Säkerhet

Red Hat Security Advisory 2014-2009-01

Packet storm - ons, 2014-12-17 23:41
Red Hat Security Advisory 2014-2009-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system.
Kategorier: Säkerhet

Red Hat Security Advisory 2014-2008-01

Packet storm - ons, 2014-12-17 23:41
Red Hat Security Advisory 2014-2008-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system.
Kategorier: Säkerhet

FreeBSD Security Advisory - unbound Denial Of Service

Packet storm - ons, 2014-12-17 20:42
FreeBSD Security Advisory - By causing queries to be made against a maliciously-constructed zone or against a malicious DNS server, an attacker who is able to cause specific queries to be sent to a nameserver can trick unbound(8) resolver into following an endless series of delegations, which consumes a lot of resources.
Kategorier: Säkerhet

W3 Total Cache 0.9.4 Cross Site Scripting

Packet storm - ons, 2014-12-17 20:41
W3 Total Cache version 0.9.4 suffers from a cross site scripting vulnerability.
Kategorier: Säkerhet

Jease CMS 2.11 Script Insertion

Packet storm - ons, 2014-12-17 20:40
Jease CMS version 2.11 suffers from a malicious script insertion vulnerability.
Kategorier: Säkerhet

Morfy CMS 1.05 Remote Command Execution

Packet storm - ons, 2014-12-17 20:38
Morfy CMS version 1.05 suffers from a remote command execution vulnerability.
Kategorier: Säkerhet

WordPress Bird Feeder 1.2.3 CSRF / XSS

Packet storm - ons, 2014-12-17 20:37
WordPress Bird Feeder plugin version 1.2.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
Kategorier: Säkerhet

Revive Adserver 3.0.5 Cross Site Scripting

Packet storm - ons, 2014-12-17 20:36
Revive Adserver version 3.0.5 suffers from a cross site scripting vulnerability.
Kategorier: Säkerhet

Revive Adserver 3.0.5 Cross Site Scripting / Denial Of Service

Packet storm - ons, 2014-12-17 20:34
Revive Adserver versions 3.0.5 and below suffer from cross site scripting and denial of service vulnerabilities.
Kategorier: Säkerhet

E-Journal 1.0 Shell Upload / SQL Injection

Packet storm - ons, 2014-12-17 20:33
E-Journal version 1.0 suffers from remote shell upload, privilege escalation, and remote SQL injection vulnerabilities.
Kategorier: Säkerhet

vBulletin Moderator Control Panel 4.2.2 CSRF

Packet storm - ons, 2014-12-17 20:30
The moderator control panel in vBulletin version 4.2.2 suffers from a cross site request forgery vulnerability.
Kategorier: Säkerhet

UFONet 0.4b

Packet storm - ons, 2014-12-17 20:27
UFONet is a tool designed to launch DDoS attacks against a target, using open redirection vectors on third party web applications.
Kategorier: Säkerhet

HP Security Bulletin HPSBMU03217 1

Packet storm - ons, 2014-12-17 20:27
HP Security Bulletin HPSBMU03217 1 - A potential security vulnerability has been identified with HP Vertica. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
Kategorier: Säkerhet

HP Security Bulletin HPSBOV03226 1

Packet storm - ons, 2014-12-17 20:27
HP Security Bulletin HPSBOV03226 1 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.
Kategorier: Säkerhet

HP Security Bulletin HPSBOV03225 1

Packet storm - ons, 2014-12-17 20:27
HP Security Bulletin HPSBOV03225 1 - Potential security vulnerabilities have been identified with HP OpenVMS POP. The vulnerabilities could be exploited remotely to create a server Denial of Service (DoS). Revision 1 of this advisory.
Kategorier: Säkerhet

HP Security Bulletin HPSBMU03221 1

Packet storm - ons, 2014-12-17 20:27
HP Security Bulletin HPSBMU03221 1 - A potential security vulnerability has been identified with HP Connect-IT running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
Kategorier: Säkerhet

Backdooring With Netcat Shellcode

Packet storm - ons, 2014-12-17 02:55
Whitepaper called Backdooring with netcat shellcode.
Kategorier: Säkerhet

Mediacoder 0.8.33 Build 5680 Buffer Overflow / DoS

Packet storm - ons, 2014-12-17 02:44
Mediacoder version 0.8.33 build 5680 buffer overflow proof of concept exploits that cause a denial of service.
Kategorier: Säkerhet

Jaangle 0.98i.977 Denial Of Service

Packet storm - ons, 2014-12-17 02:33
Jaangle version 0.98i.977 proof of concept denial of service exploit.
Kategorier: Säkerhet

SAP Business Objects Search Token Privilege Escalation

Packet storm - ons, 2014-12-17 01:58
By exploit a search token privilege escalation vulnerability, a remote and potentially unauthenticated attacker would be able to access or modify any information stored on the SAP BusineesObjects server. The attacker could also connect to the business systems depending on the configuration of the BO infrastructure. BusinessObjects Edge version 4.1 is affected.
Kategorier: Säkerhet