«
Expand/Collapse
77 items tagged "information leak"
Related tags:
information [+],
leak [+],
linux [+],
php versions [+],
opcode [+],
vulnerability [+],
vasiliy kulikov [+],
syslog ng [+],
stable [+],
server password [+],
secret key [+],
overflow [+],
oracle database server [+],
nova [+],
nginx [+],
network packets [+],
mandriva linux [+],
mandriva [+],
linux security [+],
libzip [+],
interruption [+],
heap [+],
escalation [+],
ec2 [+],
security [+],
zend [+],
xor [+],
txt [+],
syslog [+],
substr [+],
server [+],
query function [+],
oracle [+],
mime decode [+],
htmlspecialchars [+],
htmlentities [+],
dsa [+],
database [+],
linux kernel [+],
mops [+],
php [+],
pdf [+],
ubuntu [+],
notice [+],
vmware [+],
vcenter [+],
usa [+],
safer use [+],
leak prevention [+],
intrusion detection [+],
internet explorer [+],
internet [+],
function [+],
explorer [+],
eric monti [+],
defeating [+],
dan moniz [+],
chargeback [+],
peter huewe [+],
denial of service [+],
hfs filesystem [+],
clement lecigne [+],
call time [+],
debian [+],
advisory [+]
-
-
23:32
»
Packet Storm Security Advisories
Team SHATTER Security Advisory - Oracle Database Server versions 10gR1, 10gR2 (10.2.0.4 and previous patchsets) and 11gR1 (11.1.0.7 and previous patchsets) suffer from a password hash information leak in the OCIPasswordChange API.
-
23:32
»
Packet Storm Security Recent Files
Team SHATTER Security Advisory - Oracle Database Server versions 10gR1, 10gR2 (10.2.0.4 and previous patchsets) and 11gR1 (11.1.0.7 and previous patchsets) suffer from a password hash information leak in the OCIPasswordChange API.
-
23:32
»
Packet Storm Security Misc. Files
Team SHATTER Security Advisory - Oracle Database Server versions 10gR1, 10gR2 (10.2.0.4 and previous patchsets) and 11gR1 (11.1.0.7 and previous patchsets) suffer from a password hash information leak in the OCIPasswordChange API.
-
-
17:15
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2012-043 - A vulnerability has been found and corrected in nginx. A specially crafted backend response could result in sensitive information leak. The updated packages have been patched to correct this issue.
-
17:15
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-043 - A vulnerability has been found and corrected in nginx. A specially crafted backend response could result in sensitive information leak. The updated packages have been patched to correct this issue.
-
17:15
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-043 - A vulnerability has been found and corrected in nginx. A specially crafted backend response could result in sensitive information leak. The updated packages have been patched to correct this issue.
-
-
7:59
»
Packet Storm Security Advisories
nginx versions prior to 1.0.14 stable and 1.1.7 development suffer from an information leak vulnerability when receiving a malformed HTTP response.
-
7:59
»
Packet Storm Security Recent Files
nginx versions prior to 1.0.14 stable and 1.1.7 development suffer from an information leak vulnerability when receiving a malformed HTTP response.
-
7:59
»
Packet Storm Security Misc. Files
nginx versions prior to 1.0.14 stable and 1.1.7 development suffer from an information leak vulnerability when receiving a malformed HTTP response.
-
-
10:04
»
Packet Storm Security Advisories
Ubuntu Security Notice 1345-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
10:04
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1345-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
10:04
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1345-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
-
20:18
»
Packet Storm Security Advisories
Ubuntu Security Notice 1337-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
20:18
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1337-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
20:18
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1337-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
20:18
»
Packet Storm Security Advisories
Ubuntu Security Notice 1341-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
20:18
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1341-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
20:18
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1341-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
-
16:53
»
Packet Storm Security Advisories
Ubuntu Security Notice 1332-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
16:53
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1332-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
16:53
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1332-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
-
16:06
»
Packet Storm Security Advisories
Ubuntu Security Notice 1318-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
16:06
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1318-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
16:06
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1318-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
-
-
8:38
»
Packet Storm Security Advisories
Ubuntu Security Notice 1294-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Qianfeng Zhang discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
8:38
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1294-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Qianfeng Zhang discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
8:38
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1294-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Qianfeng Zhang discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
-
15:51
»
Packet Storm Security Advisories
Ubuntu Security Notice 1247-1 - An information leak was discovered in Nova. An attacker with access to a valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY for that user.
-
15:51
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1247-1 - An information leak was discovered in Nova. An attacker with access to a valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY for that user.
-
15:51
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1247-1 - An information leak was discovered in Nova. An attacker with access to a valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY for that user.
-
-
13:59
»
SecuriTeam
This vulnerability allows remote attackers to leak information on vulnerable installations of Internet Explorer.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
13:11
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2310-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
13:11
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2310-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
13:11
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2310-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
-
13:36
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2264-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
13:36
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2264-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
13:36
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2264-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
-
6:44
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2153-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
6:44
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2153-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
6:44
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2153-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
-
15:55
»
Packet Storm Security Advisories
Syslog-NG versions 2.0, 3.0, 3.1, 3.2 OSE and PE suffer from information leak, access prevention and possible privilege escalation vulnerabilities.
-
15:55
»
Packet Storm Security Recent Files
Syslog-NG versions 2.0, 3.0, 3.1, 3.2 OSE and PE suffer from information leak, access prevention and possible privilege escalation vulnerabilities.
-
15:55
»
Packet Storm Security Misc. Files
Syslog-NG versions 2.0, 3.0, 3.1, 3.2 OSE and PE suffer from information leak, access prevention and possible privilege escalation vulnerabilities.
-
-
13:35
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2126-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
13:35
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2126-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
13:35
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2126-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
-
13:01
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2110-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
13:00
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2110-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
-
-
22:01
»
Packet Storm Security Recent Files
Month Of PHP Security - PHP's str_getcsv() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
22:01
»
Packet Storm Security Recent Files
Month Of PHP Security - PHP's http_build_query() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
22:01
»
Packet Storm Security Recent Files
Month Of PHP Security - PHP's strpbrk() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
22:01
»
Packet Storm Security Recent Files
Month Of PHP Security - PHP's strtr() function can be abused for information leak attacks, similar to all the other interruption exploits. However the interruption is not triggered inside the zend_parse_parameters() function and therefore another fix is required. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
22:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHP's str_getcsv() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
22:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHP's http_build_query() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
22:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHP's strpbrk() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
22:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHP's strtr() function can be abused for information leak attacks, similar to all the other interruption exploits. However the interruption is not triggered inside the zend_parse_parameters() function and therefore another fix is required. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
16:00
»
Packet Storm Security Recent Files
Month Of PHP Security - PHPâs iconv_mime_decode() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
16:00
»
Packet Storm Security Recent Files
Month Of PHP Security - PHPâs iconv_substr() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
16:00
»
Packet Storm Security Recent Files
Month Of PHP Security - PHP's iconv_mime_encode() function can be abused for information leak attacks, because of the call time pass by reference feature. This vulnerability also demonstrates that fixing zend_parse_parameters() is not enough to kill some of these vulnerabilities. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
16:00
»
Packet Storm Security Recent Files
Month Of PHP Security - PHPâs htmlentities() and htmlspecialchars() functions can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
16:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHPâs iconv_mime_decode() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
16:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHPâs iconv_substr() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
16:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHP's iconv_mime_encode() function can be abused for information leak attacks, because of the call time pass by reference feature. This vulnerability also demonstrates that fixing zend_parse_parameters() is not enough to kill some of these vulnerabilities. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
16:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHPâs htmlentities() and htmlspecialchars() functions can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
-
21:00
»
Packet Storm Security Recent Files
Month Of PHP Security - PHP ZEND_BW_XOR Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
21:00
»
Packet Storm Security Recent Files
Month Of PHP Security - PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
21:00
»
Packet Storm Security Recent Files
Month Of PHP Security - PHP ZEND_SR Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
21:00
»
Packet Storm Security Recent Files
Month Of PHP Security - PHP preg_quote() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
21:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHP ZEND_BW_XOR Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
21:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
21:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHP ZEND_SR Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
-
21:00
»
Packet Storm Security Exploits
Month Of PHP Security - PHP preg_quote() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution