Red Hat Security Advisory 2014-0826-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module, a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user.
1006666eba505d9d0f5acae12ac479d75a26d7c23b00dc8a66b510420853c6c1Red Hat Security Advisory 2014-0825-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module, a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user.
e2cc6edd9514b524df2a0168ce14ebd379972fd2b89fdabba4b8f3035671a0dcInternet Explorer 8 fixed col span ID full ASLR, DEP, and EMET 4.1.x bypass exploit.
ff19b9e3a42f5ae1d11f835cd5bb7036e91123434822a6dd207b16ef9d8ff9efWhitepaper called 8 in 1 Tips for WordPress Security - Their Issues and Their Solutions.
9016ef901ae286aa76841dbf8787c4490fd54a4268d03e2d0673f1add41e042aRed Hat Security Advisory 2014-0821-01 - In accordance with the Red Hat Storage Server Support Life Cycle policy, the Red Hat Storage Server 2.0 offering has been retired and support will no longer be provided. Accordingly, Red Hat will not provide extended support for this product, including critical impact security patches or urgent priority bug fixes. In addition technical support through Red Hat's Global Support Services will no longer be provided.
4821166ba9c7ba9e3bb533f9ef49d0a7b3c2c196dabb2f42b70da70d0241301aRed Hat Security Advisory 2014-0820-01 - Docker is a service providing container management on Linux. It was found that the socket used to manage the Docker service was world readable and writable. A local user could use this flaw to escalate their privileges to root.
2aae0445e4af4831cd2b8a50ad33b19310f948009e5bea4f1550464798fc9068Gentoo Linux Security Advisory 201406-36 - Multiple vulnerabilities were found in OpenLDAP, allowing for Denial of Service or a man-in-the-middle attack. Versions less than 2.4.35 are affected.
42774738976bd9d080b8893ce307ab134ab715b79f71571a7a4bb8a11e479e75This archive contains all of the 127 exploits added to Packet Storm in June, 2014.
2c02e4f5eb7068baf2ad6bbbb22ced25a436d4f0acc4e7aeab31586717be6a8fEMC Documentum eRoom versions 7.4.3, 7.4.4, and 7.4.4 SP1 contain multiple cross site scripting vulnerabilities that could be potentially exploited by malicious users to compromise the affected system.
247a72186209407c85a06e462b6b60dcde44a009cb826790d560c770ab0ac935Apple Security Advisory 2014-06-30-4 - Apple TV 6.1.2 is now available and addresses heap buffer overflow, code execution, memory disclosure, and various other vulnerabilities.
0f24dfc7236cbcc68a9849d65f15771822e2fdfe75c2fffc04077b896df216bbApple Security Advisory 2014-06-30-3 - iOS 7.1.2 is now available and addresses application termination, code execution, bypass, and various other vulnerabilities.
ffa0a04fdfd176d3ad328902c2b7d49c9df8fa376648b9df26da8d010ce02b58Apple Security Advisory 2014-06-30-2 - OS X Mavericks 10.9.4 and Security Update 2014-003 are now available and address application termination, code execution, sandbox circumvention, bypass, and various other vulnerabilities.
04175ba9d75c6817a330078bf668fd8c21fb546a488235f12c20d2f985c67216Apple Security Advisory 2014-06-30-1 - Safari 6.1.5 and Safari 7.0.5 are now available and address spoofing and possible code execution vulnerabilities.
8480fad2df32047d672468ffe057aad49385b026fab1cf3c7b0e6162a82ae640This whitepaper is an introduction to security in high performance computer architecture.
4337cb70d614e077a9820aee114c0aa3a101b1836901fcfc7b8811d90e34b6dfEMC NCM versions prior to 9.3 are vulnerable to session fixation vulnerability that can be potentially exploited by malicious users to compromise the affected system.
2d16c263bb3ddf4e640c09c9c7167942962a0bbb621872e531544039be1d9572The Ultimate XSS Protection Cheat Sheet for Developers is a compilation of information available on XSS Protection from various organizations, researchers, websites, and the author's own experience.
9da5be71c2cceab610824325136d4b2dabd4ac994b7960647f2c0966354aed07This document shows you how to use asterisk to make international calls via the command line. A graphical client like Zoiper can be used additionally to verify that the endpoint number can be reached.
76fcb7059982c5b2334e9bd52b1c04048c4883be1e33bbfae0e6f9de5eba299fOCS-Inventory NG suffers from multiple stored cross site scripting vulnerabilities.
fb92e37f15c619346ed230626714d546e4ccae697148205e141593c1635b70f7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed