Säkerhet

HP Security Bulletin HPSBMU03152

Packet storm - tis, 2014-10-28 01:23
HP Security Bulletin HPSBMU03152 - A potential security vulnerability has been identified with HP Operations Orchestration running SSL. This is the SSLv3 vulnerability known as "POODLE" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
Kategorier: Säkerhet

FireHOL 2.0.0

Packet storm - tis, 2014-10-28 01:02
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
Kategorier: Säkerhet

Debian Security Advisory 3057-1

Packet storm - tis, 2014-10-28 00:06
Debian Linux Security Advisory 3057-1 - Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior.
Kategorier: Säkerhet

Debian Security Advisory 3056-1

Packet storm - tis, 2014-10-28 00:06
Debian Linux Security Advisory 3056-1 - Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures. An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference.
Kategorier: Säkerhet

Ubuntu Security Notice USN-2389-1

Packet storm - tis, 2014-10-28 00:06
Ubuntu Security Notice 2389-1 - It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service.
Kategorier: Säkerhet

Google Youtube Filter Bypass / Cross Site Scripting

Packet storm - mån, 2014-10-27 19:22
Google Youtube suffered from filter bypass and persistent cross site scripting vulnerabilities.
Kategorier: Säkerhet

Folder Plus 2.5.1 Script Injection

Packet storm - mån, 2014-10-27 16:44
Folder Plus version 2.5.1 suffers from a persistent script insertion vulnerability.
Kategorier: Säkerhet

Apple iOS 8.0.2 Denial Of Service

Packet storm - mån, 2014-10-27 15:02
Apple iOS version 8.0.2 suffers from a contact handling denial of service vulnerability.
Kategorier: Säkerhet

WebDisk+ 2.1 Code Execution

Packet storm - mån, 2014-10-27 14:21
WebDisk+ version 2.1 suffers from a code execution vulnerability.
Kategorier: Säkerhet

iFileExplorer 6.51 File Inclusion

Packet storm - mån, 2014-10-27 14:21
iFileExplorer version 6.51 suffers from a local file inclusion vulnerability.
Kategorier: Säkerhet

libbfd Out Of Bounds

Packet storm - mån, 2014-10-27 14:11
Zalewski has noted that binaries which have dependencies on libbfd may be leveraged for attacks due to libbfd having a large range of possibly exploitable out-of-bounds crashes.
Kategorier: Säkerhet

vBulletin 4.x Tapatalk Blind SQL Injection

Packet storm - mån, 2014-10-27 12:44
Tapatalk for vBulletin version 4.x suffers from multiple remote blind SQL injection vulnerabilities.
Kategorier: Säkerhet

Filemaker Login Bypass / Privilege Escalation

Packet storm - mån, 2014-10-27 11:32
Filemaker Pro version 13.0v3 and Filemaker Pro Advanced version 12.0v4 suffers from login bypass and privilege escalation vulnerabilities.
Kategorier: Säkerhet

Mandriva: 2014:201: kernel

Linux Security - mån, 2014-10-27 10:44
Kategorier: Säkerhet

Mandriva: 2014:200: bugzilla

Linux Security - mån, 2014-10-27 10:44
Kategorier: Säkerhet

Mandriva: 2014:199: perl

Linux Security - mån, 2014-10-27 10:44
Kategorier: Säkerhet

Mandriva: 2014:198: mediawiki

Linux Security - mån, 2014-10-27 10:44
Kategorier: Säkerhet

Mandriva: 2014:197: python

Linux Security - mån, 2014-10-27 10:44
Kategorier: Säkerhet

Mandriva: 2014:196: rsyslog

Linux Security - mån, 2014-10-27 10:44
Kategorier: Säkerhet