what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 6,994 RSS Feed

Operating System: Debian

util-linux wall Escape Sequence Injection
Posted Mar 28, 2024
Authored by Skyler Ferrante

The util-linux wall command does not filter escape sequences from command line arguments. The vulnerable code was introduced in commit cdd3cc7fa4 (2013). Every version since has been vulnerable. This allows unprivileged users to put arbitrary text on other users terminals, if mesg is set to y and wall is setgid. CentOS is not vulnerable since wall is not setgid. On Ubuntu 22.04 and Debian Bookworm, wall is both setgid and mesg is set to y by default.

tags | exploit, arbitrary
systems | linux, debian, ubuntu, centos
advisories | CVE-2024-28085
SHA-256 | c3644f61b4f68f9fafd4782ffb69bd4b73d2b6ff8ac981711c3329c0a8408077
Ubuntu Security Notice USN-6714-1
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6714-1 - It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands.

tags | advisory, arbitrary, shell
systems | linux, debian, ubuntu
advisories | CVE-2023-27635
SHA-256 | d54f6944dfabbda777fb8a78361b6893760736de4073959bba84adbd8fa06495
Debian Security Advisory 5647-1
Posted Mar 25, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5647-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service or information disclosure.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, unix, debian
advisories | CVE-2022-2127, CVE-2022-3437, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-4091
SHA-256 | 1bf3eff1b405cc8734e78a924bf59118ea64667832f1c6ee614a890520f6a767
Debian Security Advisory 5646-1
Posted Mar 25, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5646-1 - Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, or command injection.

tags | advisory, web, vulnerability, xss, sql injection
systems | linux, debian
advisories | CVE-2023-39360, CVE-2023-39513, CVE-2023-49084, CVE-2023-49085, CVE-2023-49086, CVE-2023-49088, CVE-2023-50250, CVE-2023-50569
SHA-256 | d9158a48c8ed071329b9eb3eddd4e00641007c015236908127fc8e2d8c7008c6
Debian Security Advisory 5645-1
Posted Mar 25, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5645-1 - Manfred Paul discovered a flaw in the Mozilla Firefox web browser, allowing an attacker to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process.

tags | advisory, web, arbitrary, javascript
systems | linux, debian
advisories | CVE-2024-29944
SHA-256 | 4f5d9a853e227dab14b126ce8536d5e0bccc071fc1e3eea740c201c1d75a9146
Debian Security Advisory 5644-1
Posted Mar 22, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5644-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or leaks of encrypted email subjects.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-5388, CVE-2024-0743, CVE-2024-1936, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
SHA-256 | 52c9ec4f8c2d47616afc49e17f3a3b204457658b0cbdb5e77c7a81280f8c2fce
Debian Security Advisory 5643-1
Posted Mar 22, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5643-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure, bypass of content security policies or spoofing.

tags | advisory, web, arbitrary, spoof, info disclosure
systems | linux, debian
advisories | CVE-2023-5388, CVE-2024-0743, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
SHA-256 | a448517a42a8f898647c5aa7c7b1e0258fff75928a056aa5b3eb6c5fe41ab76b
Debian Security Advisory 5626-2
Posted Mar 21, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5626-2 - One of the upstream changes in the update released as DSA 5626 contained a regression in the zoneToCache function. Updated pdns-recursor packages are available to correct this issue.

tags | advisory
systems | linux, debian
SHA-256 | 0ee640acf5129fe52d57dc5186756b0bb224b1b372d2406c6107e7c21317c34d
Debian Security Advisory 5642-1
Posted Mar 21, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5642-1 - Three security issues were discovered in php-svg-lib, a PHP library to read, parse and export to PDF SVG files, which could result in denial of service, restriction bypass or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, php
systems | linux, debian
advisories | CVE-2023-50251, CVE-2023-50252, CVE-2024-25117
SHA-256 | 5e13068f973fafd73dbd6db137d7088337677e0ff95c185b8076cc2a7f0f192f
Debian Security Advisory 5641-1
Posted Mar 20, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5641-1 - It was discovered that fontforge, a font editor, is prone to shell command injection vulnerabilities when processing specially crafted files.

tags | advisory, shell, vulnerability
systems | linux, debian
advisories | CVE-2024-25081, CVE-2024-25082
SHA-256 | 9b3201adff6afbd1a97b1cdf43d27c97115dada38acd1dbb20e51e10c8d2ca91
Debian Security Advisory 5632-1
Posted Mar 15, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5632-1 - It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should have.

tags | advisory, local, php, code execution
systems | linux, debian
advisories | CVE-2024-24821
SHA-256 | 41b32f3945ea62d6717b9bcf3c2f3261d62077b5c247d91363fa5b2bd9022945
Debian Security Advisory 5640-1
Posted Mar 15, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5640-1 - Two vulnerabilities were discovered in Open vSwitch, a software-based Ethernet virtual switch, which could result in a bypass of OpenFlow rules or denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2023-3966, CVE-2023-5366
SHA-256 | ee33fda52165e0797d00ba28edf1c0746142b6af8db3080011d86af844a64baa
Debian Security Advisory 5639-1
Posted Mar 14, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5639-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-2400
SHA-256 | 4cbadb48dda00be85d46d8fcccadc0b92923c8219c7569b6d2df731ece4d0271
Debian Security Advisory 5638-1
Posted Mar 11, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5638-1 - It was discovered that the uv_getaddrinfo() function in libuv, an asynchronous event notification library, incorrectly truncated certain hostnames, which may result in bypass of security measures on internal APIs or SSRF attacks.

tags | advisory
systems | linux, debian
advisories | CVE-2024-24806
SHA-256 | 8a07ccb73b022376fe2ad526d9e79f96a2d1684fb96135ae73b42313547393c9
Debian Security Advisory 5637-1
Posted Mar 8, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5637-1 - Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management.

tags | advisory, remote, web, denial of service, overflow, vulnerability
systems | linux, debian
advisories | CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848, CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25111, CVE-2024-25617
SHA-256 | a79ef3e7a5505aef83c8e1d9026a34f64acecaa9ccd3e41b225ac5500d8a96e7
Debian Security Advisory 5636-1
Posted Mar 7, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5636-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-2173, CVE-2024-2174, CVE-2024-2176
SHA-256 | 45d2b3cd49f8d7b927168d63079c93e103a1882ab4c21a082c2c055ab0617188
Debian Security Advisory 5635-1
Posted Mar 5, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5635-1 - Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was vulnerable to cross-site scripting.

tags | advisory, xss, ruby
systems | linux, debian
advisories | CVE-2024-27285
SHA-256 | dcdab1d7f7cf4e649af57210018d82164536fd3183f20fc49dc2b55a1e94d866
Debian Security Advisory 5634-1
Posted Feb 29, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5634-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-1938, CVE-2024-1939
SHA-256 | 5032165cc7d2def71ec656d9925738a3e7469e9cac4fa279cf0253001be4725e
Debian Security Advisory 5633-1
Posted Feb 28, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5633-1 - It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against Knot Resolver, a caching, DNSSEC- validating DNS resolver.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2023-46317, CVE-2023-50387, CVE-2023-50868
SHA-256 | 8e6d005043bd7886936a3247ec7c5c1129b630b1592e9f24492ea9653d4467d0
Debian Security Advisory 5631-1
Posted Feb 26, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5631-1 - It was discovered that iwd, the iNet Wireless Daemon, does not properly handle messages in the 4-way handshake used when connecting to a protected WiFi network for the first time. An attacker can take advantage of this flaw to gain unauthorized access to a protected WiFi network if iwd is operating in Access Point (AP) mode.

tags | advisory
systems | linux, debian
advisories | CVE-2023-52161
SHA-256 | 47a934b5ac3f1708759ab799a958d93a60179f6a1700104e3edfe19ebc9732ce
Debian Security Advisory 5630-1
Posted Feb 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5630-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553
SHA-256 | d28bce415e0153870f51c0a3a90c6dc32c960f44d25427214d3938b5389f18eb
Debian Security Advisory 5629-1
Posted Feb 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5629-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-1669, CVE-2024-1670, CVE-2024-1671, CVE-2024-1672, CVE-2024-1673, CVE-2024-1674, CVE-2024-1675, CVE-2024-1676
SHA-256 | fe6f1b5481a47f52acca8337fa69156b933a7a36fb449ecf930207ee4aae57f8
Debian Security Advisory 5628-1
Posted Feb 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5628-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2021-3610, CVE-2022-1115, CVE-2023-1289, CVE-2023-1906, CVE-2023-34151, CVE-2023-3428, CVE-2023-5341
SHA-256 | f3cb8b62b33597d095e3b6b6dd3d138b869540fe77fdd212e1777a113e936759
Debian Security Advisory 5627-1
Posted Feb 22, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5627-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing.

tags | advisory, web, arbitrary, spoof, info disclosure
systems | linux, debian
advisories | CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553
SHA-256 | fecc020dcddb2184341c57558aa3f486e8ee301dd59c165be89472e03edd082b
Debian Security Advisory 5626-1
Posted Feb 19, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5626-1 - It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against PDNS Recursor, a resolving name server.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2023-50387, CVE-2023-50868
SHA-256 | 49eaeb41d9120ce6fe9d1df8ab49ae3be8aab753012780b8c6b75059b99b0463
Page 1 of 280
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close