exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 221 RSS Feed

Files

Red Hat Security Advisory 2016-1086-01
Posted May 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1086-01 - Libndp is a library that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages. Security Fix: It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol messages. An attacker on a non-local network could use this flaw to advertise a node as a router, allowing them to perform man-in-the-middle attacks on a connecting client, or disrupt the network connectivity of that client.

tags | advisory, local, protocol
systems | linux, redhat
advisories | CVE-2016-3698
SHA-256 | 8355924f316a3a290f7093136170ead8bd279f1e0739e79b02189dd1b7f3e2bd
Apple Security Advisory 2016-05-16-6
Posted May 17, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-05-16-6 - iTunes 12.4 is now available and addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple
advisories | CVE-2016-1742
SHA-256 | 0bb484fb892661c9d0d136b77554d8e0cf261760a62acc90c71612cdb5f12636
Apple Security Advisory 2016-05-16-5
Posted May 17, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-05-16-5 - Safari 9.1.1 is now available and addresses history deletion, data disclosure, code execution, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2016-1849, CVE-2016-1854, CVE-2016-1855, CVE-2016-1856, CVE-2016-1857, CVE-2016-1858, CVE-2016-1859
SHA-256 | a9e53dda0873ad8a4ed17e1822b21b16c940203d4a931b8a0a7f88912870545b
Gentoo Linux Security Advisory 201605-02
Posted May 17, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201605-2 - Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 50.0.2661.102 are affected.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-1646, CVE-2016-1647, CVE-2016-1648, CVE-2016-1649, CVE-2016-1650, CVE-2016-1651, CVE-2016-1652, CVE-2016-1653, CVE-2016-1654, CVE-2016-1655, CVE-2016-1656, CVE-2016-1657, CVE-2016-1658, CVE-2016-1659, CVE-2016-1660, CVE-2016-1661, CVE-2016-1662, CVE-2016-1663, CVE-2016-1664, CVE-2016-1665, CVE-2016-1666, CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670, CVE-2016-1671
SHA-256 | 3d35e4f94f3e0d5fc1ec1b66fbcd0077314511b7d86948997867d9fcca1414b0
Ubuntu Security Notice USN-2981-1
Posted May 17, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2981-1 - It was discovered that libarchive incorrectly handled certain entry-size values in ZIP archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. It was discovered that libarchive incorrectly handled memory when processing certain tar files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-1541
SHA-256 | cd28623f8a397ad606f6739d1d53e4c06507e985acd72d2147bc28e72c960e56
Apple Security Advisory 2016-05-16-4
Posted May 17, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-05-16-4 - OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, information leakage, and various other vulnerabilities.

tags | advisory, php, vulnerability, code execution
systems | apple, osx
advisories | CVE-2015-8865, CVE-2016-1791, CVE-2016-1792, CVE-2016-1793, CVE-2016-1794, CVE-2016-1795, CVE-2016-1796, CVE-2016-1797, CVE-2016-1798, CVE-2016-1799, CVE-2016-1800, CVE-2016-1801, CVE-2016-1802, CVE-2016-1803, CVE-2016-1804, CVE-2016-1805, CVE-2016-1806, CVE-2016-1807, CVE-2016-1808, CVE-2016-1809, CVE-2016-1810, CVE-2016-1811, CVE-2016-1812, CVE-2016-1813, CVE-2016-1814, CVE-2016-1815, CVE-2016-1816, CVE-2016-1817
SHA-256 | 033664aa28ec2879dd3701fb337746a01283cd594653ca2f21434886e857c2b1
Ubuntu Security Notice USN-2980-1
Posted May 17, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2980-1 - Julien Bernard discovered that libndp incorrectly performed origin checks when receiving Neighbor Discovery Protocol (NDP) messages. A remote attacker outside of the local network could use this issue to advertise a node as a router, causing a denial of service, or possibly to act as a man in the middle.

tags | advisory, remote, denial of service, local, protocol
systems | linux, ubuntu
advisories | CVE-2016-3698
SHA-256 | fd80dfb5e75a446fbe7f7256ff55473acd17f98dda4e3e20e1cfdab2bede7e5d
Red Hat Security Advisory 2016-1083-01
Posted May 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1083-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Security Fix: An input sanitization flaw was found in the scoped search parameters sort_by and sort_order in the REST API. An authenticated user could use this flaw to perform an SQL injection attack on the Katello back end database.

tags | advisory, sql injection
systems | linux, redhat
advisories | CVE-2016-3072
SHA-256 | 16c634ffd6be21f4086f926a66feee82da9905f491a151635564f12cd7807517
Apple Security Advisory 2016-05-16-3
Posted May 17, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-05-16-3 - watchOS 2.2.1 is now available and addresses information leakage, code execution, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2016-1802, CVE-2016-1803, CVE-2016-1807, CVE-2016-1808, CVE-2016-1811, CVE-2016-1813, CVE-2016-1817, CVE-2016-1818, CVE-2016-1819, CVE-2016-1823, CVE-2016-1824, CVE-2016-1827, CVE-2016-1828, CVE-2016-1829, CVE-2016-1830, CVE-2016-1832, CVE-2016-1833, CVE-2016-1834, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-1841, CVE-2016-1842, CVE-2016-1847
SHA-256 | 33b024e7cf4ccb3341bea4ad4c523f2b5f77ad44af02d7c3a4e377bffabb8637
Bugzilla 4.4.11 / 5.0.2 Summary Cross Site Scripting
Posted May 17, 2016
Authored by Wladimir Palant, Frederic Buclin, David Lawrence | Site bugzilla.org

Bugzilla versions 2.16rc1 to 4.4.11 and 4.5.1 to 5.0.2 suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2016-2803
SHA-256 | b5b557c9a96230c03f35334bcabd0cbadd09684f233600dafc8de9a79dd18b6b
Apple Security Advisory 2016-05-16-2
Posted May 17, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-05-16-2 - iOS 9.3.2 is now available and addresses buffer overflow, information leakage, and various other vulnerabilities.

tags | advisory, overflow, vulnerability
systems | cisco, apple, ios
advisories | CVE-2016-1790, CVE-2016-1801, CVE-2016-1802, CVE-2016-1803, CVE-2016-1807, CVE-2016-1808, CVE-2016-1811, CVE-2016-1813, CVE-2016-1814, CVE-2016-1817, CVE-2016-1818, CVE-2016-1819, CVE-2016-1823, CVE-2016-1824, CVE-2016-1827, CVE-2016-1828, CVE-2016-1829, CVE-2016-1830, CVE-2016-1831, CVE-2016-1832, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840
SHA-256 | fa5fb69a96d1763e7f9b8f05cfb08dc7841350132fdbde952f885dfdea6fc729
Apple Security Advisory 2016-05-16-1
Posted May 17, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-05-16-1 - tvOS 9.2.1 is now available and addresses information disclosure, code execution issues, and more.

tags | advisory, code execution, info disclosure
systems | apple
advisories | CVE-2016-1801, CVE-2016-1802, CVE-2016-1803, CVE-2016-1807, CVE-2016-1808, CVE-2016-1811, CVE-2016-1813, CVE-2016-1814, CVE-2016-1817, CVE-2016-1818, CVE-2016-1819, CVE-2016-1823, CVE-2016-1824, CVE-2016-1827, CVE-2016-1828, CVE-2016-1829, CVE-2016-1830, CVE-2016-1832, CVE-2016-1833, CVE-2016-1834, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-1841, CVE-2016-1847, CVE-2016-1854
SHA-256 | a7046a4cb19a989986f26465b54fe410792551ee40fb5815e022d3ff6cd5e750
7-Zip Code Execution
Posted May 17, 2016
Authored by Nick Boyce, Cisco Talis

7-Zip versions prior to 16.00 suffer from code execution and various other vulnerabilities.

tags | advisory, vulnerability, code execution
SHA-256 | 9f796f1af89d7aa0d638e43def7b8d0e70a285275a25793a5d06f71c464ca9c1
Ubuntu Security Notice USN-2979-4
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2979-4 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | f8e3be2b927e976c9209bd751acdb51d9b30164629cb20cc001b615de8729e1d
Ubuntu Security Notice USN-2979-1
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2979-1 - David Matlack discovered that the Kernel-based Virtual Machine (KVM) implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers (MTRR) in KVM guests. A privileged user in a guest VM could use this to cause a denial of service (system crash) in the host, expose sensitive information from the host, or possibly gain administrative privileges in the host. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758, CVE-2016-3713
SHA-256 | f54efabc7a7953e27810fe6ce72422448a5483cf73e0c1c26490ee17ddb6515d
Ubuntu Security Notice USN-2979-2
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2979-2 - USN-2979-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine (KVM) implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers (MTRR) in KVM guests. A privileged user in a guest VM could use this to cause a denial of service (system crash) in the host, expose sensitive information from the host, or possibly gain administrative privileges in the host. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-0758, CVE-2016-3713
SHA-256 | cdb2c86cd663d5c26cde9b3c2a5708b24e10070bf88b9fc77d97870354cfaeb1
Ubuntu Security Notice USN-2977-1
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2977-1 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | d6b3be39ac7937bb9c063bc7588dc509dfded0b1d2782055a62769be30157ce9
Ubuntu Security Notice USN-2976-1
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2976-1 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | a7e8c5cbdc10dd613588bad7d3979dece9409d0fcc442c155c1452784fcf6482
Ubuntu Security Notice USN-2978-3
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2978-3 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | 380a8900f2b41cbbcdc679855c577286d9e8ac890b72e924185614245a2678d8
Ubuntu Security Notice USN-2975-1
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2975-1 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | ce4aa24f49da8508bdc20d9f6ec8279498501fffb6953834550e0930d92b30a2
Ubuntu Security Notice USN-2975-2
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2975-2 - USN-2975-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | feac0eb25f9c1cd3fa095cee054213a408415e169c7b4778f95545c5dacb38c1
Ubuntu Security Notice USN-2978-2
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2978-2 - USN-2978-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine (KVM) implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers (MTRR) in KVM guests. A privileged user in a guest VM could use this to cause a denial of service (system crash) in the host, expose sensitive information from the host, or possibly gain administrative privileges in the host. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-0758, CVE-2016-3713
SHA-256 | 64141def5026b2fd37a8d73d52076845eb142cd7b02d5e2f75a7ec27d647aa30
Ubuntu Security Notice USN-2979-3
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2979-3 - Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758
SHA-256 | ebdfe841208c413cc4a3580e230a63f56eb848beb54d4fc7056c707f90f943df
Ubuntu Security Notice USN-2978-1
Posted May 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2978-1 - David Matlack discovered that the Kernel-based Virtual Machine (KVM) implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers (MTRR) in KVM guests. A privileged user in a guest VM could use this to cause a denial of service (system crash) in the host, expose sensitive information from the host, or possibly gain administrative privileges in the host. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-0758, CVE-2016-3713
SHA-256 | c7ba527bc03f4e3f11f857d8f2bda733be9c17654f1a0e13e3c436345ac34da5
Debian Security Advisory 3580-1
Posted May 16, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3580-1 - Nikolay Ermishkin from the Mail.Ru Security Team and Stewie discovered several vulnerabilities in ImageMagick, a program suite for image manipulation. These vulnerabilities, collectively known as ImageTragick, are the consequence of lack of sanitization of untrusted input. An attacker with control on the image input could, with the privileges of the user running the application, execute code (CVE-2016-3714), make HTTP GET or FTP requests (CVE-2016-3718), or delete (CVE-2016-3715), move (CVE-2016-3716), or read (CVE-2016-3717) local files.

tags | advisory, web, local, vulnerability
systems | linux, debian
advisories | CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, CVE-2016-3718
SHA-256 | 747cf13d24c6beb4d0ce9afc86b233876539d3430e7ac143db6dd5daba44316e
Page 4 of 9
Back23456Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close