dennis Veninga

Enano CMS version 1.1.8pl1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 77dfeefd90af3bf96609dca951ae09bcd4a7461ee0b4f68b894ccb8f1404c368
Ubuntu Security Notice USN-2512-1
Posted Feb 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2512-1 - A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service (memory corruption or panic) or possibly have unspecified impact via the keyctl commands. A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge ER records. A local user could exploit this flaw to obtain sensitive information from kernel memory via a crafted iso9660 image. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2014-9529, CVE-2014-9584
SHA-256 | 3f262086df87588265dbecbb8ff0843e0cab2865cab84a7edc8442b585a2644f
Ubuntu Security Notice USN-2519-1
Posted Feb 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2519-1 - Arnaud Le Blanc discovered that the GNU C Library incorrectly handled file descriptors when resolving DNS queries under high load. This may cause a denial of service in other applications, or an information leak. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. It was discovered that the GNU C Library incorrectly handled receiving a positive answer while processing the network name when performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-7423, CVE-2014-9402, CVE-2015-1472, CVE-2015-1473
SHA-256 | 1b157586f2ed9c751bb741fa0ea8c7d75c284f263ee1da14e33f7921b5b19b1d
Ubuntu Security Notice USN-2520-1
Posted Feb 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2520-1 - Peter De Wachter discovered that CUPS incorrectly handled certain malformed compressed raster files. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9679
SHA-256 | 3f5f2c63b03a2f9dbe4401968467d5532e3781909850a2839166ccf5352b25ef
Slackware Security Advisory - mozilla-firefox Updates
Posted Feb 26, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 407ff06d90c59a8b214eeec8314e041b0b6f0f5ceb2a4b26b52d783cf39cdb87
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Feb 26, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 426a955887df36c6e06b11e8e8ba1d757443e38f4c3000e27b92386330b3ed03
HP Security Bulletin HPSBUX03273 SSRT101951 1
Posted Feb 26, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03273 SSRT101951 1 - Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, java, remote, vulnerability
systems | hpux
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0400, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
SHA-256 | 5aab20d842919e614bfd9a19d77f48b98667e71e22eb1efe325b37fc6aae6fc1
HP Security Bulletin HPSBUX03244 SSRT101885 2
Posted Feb 26, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03244 SSRT101885 2 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilities. Revision 2 of this advisory.

tags | advisory, remote, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204
SHA-256 | 81719ce8c50473d36cb9b547bb67ccbdbfa5a288027ec1efce66b01e94779800
Debian Security Advisory 3175-1
Posted Feb 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3175-1 - Mateusz Kocielski and Marek Kroemeke discovered that an integer overflow in IGMP processing may result in denial of service through malformed IGMP packets.

tags | advisory, denial of service, overflow
systems | linux, debian
advisories | CVE-2015-1414
SHA-256 | ea9e04f78948560eddb2bdb3949259597d1c4dd4e55b117f4dc8f77013622547
Gentoo Linux Security Advisory 201502-15
Posted Feb 26, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-15 - Multiple vulnerabilities have been found in Samba, the worst of which allowing a context-dependent attacker to bypass intended file restrictions, cause a Denial of Service or execute arbitrary code. Versions less than 3.6.25 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6150, CVE-2013-4124, CVE-2013-4408, CVE-2013-4475, CVE-2013-4476, CVE-2013-4496, CVE-2014-0178, CVE-2014-0239, CVE-2014-0244, CVE-2014-3493, CVE-2015-0240
SHA-256 | 606c956ce8f163cd743c45062fd6201fce247d72cbe7bc650aed2d2440e1861b
HP Security Bulletin HPSBUX03162 SSRT101885 1
Posted Feb 26, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03162 SSRT101885 1 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204
SHA-256 | 3b577abbcf7d62de97f73a66873026f74337aaa3a3ba1af33c2ec72e49635667
Debian Security Advisory 3174-1
Posted Feb 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3174-1 - Multiple security issues have been found in Iceweasel, Debian's version implementation errors may lead to the execution of arbitrary code or information disclosure.

tags | advisory, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2015-0822, CVE-2015-0827, CVE-2015-0831, CVE-2015-0836
SHA-256 | f2aeef2c646baed7360233e311642e5726a2abfb936985c262797a5dd2bb5244
Debian Security Advisory 3173-1
Posted Feb 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3173-1 - It was discovered that libgtk2-perl, a Perl interface to the 2.x series of the Gimp Toolkit library, incorrectly frees memory which GTK+ still holds onto and might access later, leading to denial of service (application crash) or, potentially, to arbitrary code execution.

tags | advisory, denial of service, arbitrary, perl, code execution
systems | linux, debian
SHA-256 | d6159b0e8d3d7cfd1b0d709e58a87c3f037bcb116d848c4b823df135f71c42cc
Debian Security Advisory 3172-1
Posted Feb 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3172-1 - Peter De Wachter discovered that CUPS, the Common UNIX Printing System, did not correctly parse compressed raster files. By submitting a specially crafted raster file, a remote attacker could use this vulnerability to trigger a buffer overflow.

tags | advisory, remote, overflow
systems | linux, unix, debian
advisories | CVE-2014-9679
SHA-256 | ebd69dfa02df9d67e808a099ac41d03253cffb6fe5b9a597cef743fa4ff59105
HP Security Bulletin HPSBMU03260 1
Posted Feb 26, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03260 1 - A potential security vulnerability has been identified with HP System Management Homepage running OpenSSL on Linux and Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
systems | linux, windows
advisories | CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-5139
SHA-256 | 6626a803ddc8c8264f2c7c8eed5352df1f5b48b242c4246b817c9377a12cc3e0
Debian Security Advisory 3170-1
Posted Feb 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3170-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-7421, CVE-2014-7822, CVE-2014-8160, CVE-2014-8559, CVE-2014-9585, CVE-2014-9644, CVE-2014-9683, CVE-2015-0239, CVE-2015-1420, CVE-2015-1421, CVE-2015-1593
SHA-256 | bd8c99b2ab449bf19ff881a59d02a9213bd109f150a9ca0142efa66f7d734b69
Red Hat Security Advisory 2015-0271-01
Posted Feb 26, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0271-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 5.9 will be retired as of March 31, 2015, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 5.9 EUS after March 31, 2015. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. We encourage customers to plan their migration from Red Hat Enterprise Linux 5.9 to a more recent version of Red Hat Enterprise Linux. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on any currently supported Red Hat Enterprise Linux release.

tags | advisory
systems | linux, redhat
SHA-256 | 8038896f796179512f717ee4b21a256a8d422961f9c7b92334dc89e3b1d6ea08
Ubuntu Security Notice USN-2518-1
Posted Feb 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2518-1 - A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS. Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-8133, CVE-2014-8160, CVE-2014-8559, CVE-2014-8989, CVE-2014-9419, CVE-2014-9420, CVE-2014-9428, CVE-2014-9529, CVE-2014-9584, CVE-2014-9585, CVE-2014-9683, CVE-2015-0239
SHA-256 | 03584d0fcffadd6ca49b1e56d0b3d7d9ae8c678d2a96002a23311b725d15ff9a
Ubuntu Security Notice USN-2517-1
Posted Feb 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2517-1 - A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS. Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-8133, CVE-2014-8160, CVE-2014-8559, CVE-2014-8989, CVE-2014-9419, CVE-2014-9420, CVE-2014-9428, CVE-2014-9529, CVE-2014-9584, CVE-2014-9585, CVE-2014-9683, CVE-2015-0239
SHA-256 | c2beb8818a02fe1fe50f205d50c8a8c8098205e9d6db7cb024d6c2c259ec35f5
Ubuntu Security Notice USN-2516-1
Posted Feb 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2516-1 - A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS. Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-8133, CVE-2014-8160, CVE-2014-8559, CVE-2014-8989, CVE-2014-9419, CVE-2014-9420, CVE-2014-9428, CVE-2014-9529, CVE-2014-9584, CVE-2014-9585, CVE-2014-9683, CVE-2015-0239
SHA-256 | 867c10eb1c46d3dd5d476bf47cf8c230ef2d51da96ccd2b529ad846c96b4791b
Ubuntu Security Notice USN-2511-1
Posted Feb 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2511-1 - A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service (memory corruption or panic) or possibly have unspecified impact via the keyctl commands. A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge ER records. A local user could exploit this flaw to obtain sensitive information from kernel memory via a crafted iso9660 image. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2014-9529, CVE-2014-9584
SHA-256 | 7bd4627e4660c54ac6b22caade9e093e48948ec10223cf420ba15fb141518649
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close