what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 524 RSS Feed

Files

Debian Security Advisory 2613-1
Posted Jan 31, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2613-1 - Lawrence Pit discovered that Ruby on Rails, a web development framework, is vulnerable to a flaw in the parsing of JSON to YAML. Using a specially crafted payload attackers can trick the backend into decoding a subset of YAML.

tags | advisory, web, ruby
systems | linux, debian
advisories | CVE-2013-0333
SHA-256 | 5d302711fe7085a3a57416acfd4e867f6659113869e1eb15bbdb43a3f5cf667f
Ubuntu Security Notice USN-1713-1
Posted Jan 31, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1713-1 - It was discovered that squid's cachemgr.cgi was vulnerable to excessive resource use. A remote attacker could exploit this flaw to perform a denial of service attack on the server and other hosted services. It was discovered that the patch for CVE-2012-5643 was incorrect. A remote attacker could exploit this flaw to perform a denial of service attack.

tags | advisory, remote, denial of service, cgi
systems | linux, ubuntu
advisories | CVE-2012-5643, CVE-2013-0189, CVE-2012-5643, CVE-2013-0189
SHA-256 | 9d97517571b73923a15aeb84a647627412eb894f960c5b3782a66d7f74189a9d
Red Hat Security Advisory 2013-0207-01
Posted Jan 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0207-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. The GUI installer created a world-readable auto-install XML file containing both the JBoss Enterprise Web Platform administrator password and the sucker password for the selected messaging system in plain text. A local user able to access the directory where the GUI installer for JBoss Enterprise Web Platform 5.1.2 was run could use this flaw to gain administrative access to the JBoss Enterprise Web Platform instance.

tags | advisory, java, web, local
systems | linux, redhat
advisories | CVE-2013-0218
SHA-256 | d18964493095b0d32a7ae3cdadef21d3dfadaa904bbab54125baf24804ca0654
Red Hat Security Advisory 2013-0209-01
Posted Jan 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0209-01 - These packages provide a service that acts as a registry for virtual machine images. It was found that when the OpenStack Glance front-end communicated with an OpenStack Swift endpoint, the operator credentials could be logged in plain text when certain errors occurred during new image creation. An authenticated user could use this flaw to gain administrative access to an OpenStack Swift endpoint. This issue was discovered by Dan Prince of Red Hat.

tags | advisory, registry
systems | linux, redhat
advisories | CVE-2013-0212
SHA-256 | ba4d3ac81d1773f1bd03e0efea6e41920e0db7f02055379d11726b0c89f6dae9
Red Hat Security Advisory 2013-0210-01
Posted Jan 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0210-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Red Hat will discontinue the extended subscription services provided through the Extended Lifecycle Support Add-On for Red Hat Enterprise Linux 3 on January 30, 2014. After that date, critical impact security fixes and urgent-priority bug fixes will no longer be available for the following products: Red Hat Enterprise Linux AS 3 Red Hat Enterprise Linux ES 3 After January 30, 2014, technical support through Red Hat’s Global Support Services will no longer be provided for these products.

tags | advisory
systems | linux, redhat
SHA-256 | 3b61fe792e07273b0c163c336f85fe8df1067073972041076d8059d62a1fe81b
Red Hat Security Advisory 2013-0206-01
Posted Jan 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0206-01 - JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. The GUI installer created a world-readable auto-install XML file containing both the JBoss Enterprise Application Platform administrator password and the sucker password for the selected messaging system in plain text. A local user able to access the directory where the GUI installer for JBoss Enterprise Application Platform 5.1.2 was run could use this flaw to gain administrative access to the JBoss Enterprise Application Platform instance.

tags | advisory, java, local
systems | linux, redhat
advisories | CVE-2013-0218
SHA-256 | 5a6f1e25dd8eaf6d992d5b079773d94c8cf686e12c544acc055b5ea88689cef0
Red Hat Security Advisory 2013-0208-01
Posted Jan 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0208-01 - The openstack-nova packages provide OpenStack Compute, a cloud computing fabric controller. The openstack-nova packages have been upgraded to upstream version 2012.2.2, which provides a number of bug fixes over the previous version. This update also fixes the following security issues: It was found that the boot-from-volume feature in nova-volume did not correctly validate if the user attempting to boot an image was permitted to do so. An authenticated user could use this flaw to bypass intended restrictions, allowing them to boot images they would otherwise not have access to, exposing data stored in other users' images. This issue did not affect configurations using the Cinder block storage mechanism, which is the default in Red Hat OpenStack.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-5625, CVE-2013-0208
SHA-256 | 5fd88f6598b40a559cd20867e3debfeaa0cd71227c88be7a409d9824869f3f9b
Ubuntu Security Notice USN-1712-1
Posted Jan 31, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1712-1 - It was discovered that Inkscape incorrectly handled XML external entities in SVG files. If a user were tricked into opening a specially-crafted SVG file, Inkscape could possibly include external files in drawings, resulting in information disclosure. It was discovered that Inkscape attempted to open certain files from the /tmp directory instead of the current directory. A local attacker could trick a user into opening a different file than the one that was intended. This issue only applied to Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10. Various other issues were also addressed.

tags | advisory, local, info disclosure, xxe
systems | linux, ubuntu
advisories | CVE-2012-5656, CVE-2012-6076, CVE-2012-5656, CVE-2012-6076
SHA-256 | ad9711511dcca224388d073b2dfe23803a095bc6b5187c2009d479f41de3f37d
Secunia Security Advisory 51925
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Marcela Benetrix has discovered a vulnerability in the WordPress Poll plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 86b3e6752d4345a217662b4aee9ed7f869b7efe172dd6bd483c3c12d09653f63
Secunia Security Advisory 51968
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 3fec122c7fcae1aab5bdb14657e244284b78be0042862006b82e773f8758cdba
Secunia Security Advisory 51998
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been discovered in the Simple History plugin for WordPress, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 0fcb85de2ee4a307f52b85d3d0276620c4cd9bdc5b1c75ee8fa35e87096f8c83
Secunia Security Advisory 51942
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the WordPress Poll plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | eeed45a8aaf6223c1d99c43114f2609acdaceb563394f7e61ac5b82a0bdeb1f5
Secunia Security Advisory 51948
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IRCD-Hybrid, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | a06d1c718d7bfaf3f8642e80e8357f8dd499f731fc2068b4af3699e17fbd2780
Secunia Security Advisory 52000
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libvirt. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
SHA-256 | 86e9db081f1c94c76c6a0731718f051b30592cb22281af6297706c40a90cee8b
Secunia Security Advisory 51995
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VLC Media Player, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | 618aa92189b66698d6689f8dd82f4f1c9f0e97da7c5c42d6762b7ea362b77841
Secunia Security Advisory 52022
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM InfoSphere Information Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 1ea85eb44120fcd015fff882dbe999308436eea270eb510446ec0dff97971453
Secunia Security Advisory 51985
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM InfoSphere Information Server, which can be exploited by malicious, local user to disclose potentially sensitive information and gain escalated privileges, by malicious users to bypass certain security restrictions, and by malicious people to conduct spoofing and cross-site scripting attacks and compromise a vulnerable system.

tags | advisory, local, spoof, vulnerability, xss
SHA-256 | c3b0c0d79d4689b12e198abf5c51be35cc91aac47d1c3f6600f1efd936fb4aac
Secunia Security Advisory 51994
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Samba, which can be exploited by malicious people to conduct clickjacking attacks.

tags | advisory
SHA-256 | fd6c28f4de0555c0fa9628bc10a9fdf1149dc46710eca0e4287243b0e9cd5047
Secunia Security Advisory 52005
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Opera, where one has an unknown impact and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | efb0b6a017ec738651945877a252732cf494cf7450ca0eeef93c1523eba9ceb4
Secunia Security Advisory 51963
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OpenStack Compute (Nova), which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | d1fb75ae5ee03b646b1a40f73a2c83e96ab966aff07a037d55e941bd653dcf71
Secunia Security Advisory 51957
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in OpenStack Glance, which can be exploited by malicious users to disclose certain sensitive information.

tags | advisory
SHA-256 | d195cab1c87683b0b9cc0780306e9168af641b1309149fe15c203dac2c2a494a
Secunia Security Advisory 52016
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Network Admission Control (NAC), which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | cisco
SHA-256 | 135721bf3e34ddf0c4250ec71184035bdffc684e52b2fd671b2cf91e6a3da83a
Secunia Security Advisory 51916
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Devise, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 7605afa185b3b32de15c4b7bd34672efb9c225492d7d2194ecafd32bfcd56729
Secunia Security Advisory 52020
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in IBM InfoSphere Information Server, which can be exploited by malicious users and malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | ded32fbf0d2969ae95255a5d58eaae6bae15b71673616bd8305b9878be491302
Secunia Security Advisory 51990
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for glance. This fixes a security issue, which can be exploited by malicious users to disclose certain sensitive information.

tags | advisory
systems | linux, ubuntu
SHA-256 | 89df66098da553fc08d571bf414a09c939e380ef9367b62fd4ac1661db2d3514
Page 1 of 21
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
US Senators Propose Law To Require Bare Minimum Security Standards
Posted Nov 27, 2024

tags | headline, government, usa, password
Telco Engineer Who Spied On Employer For Beijing Gets 4 Years
Posted Nov 27, 2024

tags | headline, government, privacy, usa, phone, china, cyberwar, spyware, voip
New York Fines GEICO And Travelers $11.3 Million In Data Breach Cases
Posted Nov 27, 2024

tags | headline, hacker, government, privacy, usa, data loss
ProjectSend Vulnerability Exploited In The Wild
Posted Nov 27, 2024

tags | headline, hacker, flaw
CyberVolk Analysis Explores Ransomware, Hacktivism Connections
Posted Nov 27, 2024

tags | headline, hacker, malware, russia, cybercrime, cryptography
Russian Cyberspies Hacked Building Across Street From Target For W-Fi Attack
Posted Nov 25, 2024

tags | headline, hacker, government, russia, wireless, spyware
Cyberattacks Cost British Businesses $55 Billion In Past 5 Years
Posted Nov 25, 2024

tags | headline, malware, britain, cybercrime, fraud, cryptography
How The ZX Spectrum Became A 1980s Icon
Posted Nov 25, 2024

tags | headline, science
China Has Pwned Thousands And Thousands Of Telco Devices
Posted Nov 25, 2024

tags | headline, government, privacy, usa, china, cyberwar, spyware
Here's What Happens If You Don't Layer Network Security Or Remove Unused Web Shells
Posted Nov 22, 2024

tags | headline, government, privacy, cybercrime, data loss, japan
View More News →
packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close