Monthly Archives: December 2014
Ex-Employees, Lizard Squad May Have Aided Sony Hack
Desktop Central Add Administrator
Desktop Central versions 7 and forward suffer from an add administrator vulnerability.
Debian Security Advisory 3115-1
Debian Linux Security Advisory 3115-1 – Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using python-yaml could cause the application to crash.
Gentoo Linux Security Advisory 201412-53
Gentoo Linux Security Advisory 201412-53 – A vulnerability has been found in MIT Kerberos 5, possibly resulting in arbitrary code execution or a Denial of Service condition. Versions less than 1.13 are affected.
Bugtraq: [SECURITY] [DSA 3115-1] pyyaml security update
[SECURITY] [DSA 3115-1] pyyaml security update
Bugtraq: [SECURITY] [DSA 3116-1] polarssl security update
[SECURITY] [DSA 3116-1] polarssl security update
Bugtraq: ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability
ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability
Bugtraq: ESA-2014-158: RSA BSAFE® Micro Edition Suite and SSL-J Triple Handshake Vulnerability
ESA-2014-158: RSA BSAFE® Micro Edition Suite and SSL-J Triple Handshake Vulnerability
CVE-2014-9425
Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.