The Cisco ASA VPN Portal password recovery page suffers from a cross site scripting vulnerability.
eb2aac6086f4bb061f2a2742410500a3e2ba73666fb36027d37e43f8e424ecfc
Ubuntu Security Notice 2901-1 - It was discovered that xdelta3 incorrectly handled certain files. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could use this issue to cause xdelta3 to crash, resulting in a denial of service, or possibly execute arbitrary code.
e00c2248b4bed3be1d356b36510c913e8a3573fd9c0cdc8d71c64adfb13c121a
Ubuntu Security Notice 2902-1 - Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
4ecb16d84a83cc63b11ddbf287df3bdab9b45a54ffb4113420c9511004c21441
Gentoo Linux Security Advisory 201602-2 - Multiple vulnerabilities have been found in the GNU C library, the worst allowing for remote execution of arbitrary code. Versions less than 2.21-r2 are affected.
7fb31d7914b4d8d365ed0e55052ae4ab9788d37ba1146e4a9261c90a46a215e4
Ubuntu Security Notice 2903-1 - Hanno Boeck discovered that NSS incorrectly handled certain division functions, possibly leading to cryptographic weaknesses. This update also refreshes the NSS package to version 3.21 which includes the latest CA certificate bundle, and removes the SPI CA.
f6a190f2df63a4842e2f9cbe069394f800fdf9cecad2c50da789ce6f9e53ff99
pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
9921a582c45baa34dabb357c548c5ed331b9a39334881b3a784b593680b07ba0
There is a type confusion vulnerability in the TextField constructor in AS3. When a TextField is constructed, a generic backing object is created and reused when subsequent TextField objects are created. However, if an object with the same ID has already been created in the SWF, it can be of the wrong type. The constructor contains a check for this situation, though, and throws an exception and sets a flag to shut down the player if this occurs. The backing object is then set to be of type TextField to avoid any modifications that have been made on it by the constructor from causing problems if it is used as an object of its original type elsewhere in the player. However, if the exception thrown by the constructor is caught, the exception handler can create another TextField object, and since the type of the generic backing object has been changed, an object of the wrong type is now backing the TextField, which makes it possible to set the pointers in the object to integer values selected by the attacker. The PoC swf for this issue needs to be created by hand.
89244b28a4549217c3946663d62b8133ad186a92cdb4285eeff70e6a18cdb172
There is a dangling pointer that can be read, but not written to in loadPCMFromByteArray. A proof of concept is included.
6a837aeb0f69779cabe3ac91d53929ecab287b6e562f832a1364d2e7e1364980
There is a use-after-free in LoadVars.decode. If a watch is set on the object that the parameters are being decoded into, and the watch deletes the object, then other methods are called on the deleted object after it is freed.
fbe2ae5d15b3901564ae333ef65dc05ba1b8f150b143e8b0a87296c853c3503a
The included file causes a crash due to a heap overflow, probably due to an issue in ATF processing by the URLStream class.
31320a678e0ba948912307dabf47b9cca5c8ea878f23514c24959ad680fe11f2
The included flv file causes stack corruption when loaded into Flash. To use the PoC, load LoadMP42.swf?file=lownull.flv from a remote server.
74d667d649a7d045b24409e6c7c68eeea9f6f1cc6f03497a67ed1756ff630172
There is an out-of-bounds read in H264 parsing and a fuzzed file is included in this archive. To load, load LoadMP4.swf with the URL parameter file=compute_poc.flv from a remote server.
ebb2b5d7f663e475ad09af61f41ced8caef58fbe37e4cc1bbb1bb3395e2f41a2
The attached file can cause an out-of-bounds read of an image. While the bits of the image are null, the width, height and other values can make it a valid pointer.
67899d0a839f78a9413c2d4c6f499ce8a1bfb82ab4a0b04f26b17264175b257f
The included fuzzing test case causes a crash due to a heap overflow in BitmapData.drawWithQuality.
71eac9af938822ce100e076b77f44a4fc957277d6ed3fc9956efc03536dabb10
Red Hat Security Advisory 2016-0241-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. All Chromium users should upgrade to these updated packages, which contain Chromium version 48.0.2564.109, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.
e4b076f47623f3e1c351897422dd84ff8c54ecb8e8176489592e03e9a39a1761
Dimofinf CMS version 3.0.0 suffers from a cross site scripting vulnerability.
fc6aabdced0f311a87ad9b9c16b893261d7bec5cd7961194bc05629135c8c74d
glibc reserves 2048 bytes in the stack through alloca() for the DNS answer at _nss_dns_gethostbyname4_r() for hosting responses to a DNS query. Later on, at send_dg() and send_vc(), if the response is larger than 2048 bytes, a new buffer is allocated from the heap and all the information (buffer pointer, new buffer size and response size) is updated. Under certain conditions a mismatch between the stack buffer and the new heap allocation will happen. The final effect is that the stack buffer will be used to store the DNS response, even though the response is larger than the stack buffer and a heap buffer was allocated. This behavior leads to the stack buffer overflow. Included in this archive is a copy of the Google Security blog post and proof of concept code that demonstrates the vulnerability.
ad59124177a3d305a9e05a03fed4435fe9079fdcafd54b23cbd52bc979ba7a5f
Ubuntu Security Notice 2900-1 - It was discovered that the GNU C Library incorrectly handled receiving responses while performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code.
7800d1aab731dec1f2a66ce239ebdf2a26e863aea8e01e1b0c7b35c610ced26c
Debian Linux Security Advisory 3481-1 - Several vulnerabilities have been fixed in the GNU C Library, glibc.
09303e0b9794ff8d9ff9ecaa8493c33cded5b569964be1e2f01553cc70ce74c4
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
08cc8bbae705e5ea3643d876e93b0dd14dd593595de0ae6ecf6a1089a056af25
Remote unauthenticated attackers are able to read arbitrary data from other HTTP sessions because Ignition uses a vulnerable Jetty server. When the Jetty web server receives a HTTP request, the below code is used to parse through the HTTP headers and their associated values. Inductive Automation versions 7.8.1 (b2016012216) and 7.8.0 (b2015101414) are affected.
8d7c9861342f78e40e1dcce0f22e9aba5b9782813cddc88a6b9899181e6ae25e
iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.
4d83efd879d80138550cbc7329d2b20a57b75210a7d1040b252910cacb17fb18
This bulletin summary lists two bulletins that have undergone a major revision increment for February, 2016.
89eb2daa8e73bb575d22a9e776da4ada0d66651dd364474ae688e1d3e67b3359
ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.
b5bc4a79fc52f0333822e3b932c76b81c22257fb3dae82b4f98935d220c186ce