It was found out that the application parser for SSH integrated in Suricata version 2.0.3 contains a flaw that might lead to an out-of-bounds access. For this reason a denial of service towards the Suricata monitoring software might be possible using crafted packets on the monitoring interface.

X2Engine CRM version 4.2.1 suffers from a cross site scripting vulnerability.

HttpFileServer version 2.3c suffers from multiple cross site scripting vulnerabilities.

iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.

ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.

Red Hat Security Advisory 2014-1286-01 – Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was discovered that the implementation of org.hibernate.validator.util.ReflectionHelper together with the permissions required to run Hibernate Validator under the Java Security Manager could allow a malicious application deployed in the same application container to execute several actions with escalated privileges, which might otherwise not be possible. This flaw could be used to perform various attacks, including but not restricted to, arbitrary code execution in systems that are otherwise secured by the Java Security Manager.

Red Hat Security Advisory 2014-1291-01 – Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.0.3 serves as a replacement for Red Hat JBoss BPM Suite 6.0.2, and includes bug fixes and enhancements.

Red Hat Security Advisory 2014-1290-01 – Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.0.3 serves as a replacement for Red Hat JBoss BRMS 6.0.2, and includes bug fixes and enhancements.

Red Hat Security Advisory 2014-1287-01 – Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was discovered that the implementation of org.hibernate.validator.util.ReflectionHelper together with the permissions required to run Hibernate Validator under the Java Security Manager could allow a malicious application deployed in the same application container to execute several actions with escalated privileges, which might otherwise not be possible. This flaw could be used to perform various attacks, including but not restricted to, arbitrary code execution in systems that are otherwise secured by the Java Security Manager.