Resolved Bugs
1222028 – CVE-2015-0847 nbd: nbd-server denial of service due to unsafe signal handlers [fedora-all]
1222027 – CVE-2015-0847 nbd: nbd-server denial of service due to unsafe signal handlers<br
* Fix unsafe signal handlers to avoid DoS attack [CVE-2015-0847].
Monthly Archives: August 2015
OATH Toolkit 2.6.1
OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
I2P 0.9.21
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
Heroes Of Might And Magic III .h3m Map File Buffer Overflow
This Metasploit module embeds an exploit into an uncompressed map file (.h3m) for Heroes of Might and Magic III. Once the map is started in-game, a buffer overflow occurring when loading object sprite names leads to shellcode execution.
Botan C++ Crypto Algorithms Library 1.10.10
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
Packet Storm New Exploits For July, 2015
This archive contains 162 exploits that were added to Packet Storm in July, 2015.
CVE-2015-3940 (wonderware_system_platform_2014)
Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2015-3942 (magnum_10k_firmware, magnum_6k_firmware)
Multiple cross-site scripting (XSS) vulnerabilities in the web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-3959 (magnum_10k_firmware, magnum_6k_firmware)
The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate attackers to obtain access by establishing a console session to a nonstandard installation on which this account is enabled, and leveraging knowledge of this password.
CVE-2015-3960 (magnum_10k_firmware, magnum_6k_firmware)
The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers’ installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms for HTTPS sessions by leveraging knowledge of a private key from another installation.