what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2015-02-10

Microsoft Security Bulletin Revision Increment For February, 2015
Posted Feb 10, 2015
Site microsoft.com

This bulletin summary lists one bulletin that has undergone a major revision increment for February, 2015.

tags | advisory
SHA-256 | 8992a2b84787e8c3a6af5e9bb3ded639ae6589f4b29cff6b2f4be516154a16a8
Microsoft Security Bulletin Summary For February, 2015
Posted Feb 10, 2015
Site microsoft.com

This bulletin summary lists nine released Microsoft security bulletins for February, 2015.

tags | advisory
SHA-256 | 5c7a8410702470e17dce26624265cd4761b0f7bdd3cbced18d05cbd4fda22978
Achat 0.150 beta7 Buffer Overflow
Posted Feb 10, 2015
Authored by Peter Kasza, Balazs Bucsay | Site metasploit.com

This Metasploit module exploits a unicode SEH-based stack buffer overflow in Achat version 0.150. By sending a crafted message to the default port 9256 it's possible to overwrites the SEH handler. Even when the exploit is reliable it depends of timing since there are two threads overflowing the stack in the same time. This Metasploit module has been tested on Windows XP SP3 and Windows 7.

tags | exploit, overflow
systems | windows
SHA-256 | 875859bfca563dbdc2831b10feb2e378f857c14faab6ceb6ef8decc4e8cf734a
IBM Endpoint Manager 9.1.x / 9.2.x Cross Site Scripting
Posted Feb 10, 2015
Site redteam-pentesting.de

During a penetration test, RedTeam Pentesting discovered that the IBM Endpoint Manager Relay Diagnostics page allows anybody to persistently store HTML and JavaScript code that is executed when the page is opened in a browser. Affected versions include 9.1.x versions earlier than 9.1.1229 and 9.2.x versions earlier than 9.2.1.48.

tags | exploit, javascript
advisories | CVE-2014-6137
SHA-256 | e07f2874cfcbff3e7623bda4946508578bc74d18987c825b4760bf2b1841eb30
Mandriva Linux Security Advisory 2015-043
Posted Feb 10, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-043 - An attacker with valid OTRS credentials could access and manipulate ticket data of other users via the GenericInterface, if a ticket webservice is configured and not additionally secured.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-9324
SHA-256 | 78c4ebc355ef57a8f65bf66a10f4072a53a151e9a0b9ff461469d27a4cbf76e1
Mandriva Linux Security Advisory 2015-042
Posted Feb 10, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-042 - ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team. Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team. Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab. Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-9328
SHA-256 | 0f31768a032aa445bf6c6645b079c10c5d92c4d4313198bf0e21aab63085c11c
Mandriva Linux Security Advisory 2015-041
Posted Feb 10, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-041 - Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any remotely-controlled user input, this issue can cause a denial-of-service.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-9556
SHA-256 | 57c01618d2a6be2bd2138ee390169ed9153232eb1539290e84b9d7a0e8d12ac7
Mandriva Linux Security Advisory 2015-040
Posted Feb 10, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-040 - Robert Scheck discovered a flaw in Zarafa WebAccess >= 7.0.0 and Zarafa WebApp that could allow a remote unauthenticated attacker to exhaust the disk space of /tmp. This update also adds some patches from Robert Scheck which correct some packaging issues with zarafa-webaccess.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2014-9465
SHA-256 | aacd5843699be6279756f6f8c44982c115706fb7f6481e02dd3bc3448b5d4785
HP Security Bulletin HPSBMU03246 1
Posted Feb 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03246 1 - Potential security vulnerabilities have been identified with HP Insight Control for Linux Central Management Server Pre-boot Execution Environment that could be exploited remotely resulting in Denial of Service (DoS), disclosure of information, and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-7196
SHA-256 | 3bc364eb213e9861d4e21588302ac46a9d28eaf2ef45b15cfb72ed924b71144e
HP Security Bulletin HPSBMU03245 1
Posted Feb 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03245 1 - Potential security vulnerabilities have been identified with HP Insight Control server deployment Linux Preboot Execution Environment that could be exploited remotely resulting in Denial of Service (DoS), disclosure of information, and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 547a09874ba71ce03f8459976cd14cc2cb14970581a4d419a52cee64bf714d9e
HP Security Bulletin HPSBGN03255 1
Posted Feb 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03255 1 - Several potential security vulnerabilities have been identified with HP OpenCall Media Platform running SSLv3. This is the SSLv3 vulnerabilities known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in Denial of Service (DoS) or disclosure of information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2014-3566
SHA-256 | f2b9a90ebb67798177f91b2d0c370b76d7db5f14619c8f3162133182a127cace
Mandriva Linux Security Advisory 2015-039
Posted Feb 10, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-039 - Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the gethostbyname2 function, aka GHOST. The updated packages have been patched to correct this issue.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2015-0235
SHA-256 | 2988cae9f4b2d9755cd45cfb07efe524d20a846420d827788fb6e9e8e45bb1e7
HP Security Bulletin HPSBGN03251 1
Posted Feb 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03251 1 - A potential security vulnerability has been identified with HP Storage Essentials running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | 10af1ed449f81c7e58c6aeb307faadea54c58656e074d67d774a15052f1b4da1
Debian Security Advisory 3158-1
Posted Feb 10, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3158-1 - Michal Zalewski and Hanno Boeck discovered several vulnerabilities in unrtf, a RTF to other formats converter, leading to a denial of service (application crash) or, potentially, the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2014-9274, CVE-2014-9275
SHA-256 | e7ffea3953e1dd2cdc9a1a309206ca36dd28a81db5cfb0aa901b611d4af86a5a
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close