Archive for December 24th, 2013

3 results.

Ubuntu: 2063-1: NSS vulnerability

Dec24
by Ike on December 24, 2013 at 11:37 am
Posted In: Other

(Dec 20) Fraudulent security certificates could allow sensitive information tobe exposed when accessing the Internet.

└ Tags: ,
 Comment 

Debian: 2826-1: denyhosts: Remote denial of ssh servic

Dec24
by Ike on December 24, 2013 at 11:31 am
Posted In: Other

(Dec 22) Helmut Grohne discovered that denyhosts, a tool preventing SSH brute-force attacks, could be used to perform remote denial of service against the SSH daemon. Incorrectly specified regular expressions used to detect brute force attacks in authentication logs could be exploited [More…]

└ Tags: ,
 Comment 

TSR 2013-0012 Full Disclosure

Dec24
by Ike on December 24, 2013 at 2:34 am
Posted In: Community, cPanel, Hosting, News, ProdDevSec, security, TSR

Case 84681 Summary Arbitrary file read for ACL limited reseller accounts via XML-API. Security Rating cPanel has assigned a Security Level of Important to this vulnerability. Description The WHM XML and JSON APIs allowed arbitrary files to be read through the “getpkginfo” API call. By sending a crafted input to …

└ Tags: , , , , , ,
 Comment 

51 queries. 8.5 mb Memory usage. 0.237 seconds.