Red Hat Security Advisory 2014-1873-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process.
926fc0cc610c6630f02ce4257be003e8e729f64fc84448045e963d1964416a7aRed Hat Security Advisory 2014-1872-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. This update fixes several race conditions between PCI error recovery callbacks and potential calls of the ifup and ifdown commands in the tg3 driver. When triggered, these race conditions could cause a kernel crash.
54407e6e9d70167a75066e417334ef0ce14148e42cf5071246c5480fab521ac3This bulletin summary lists one critical bulletin and two revised bulletins for November, 2014.
4aced037c747d3df6acb8046188592f6842998bc6bb7ab3e901046c2cd2f4d04MINIX versions 3.3.0 and below remote TCP/IP stack denial of service exploit that leverages a malformed TCP option.
78ee0c01b3e508a77897e2ea4fdd9158a72765371532e2e44e2c9e95e2de9827HP Security Bulletin HPSBMU03183 2 - A potential security vulnerability has been identified with HP Server Automation and Server Automation Virtual Appliance running SSL. This is the SSLv3 vulnerability known as "POODLE" which could be exploited remotely resulting in disclosure of information. Revision 2 of this advisory.
50dd42f8950f74ed5fcdb76107b4f0688854540b1ea9bbfc9deac8b085470f94HP Security Bulletin HPSBMU03072 3 - A potential security vulnerability has been identified with HP Data Protector. This vulnerability could be remotely exploited to execute arbitrary code. Revision 3 of this advisory.
9da173f7d13011376d0325bd705cfe274d3cffca255633d7ed17afa810ba7d20Red Hat Security Advisory 2014-1870-01 - The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. Multiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server.
885638c25a72e72e94fdb8647725e8bcfa62cd8fcad0298052f24efe4e1b7425Mandriva Linux Security Advisory 2014-213 - Symeon Paraschoudis discovered that the curl_easy_duphandle() function in cURL has a bug that can lead to libcurl eventually sending off sensitive data that was not intended for sending, while performing a HTTP POST operation. This bug requires CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle() to be used in that order, and then the duplicate handle must be used to perform the HTTP POST. The curl command line tool is not affected by this problem as it does not use this sequence.
8c2f22fbf0bceec13557eb8ebed885169b49b44a5f993d69f6abfee0dd58fea5Mandriva Linux Security Advisory 2014-214 - Alban Crequy and Simon McVittie discovered several vulnerabilities On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in dbus-daemon, leading to a crash, or potentially to arbitrary code execution.
f18c3638c62248de6d67a047b0c027faf904613ac8a45ce27c1d8bbe02610f6bUbuntu Security Notice 2411-1 - Saurav Sengupta discovered that mountall incorrectly handled umask when calling the mount utility, resulting in certain filesystems possibly being mounted with incorrect permissions.
f8ef497221bf050da40793b4cf901875127827eacb1b9e2d4b7d4e5c94f0ac6eAdministrators of PHPFox can be hit by cross site scripting via malicious user agents planted in the logs.
166039ec499dbd3cdcc027d78b3c0737c34a6e0b31547ef2159dc41ac1da1b7cDAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
197a8c8d58ffb53d20d8601521070388732c1456b060f8d0da124e7982496681This Metasploit module exploits a vulnerability that exists in the KNOX security component of the Samsung Galaxy firmware that allows a remote webpage to install an APK with arbitrary permissions by abusing the 'smdm://' protocol handler registered by the KNOX component. The vulnerability has been confirmed in the Samsung Galaxy S4, S5, Note 3, and Ace 4.
03a3f71c2c2fa9fd0b119371b2d55e432974a0922073ac802b493949e3fd1f34This Metasploit module exploits a post-auth vulnerability found in MantisBT versions 1.2.0a3 up to 1.2.17 when the Import/Export plugin is installed. The vulnerable code exists on plugins/XmlImportExport/ImportXml.php, which receives user input through the "description" field and the "issuelink" attribute of an uploaded XML file and passes to preg_replace() function with the /e modifier. This allows a remote authenticated attacker to execute arbitrary PHP code on the remote machine.
48a52817bee791b7eaeae5d5e9a609d2d96fd14642c96da155fb1a16a00bf9c9fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
17d4345d3e61adaa10c443fde75200dc8279ba7180a7f5276fadd5dba3e82f11Zoph versions 0.9.1 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
54a6fe4b6e4670661d2c833d2cc62904c8db60dbd7add953a922e7c519a28313
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed