Home News Feeds Linux Security Advisories - Packet Storm Security
Security News Feeds
Advisory Files ≈ Packet Storm
Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers

Packet Storm
  • Debian Security Advisory 2384-2
    Debian Linux Security Advisory 2384-2 - It was discovered that the last security update for cacti, DSA-2384-1, introduced a regression in lenny.

  • Secunia Security Advisory 47843
    Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.

  • Secunia Security Advisory 47856
    Secunia Security Advisory - A vulnerability with an unknown impact has been reported in Skype.

  • Secunia Security Advisory 47859
    Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges.

  • Secunia Security Advisory 47851
    Secunia Security Advisory - A vulnerability has been reported in the Forward module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.

  • Secunia Security Advisory 47806
    Secunia Security Advisory - A vulnerability has been reported in PHP, which can be exploited by malicious people to compromise a vulnerable system.

  • Secunia Security Advisory 47846
    Secunia Security Advisory - Red Hat has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

  • Secunia Security Advisory 47817
    Secunia Security Advisory - Red Hat has issued an update for ghostscript. This fixes a security issue and some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.

  • Secunia Security Advisory 47813
    Secunia Security Advisory - Red Hat has issued an update for php53. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

  • Secunia Security Advisory 47847
    Secunia Security Advisory - A weakness and two vulnerabilities have been reported in Joomla!, which can be exploited by malicious users and malicious people to disclose sensitive information.

  • Secunia Security Advisory 47849
    Secunia Security Advisory - Sony has discovered multiple vulnerabilities in Foswiki, which can be exploited by malicious users to conduct script insertion attacks.

  • Secunia Security Advisory 47824
    Secunia Security Advisory - Red Hat has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

  • Secunia Security Advisory 47801
    Secunia Security Advisory - Debian has issued an update for php5. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

  • Secunia Security Advisory 47870
    Secunia Security Advisory - A vulnerability has been discovered in the WP-RecentComments plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

  • Secunia Security Advisory 47788
    Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

  • Secunia Security Advisory 47794
    Secunia Security Advisory - Debian has issued an update for tomcat6. This fixes multiple weakness, two security issues, and multiple vulnerabilities, which can be exploited by malicious, local users and malicious people to disclose sensitive information, bypass certain security restrictions, or cause a DoS (Denial of Service).

  • Mandriva Linux Security Advisory 2012-013
    Mandriva Linux Security Advisory 2012-013 - Security issues were identified and fixed in mozilla firefox and thunderbird. Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes. Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages. Various other issues were also addressed.

  • Ubuntu Security Notice USN-1355-1
    Ubuntu Security Notice 1355-1 - It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.

  • Ubuntu Security Notice USN-1355-2
    Ubuntu Security Notice 1355-2 - USN-1355-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko package for use with the latest Firefox. It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.

  • Ubuntu Security Notice USN-1355-3
    Ubuntu Security Notice 1355-3 - USN-1355-1 fixed vulnerabilities in Firefox. This update provides updated ubufox and webfav packages for use with the latest Firefox. It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.

  • EMC Documentum xPlore Information Disclosure
    EMC Documentum xPlore contains an information disclosure vulnerability that may allow unauthorized users, under certain circumstances, to see certain information on protected objects in an xPlore search result. They will not, however, be allowed to view the objects themselves, or any associated content. Versions 1.0, 1.1 and 1.2 are affected.

  • HP Security Bulletin HPSBGN02740 SSRT100741
    HP Security Bulletin HPSBGN02740 SSRT100741 - A potential security vulnerability has been identified with HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, and Performance Manager. The vulnerability can be remotely exploited to execute arbitrary code. Revision 1 of this advisory.

  • Debian Security Advisory 2403-1
    Debian Linux Security Advisory 2403-1 - Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.

  • Secunia Security Advisory 47868
    Secunia Security Advisory - HP has acknowledged a vulnerability in multiple HP products, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

  • Secunia Security Advisory 47842
    Secunia Security Advisory - Two vulnerabilities have been reported in the RTG Files extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.



Copyright © 2012 ASG - Antihack Security Groups. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.
  

Related Content

Featured Links:
McAfee Site Advisor

Content by Google