Securityvulns - Page 70 of Securityvulns Vulnerabilities List

securityvulns•added 2014/03/18 12:0 a.m.•34 views

oath-toolkit replay attack

Implementation bug leads to replay attack possibility...

4.9CVSS2.5AI score0.00877EPSS

securityvulns•added 2014/03/18 12:0 a.m.•32 views

imapsync information leakage

Few information leaks...

5CVSS1.2AI score0.01788EPSS

securityvulns•added 2014/03/18 12:0 a.m.•54 views

[slackware-security] samba (SSA:2014-072-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security samba SSA:2014-072-01 New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

5.8CVSS8.8AI score0.10557EPSS

securityvulns•added 2014/03/18 12:0 a.m.•50 views

[USN-2146-1] Sudo vulnerabilities

========================================================================== Ubuntu Security Notice USN-2146-1 March 13, 2014 sudo vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

6.6CVSS0.5AI score0.00338EPSS

securityvulns•added 2014/03/18 12:0 a.m.•28 views

Medium severity flaw in BlackBerry QNX Neutrino RTOS

Summary This advisory concerns the forced disclosure of 2 vulnerabilities that were previously disclosed to BlackBerry. Disclosure has been forced since these vulnerabilities have been publicly disclosed with PoC on the exploit-db web site. Two local privilege escalation vulnerabilities have been...

securityvulns•added 2014/03/18 12:0 a.m.•86 views

Microsoft Internet Explorer multiple security vulnerabilities

Multiple memory corruptions...

9.3CVSS2AI score0.85239EPSS

Exploits40Affected Software1

securityvulns•added 2014/03/18 12:0 a.m.•35 views

Samba restrictions bypass

Few restriction bypass vulnerabilities...

5.8CVSS2.5AI score0.10557EPSS

securityvulns•added 2014/03/18 12:0 a.m.•37 views

FreeType memory corruption

Few different memory corruptions...

7.5CVSS2.1AI score0.06224EPSS

Exploits3References1

securityvulns•added 2014/03/18 12:0 a.m.•73 views

[USN-2148-1] FreeType vulnerabilities

========================================================================== Ubuntu Security Notice USN-2148-1 March 17, 2014 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS0.5AI score0.06224EPSS

Exploits3

securityvulns•added 2014/03/18 12:0 a.m.•42 views

exploit for old rlpdaemon bug

!/opt/perl5/bin/perl -w HP-UX rlpdaemon local exploit Bulletin HPSBUX0111-176 November 2001 For use only on machines where you have legitimate root. This attempts to add junk including "localhost +" to /.rhosts. Obvious variants could include /etc/passwd. use IO::Socket; $PORT = 9000; pick...

1.4AI score

securityvulns•added 2014/03/18 12:0 a.m.•26 views

x2goserver privilege escalation

Relative path is used to execute application...

7.5CVSS3.1AI score0.02748EPSS

Exploits0References1

securityvulns•added 2014/03/18 12:0 a.m.•120 views

MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service

MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service http://cxsecurity.com/ YouTube Kaspersky PoC: https://www.youtube.com/watch?v=joa9IS7U90 ---- 0. Where is the problem? ---- Some time ago I have reported vulnerabilities in regcomp in BSD implementation CVE-2011-3336 and GNU li...

5CVSS7.6AI score0.51298EPSS

Exploits14

securityvulns•added 2014/03/18 12:0 a.m.•52 views

GNU libc regcomp buffer overflow / resources exhaustion

Resources exhaustion and buffer overflow on regular expressions like ".10,10,10,10,10,"...

5CVSS4AI score0.51298EPSS

Exploits13References2

securityvulns•added 2014/03/18 12:0 a.m.•82 views

NCC00596 Technical Advisory: iOS 7 arbitrary code execution in kernel mode

...................................... Vulnerability Summary ...................................... Title iOS 7 arbitrary code execution in kernel mode Release Date 14 March 2014 Reference NGS00596 Discoverer Andy Davis Vendor Apple Vendor Reference 600217059 Systems Affected iPhone 4 and later,...

7.2CVSS0.2AI score0.01108EPSS

Exploits5

securityvulns•added 2014/03/18 12:0 a.m.•31 views

BlackBerry QNX Neutrino RTOS privilege escalation

Privilege escalation via ifwatchd and ppoectl...

4.3AI score

Exploits0References2Affected Software1

securityvulns•added 2014/03/18 12:0 a.m.•71 views

[ MDVSA-2014:060 ] imapsync

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:060 http://www.mandriva.com/en/support/security/ Package : imapsync Date : March 14, 2014 Affected: Business Server 1.0 Problem Description: Updated imapsync package fixes security vulnerabilities: Imapsync,...

5CVSS5.8AI score0.01788EPSS

securityvulns•added 2014/03/13 12:0 a.m.•43 views

mutt buffer overflow

Buffer overflow on headers parsing...

5CVSS4.1AI score0.05155EPSS

securityvulns•added 2014/03/13 12:0 a.m.•53 views

[USN-2143-1] cups-filters vulnerabilities

========================================================================== Ubuntu Security Notice USN-2143-1 March 12, 2014 cups-filters vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

6.8CVSS1.7AI score0.03429EPSS

securityvulns•added 2014/03/13 12:0 a.m.•42 views

cups multiple security vulnerabilities

Memory corruptions, code execution in urftopdf, pdftoopvp...

6.8CVSS2.8AI score0.03429EPSS

Exploits2References1Affected Software1

securityvulns•added 2014/03/13 12:0 a.m.•61 views

[slackware-security] udisks, udisks2 (SSA:2014-070-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security udisks, udisks2 SSA:2014-070-01 New udisks and udisks2 packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

6.9CVSS7.7AI score0.0043EPSS

securityvulns•added 2014/03/13 12:0 a.m.•65 views

[SECURITY] [DSA 2873-1] file security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2873-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 11, 2014 http://www.debian.org/security/faq -...

4.3CVSS0.3AI score0.04318EPSS

securityvulns•added 2014/03/13 12:0 a.m.•22 views

Apple TV multiple security vulnerabilities

Symbolic links vulnerability, root certificates problems, protection bypass, DoS, privilege escalation, memory corruption, information leakage, code execution...

2.7AI score

securityvulns•added 2014/03/13 12:0 a.m.•38 views

libssh PRNG attacks

It may be possible to discover PRNG state...

1.9CVSS1.5AI score0.00356EPSS

securityvulns•added 2014/03/13 12:0 a.m.•41 views

GnuTLS certificate validation bypass

Invalid error handling...

5.8CVSS1.6AI score0.29958EPSS

securityvulns•added 2014/03/13 12:0 a.m.•114 views

[ MDVSA-2014:048 ] gnutls

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:048 http://www.mandriva.com/en/support/security/ Package : gnutls Date : March 10, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated gnutls packages fix security...

5.8CVSS6.6AI score0.29958EPSS

securityvulns•added 2014/03/13 12:0 a.m.•70 views

[USN-2145-1] libssh vulnerability

========================================================================== Ubuntu Security Notice USN-2145-1 March 12, 2014 libssh vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

1.9CVSS0.1AI score0.00356EPSS

securityvulns•added 2014/03/13 12:0 a.m.•66 views

AST-2014-003: Remote Crash Vulnerability in PJSIP channel driver

Asterisk Project Security Advisory - AST-2014-003 Product Asterisk Summary Remote Crash Vulnerability in PJSIP channel driver Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On January 29, 2014 Reported By Joshua Col...

4.3CVSS0.4AI score0.04315EPSS

securityvulns•added 2014/03/13 12:0 a.m.•38 views

udisk buffer overflow

Buffer overflow on oversized mountpoint filname...

6.9CVSS4.4AI score0.0043EPSS

securityvulns•added 2014/03/13 12:0 a.m.•48 views

[ MDVSA-2014:050 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:050 http://www.mandriva.com/en/support/security/ Package : wireshark Date : March 10, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was found and...

9.3CVSS7.8AI score0.47143EPSS

Exploits10

securityvulns•added 2014/03/13 12:0 a.m.•38 views

Wireshark multiple security vulnerabilities

DoS in NFS and RLC dissectors, buffer overflow on MPEG parsing...

9.3CVSS4.1AI score0.47143EPSS

Exploits10References1Affected Software1

securityvulns•added 2014/03/13 12:0 a.m.•60 views

AST-2014-004: Remote Crash Vulnerability in PJSIP Channel Driver Subscription Handling

Asterisk Project Security Advisory - AST-2014-004 Product Asterisk Summary Remote Crash Vulnerability in PJSIP Channel Driver Subscription Handling Nature of Advisory Denial of Service Susceptibility Remote Authenticated Sessions Severity Moderate Exploits Known No Reported On January 14th, 2014...

3.5CVSS0.3AI score0.02162EPSS

securityvulns•added 2014/03/13 12:0 a.m.•96 views

APPLE-SA-2014-03-10-1 iOS 7.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-03-10-1 iOS 7.1 iOS 7.1 is now available and addresses the following: Backup Available for: iPhone 4 and later, iPod touch 5th generation and later, iPad 2 and later Impact: A maliciously crafted backup can alter the filesystem...

8.8CVSS0.1AI score0.10117EPSS

Exploits13

securityvulns•added 2014/03/13 12:0 a.m.•103 views

APPLE-SA-2014-03-10-2 Apple TV 6.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-03-10-2 Apple TV 6.1 Apple TV 6.1 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker with access to an Apple TV may access sensitive user information from logs...

7.8CVSS8.2AI score0.10117EPSS

Exploits9

securityvulns•added 2014/03/13 12:0 a.m.•43 views

Asterisk multiple security vulnerabilities

Buffer overflow, DoS...

7.5CVSS2.7AI score0.16262EPSS

Exploits2References4Affected Software1

securityvulns•added 2014/03/13 12:0 a.m.•131 views

[SECURITY] [DSA 2874-1] mutt security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2874-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 12, 2014 http://www.debian.org/security/faq -...

5CVSS1.9AI score0.05155EPSS

securityvulns•added 2014/03/13 12:0 a.m.•56 views

AST-2014-001: Stack Overflow in HTTP Processing of Cookie Headers.

Asterisk Project Security Advisory - AST-2014-001 Product Asterisk Summary Stack Overflow in HTTP Processing of Cookie Headers. Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On February 21, 2014 Reported By Lucas...

7.5CVSS0.4AI score0.16262EPSS

securityvulns•added 2014/03/13 12:0 a.m.•63 views

AST-2014-002: Denial of Service Through File Descriptor Exhaustion with chan_sip Session-Timers

Asterisk Project Security Advisory - AST-2014-002 Product Asterisk Summary Denial of Service Through File Descriptor Exhaustion with chansip Session-Timers Nature of Advisory Denial of Service Susceptibility Remote Authenticated or Anonymous Sessions Severity Moderate Exploits Known No Reported O...

3.5CVSS1.3AI score0.02444EPSS

securityvulns•added 2014/03/13 12:0 a.m.•98 views

USN-2126-1] PHP vulnerabilities

========================================================================== Ubuntu Security Notice USN-2126-1 March 03, 2014 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

6.8CVSS0.4AI score0.06732EPSS

Exploits3

securityvulns•added 2014/03/03 12:0 a.m.•59 views

[security bulletin] HPSBMU02971 rev.1 - HP Application Information Optimizer, Remote Execution of Code, Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04140965 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04140965 Version: 1 HPSBMU02971 rev....

7.5CVSS0.7AI score0.05536EPSS

securityvulns•added 2014/03/03 12:0 a.m.•57 views

Post Exploitation - Getting username and password in the Lotus Sametime 8.5.1

Exploit Title: Post Exploitation - Getting username and password in the Lotus Sametime 8.5.1 Google Dork: n/a Date: 18/02/2014 Exploit Author: Adriano Marcio Monteiro [email protected] Vendor Homepage: http://www.ibm.com/us/en/ Software Link:...

0.3AI score

securityvulns•added 2014/03/03 12:0 a.m.•33 views

libtar directory traversal

Directory traversal via filename...

5.8CVSS4.6AI score0.03277EPSS

securityvulns•added 2014/03/03 12:0 a.m.•48 views

[ MDVSA-2014:045 ] libtar

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:045 http://www.mandriva.com/en/support/security/ Package : libtar Date : February 20, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A directory traversal attack was reported...

5.8CVSS6.8AI score0.03277EPSS

securityvulns•added 2014/03/03 12:0 a.m.•26 views

IBM Lotus SameTime information leakage

Username and password are logged to file...

1.4AI score

securityvulns•added 2014/03/03 12:0 a.m.•25 views

HP Application Information Optimizer security vulnerabilities

Code execution, information disclosure...

7.5CVSS1.3AI score0.05536EPSS

Exploits2References1Affected Software1

securityvulns•added 2014/03/03 12:0 a.m.•46 views

HP Operations Orchestration security vulnerabilities

XSS, CSRF, unauthorized access...

6.8CVSS2.1AI score0.06501EPSS

Exploits3References2Affected Software1

securityvulns•added 2014/03/03 12:0 a.m.•29 views

HP StoreVirtual code execution

No description provided...

10CVSS1.1AI score0.10436EPSS

securityvulns•added 2014/03/03 12:0 a.m.•21 views

McAfee ePolicy Orchestrator information leakage

Information leakage via XML include...

2.6AI score

Exploits0References1

securityvulns•added 2014/03/03 12:0 a.m.•66 views

[RT-SA-2014-001] McAfee ePolicy Orchestrator: XML External Entity Expansion in Dashboard

Advisory: McAfee ePolicy Orchestrator XML External Entity Expansion in Dashboard RedTeam Pentesting identified an XML external entity expansion vulnerability in McAfee ePolicy Orchestrator's ePO dashboard feature. Users with the ability to create new dashboards in the ePO web interface who exploi...

6.2AI score

securityvulns•added 2014/03/03 12:0 a.m.•59 views

[security bulletin] HPSBST02937 rev.1 - HP StoreVirtual 4000 and StoreVirtual VSA Software dbd_manager, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03995204 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03995204 Version: 1 HPSBST02937 rev....

10CVSS0.8AI score0.10436EPSS