Monthly Archives: April 2015

US-CERT

IC3 Releases Alert on Web Site Defacements

Original release date: April 07, 2015

The Internet Crime Complaint Center (IC3) has issued an alert addressing recently perpetrated Web site defacements. The defacements advertise themselves as associated with the Islamic State in the Levant (ISIL) a.k.a. Islamic State of Iraq and al-Shams (ISIS). However, FBI assesses that the perpetrators are not actually associated with this group. The perpetrators exploit WordPress content management system (CMS) vulnerabilities, leading to disruptive and costly effects.

Users and administrators are encouraged to review the IC3 Alert for details and refer to the US-CERT Alert TA13-024A for information on CMS security.

This product is provided subject to this Notification and this Privacy & Use policy.

NVD

CVE-2015-1773

Cross-site scripting (XSS) vulnerability in asdoc/templates/index.html in Apache Flex before 4.14.1 allows remote attackers to inject arbitrary web script or HTML by providing a crafted URI to JavaScript code generated by the asdoc component.

NVD

CVE-2015-2827

Cross-site scripting (XSS) vulnerability in CA Spectrum 9.2.x and 9.3.x before 9.3 H02 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

NVD

CVE-2015-2828

CA Spectrum 9.2.x and 9.3.x before 9.3 H02 does not properly validate serialized Java objects, which allows remote authenticated users to obtain administrative privileges via crafted object data.

CentOS

CESA-2015:0783 Important CentOS 5 kernel SecurityUpdate

CentOS Errata and Security Advisory 2015:0783 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0783.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
475d837cc9924ceb14b456fd057de62b3d3cb6a3f7c53dd70fb7580ef91b05a5  kernel-2.6.18-404.el5.i686.rpm
6de0467ca5afb9c387d3a1e1862e5c12dbe479ae4e402106c35c5363e154cfa7  kernel-debug-2.6.18-404.el5.i686.rpm
6e77b4af2ca5ebe9023055a04db394242d2c869d36ed5dc8f7dadcb2b19623e2  kernel-debug-devel-2.6.18-404.el5.i686.rpm
5e4f4461d5d9478ad6af90d27d211a4b9be597874be003993fc0a9a66f96389b  kernel-devel-2.6.18-404.el5.i686.rpm
b06167dcc0b2aa0bc8c2080779e50a7f7c1bb5b5b936a1bf37753e6f9f4cc0a6  kernel-doc-2.6.18-404.el5.noarch.rpm
c65ca33c3efe79b6186b5881f60d0e94373627a0579fc1590b0fda00267bf146  kernel-headers-2.6.18-404.el5.i386.rpm
fae902613688df5506c07189d0220534c87df68e594e5361583f3c5edba66e8e  kernel-PAE-2.6.18-404.el5.i686.rpm
e466b09d80eb75290b75649ff1b18c6eb8879096f30b9065c78f9c50e4cfbaf4  kernel-PAE-devel-2.6.18-404.el5.i686.rpm
a9631336b37f7e09734484879287cd3aa56754a33b5d418679d9c8b382da4c9d  kernel-xen-2.6.18-404.el5.i686.rpm
aa372175b7cd76d8657d942e86009478b519c85b993e084a95b41a2e7ebcc46c  kernel-xen-devel-2.6.18-404.el5.i686.rpm

x86_64:
43233e249ab68bbb983bca151e8147d2d508317c1cc046c16f4eac8313fe1639  kernel-2.6.18-404.el5.x86_64.rpm
7138275db21e8bfc76f53307f59b3368fd2f68847c86b8dcacdaa97a1b3cc96f  kernel-debug-2.6.18-404.el5.x86_64.rpm
12af1d4746f82591999106dd6cf2feb37136b2c24463c195c76cc461391ec738  kernel-debug-devel-2.6.18-404.el5.x86_64.rpm
b061f8582d90352035ae540b8584534aadc83e509b9901f5308ef1c3677bde2d  kernel-devel-2.6.18-404.el5.x86_64.rpm
b06167dcc0b2aa0bc8c2080779e50a7f7c1bb5b5b936a1bf37753e6f9f4cc0a6  kernel-doc-2.6.18-404.el5.noarch.rpm
d05c43ade8337a751709becf0d40c71201258d984481fe0066b4e269a1415c08  kernel-headers-2.6.18-404.el5.x86_64.rpm
80ac6cf796fc9bf6271451e62534552669965cfb5d6ec63a49bb0db0e866b79b  kernel-xen-2.6.18-404.el5.x86_64.rpm
b8a76664d89a48a40a7e6d3f2711e291ef3a9528bae41e617fea0835e6656cb4  kernel-xen-devel-2.6.18-404.el5.x86_64.rpm

Source:
c3278c1370851b3db311e492e55329db086f74e72a5852029d4eb0235e0b721f  kernel-2.6.18-404.el5.src.rpm