Kernel: netdevice.h: NULL pointer dereference over VxLAN

A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an...

Kernel: netdevice.h: NULL pointer dereference over VxLAN

A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update

Updated openstack-neutron packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A...

Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update

Updated openstack-neutron packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A...

Samsung To Pay $2.3 Million Fine for Deceiving the U.S. Government

The United States division of Samsung has been charged with deceiving the US government into believing that several of its products met the necessary US government policies, resulting in the US government buying unauthorised Chinese-made electronics. The South Korean electronics giant has agreed ...

Cisco IOS XE mDNS Manipulation (CSCun64867)

According to its self-reported version, the remote IOS XE device is affected by a manipulation vulnerability. A flaw exists due to unconstrained autonomic networking with mDNS multicast Domain Name System. This could allow a remote attacker to read or overwrite autonomic networking services...

Black Hat 2014: Multipath TCP Introduces Security Blind Spot

If multipath TCP is the next big thing to bring resilience and efficiency to networking, then there are some serious security issues to address before it goes mainstream. MPTCP is an extension to the Internet’s primary communication protocol. It allows a TCP session to move over multiple...

Instasheep — Instagram Account Hacking Tool Released

Two days ago, we reported at The Hacker News about a critical issue in the most popular image and video sharing service, Instagram app for mobiles, that allows an attacker to hijack users’ account and successfully access private photos, delete victim's photos, edit comments and also post new...

Oxwall 1.7.0 - Remote Code Execution Exploit

No description provided by source. !/usr/bin/env python Oxwall 1.7.0 Remote Code Execution Exploit Vendor: Oxwall Software Foundation Product web page: http://www.oxwall.org Affected version: 1.7.0 build 7907 and 7906 Summary: Oxwall is unbelievably flexible and easy to use PHP/MySQL social...

Oxwall 1.7.0 - Remote Code Execution

Oxwall 1.7.0 - Remote Code Execution !/usr/bin/env python Oxwall 1.7.0 Remote Code Execution Exploit Vendor: Oxwall Software Foundation Product web page: http://www.oxwall.org Affected version: 1.7.0 build 7907 and 7906 Summary: Oxwall is unbelievably flexible and easy to use PHP/MySQL social...

Oxwall 1.7.0 - Remote Code Execution

!/usr/bin/env python Oxwall 1.7.0 Remote Code Execution Exploit Vendor: Oxwall Software Foundation Product web page: http://www.oxwall.org Affected version: 1.7.0 build 7907 and 7906 Summary: Oxwall is unbelievably flexible and easy to use PHP/MySQL social networking software platform. Desc: Oxwa...

Oxwall 1.7.0 - Multiple Cross-Site Request Forgery HTML Injection Vulnerabilities

Oxwall 1.7.0 - Multiple Cross-Site Request Forgery HTML Injection Vulnerabilities Oxwall 1.7.0 Multiple CSRF And Stored XSS Vulnerabilities form action="http://192.168.0.105/admin/users/roles/" method="...

Oxwall 1.7.0 Remote Code Execution Exploit

Summary Oxwall is unbelievably flexible and easy to use PHP/MySQL social networking software platform. Description Oxwall suffers from an authenticated arbitrary PHP code execution. The vulnerability is caused due to the improper verification of uploaded files in '/admin/settings/user' script thr...

Oxwall 1.7.0 Remote Code Execution

!/usr/bin/env python Oxwall 1.7.0 Remote Code Execution Exploit Vendor: Oxwall Software Foundation Product web page: http://www.oxwall.org Affected version: 1.7.0 build 7907 and 7906 Summary: Oxwall is unbelievably flexible and easy to use PHP/MySQL social networking software platform. Desc: Oxwa...

AIX Java Advisory : java_jan2014_advisory.asc

The version of Java SDK installed on the remote host is potentially affected by the following vulnerabilities : - Vulnerabilities in Oracle Java allow a remote attacker to bypass security features through flaws in XML document parsing. CVE-2013-5878, CVE-2013-5910 - An information disclosure flaw...

CVE-2014-4971

Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to 1 the MQAC.sys driver in the MQ Access Control subsystem...

Memory corruption

Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to 1 the MQAC.sys driver in the MQ Access Control subsystem...

CVE-2014-4971

CVE-2014-4971 affects Microsoft Windows XP SP3 and relates to two drivers: MQAC.sys in the MQ Access Control subsystem and BthPan.sys in Bluetooth PAN. The vulnerability arises because certain IRP/IOCTL handling does not validate addresses, enabling local attackers to write to arbitrary memory lo...

CVE-2014-4971

Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to 1 the MQAC.sys driver in the MQ Access Control subsystem...