exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 204 RSS Feed

Files

Apple Security Advisory 2017-04-03-1
Posted Apr 3, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-04-03-1 - iOS 10.3.1 is now available and addresses a wifi vulnerability.

tags | advisory
systems | apple, ios
advisories | CVE-2017-6975
SHA-256 | 8b5f0e4a03e750a7b56884a02e8dfd789cb35bb0287acfccf2e07d060e4d0524
HPE Security Bulletin HPESBGN03722 1
Posted Mar 31, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03722 1 - A security vulnerability in Linux kernel, also known as "Dirty COW", has been addressed in HPE Operations Agent. This vulnerability could be exploited locally to allow escalation of privilege. Revision 1 of this advisory.

tags | advisory, kernel
systems | linux
advisories | CVE-2016-5195
SHA-256 | 5cb236af127bf2a15a76d901615c16bafe12e3e560b3c0e9e06a8de0ca19354a
Red Hat Security Advisory 2017-0860-01
Posted Mar 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0860-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 57.0.2987.133. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-5052, CVE-2017-5053, CVE-2017-5054, CVE-2017-5055, CVE-2017-5056
SHA-256 | 0f0c543a9c844c1ddd73436bed647ca9b229550b62fe06f2b8b6729963867aa5
Ubuntu Security Notice USN-3216-2
Posted Mar 31, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3216-2 - USN-3216-1 fixed vulnerabilities in Firefox. The update resulted in a startup crash when Firefox is used with XRDP. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass same origin restrictions, obtain sensitive information, spoof the addressbar, spoof the print dialog, cause a denial of service via application crash or hang, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5401, CVE-2017-5402, CVE-2017-5403, CVE-2017-5404, CVE-2017-5405, CVE-2017-5406, CVE-2017-5407, CVE-2017-5408, CVE-2017-5410, CVE-2017-5412, CVE-2017-5413, CVE-2017-5414, CVE-2017-5415, CVE-2017-5416, CVE-2017-5417, CVE-2017-5418, CVE-2017-5419, CVE-2017-5420, CVE-2017-5421, CVE-2017-5422, CVE-2017-5426, CVE-2017-5427
SHA-256 | bdd690475d755f6e237c1928c67804e0d04d22fce097049cdd6f3faf990c3736
Red Hat Security Advisory 2017-0854-01
Posted Mar 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0854-01 - After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase. This means that new bug fixes, security updates, and product enhancements will no longer be provided for the following product versions: Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5 Details of the Satellite support policy can be found at:

tags | advisory
systems | linux, redhat
SHA-256 | c91b07662cdb7fb5ffc1118d99778a02b5faa200ec6d9c2571e570c1741923dd
Red Hat Security Advisory 2017-0855-01
Posted Mar 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0855-01 - After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase. This means that new bug fixes, security updates, and product enhancements will no longer be provided for the following product versions: Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5 Details of the Satellite support policy can be found at:

tags | advisory
systems | linux, redhat
SHA-256 | f453c136858e9563ca0770b26c555cb4790f655fb81b72607fb982c410a00704
Ubuntu Security Notice USN-3242-2
Posted Mar 31, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3242-2 - USN-3242-1 fixed a vulnerability in Samba. The upstream fix introduced a regression when Samba is configured to disable following symbolic links. This update fixes the problem. Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
SHA-256 | 19c8c437d5ff2c736e55fe5001b1da5f1ac26b6e6652db0528f69a57cf7faa71
Trend Micro Enterprise Mobile Security Android Application Man-In-The-Middle
Posted Mar 30, 2017
Authored by David Coomber

The Trend Micro Enterprise Mobile Security android application suffers from a man-in-the-middle SSL certificate vulnerability.

tags | advisory
advisories | CVE-2016-9319
SHA-256 | 3be0a3916b23746808c0c776f1e66acee4ee7df205c6f4e4557903bacd4c08eb
HPE Security Bulletin HPESBHF03723 1
Posted Mar 30, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03723 1 - A potential security vulnerability has been identified in HPE Aruba ClearPass Policy Manager. The vulnerability could be remotely exploited to allow execution of code. **Note:** The ClearPass Policy Manager administrative Web interface is affected by the vulnerability. ClearPass Guest, Insight, and Graphite are NOT impacted. Revision 1 of this advisory.

tags | advisory, web
advisories | CVE-2017-5638
SHA-256 | d6e597c7bb73b8b7ba06f660e94513f08f799d97c77d1c9cf31cc41c314e3fa6
HPE Security Bulletin HPESBUX03725 1
Posted Mar 30, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBUX03725 1 - Potential security vulnerabilities have been identified with HP-UX Web Server Suite running Apache on HP-UX 11iv3. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), Unauthorized Read Access to Data and other impacts including: * Padding Oracle attack in Apache mod_session_crypto * Apache HTTP Request Parsing Whitespace Defects. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability
systems | hpux
advisories | CVE-2016-0736, CVE-2016-2161, CVE-2016-2183, CVE-2016-8740, CVE-2016-8743
SHA-256 | 5df1b537a3a2899886f0263d940c4193b758bfc583dd96021c5e940a90f029a8
Ubuntu Security Notice USN-3251-2
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3251-2 - USN-3251-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | b1d487963e5c52b099632d8ab214ebd2e907b74a6c379f725d804c0da4616fcb
Ubuntu Security Notice USN-3251-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3251-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | 1ca3a3e8ffe4e088904c9f1b8447dbb3bf2c0b1d8c96424615dc666524cfd330
Ubuntu Security Notice USN-3250-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3250-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | e0d47a21fe1bda95bc4b052c9f7665e52054b71dab369a17a44a17c1ebde95d4
Ubuntu Security Notice USN-3250-2
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3250-2 - USN-3250-1 fixed a vulnerability in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | b422cb5aab80fdbf0c348767b7d781f06b31e9fe1bd2d4d06b44326a9ad12b40
Ubuntu Security Notice USN-3249-2
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3249-2 - USN-3249-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | 460470cda31135e28bf5e1bede438fdd331eba3492c08a19c3210a779e90f05a
Ubuntu Security Notice USN-3248-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3248-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | b2af43e9ee4661670491287b35ae5b6204a60fd2e6cb9ae3dbee38243de221bd
Ubuntu Security Notice USN-3249-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3249-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | 8e6a027bf065ecdae1744051be9c1eeb8feffddb13c1d70f176316aecc5f924c
Ubuntu Security Notice USN-3236-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3236-1 - Multiple vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, spoof application UI by causing the security status API or webview URL to indicate the wrong values, bypass security restrictions, cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5029, CVE-2017-5030, CVE-2017-5031, CVE-2017-5033, CVE-2017-5035, CVE-2017-5037, CVE-2017-5040, CVE-2017-5041, CVE-2017-5044, CVE-2017-5045, CVE-2017-5046
SHA-256 | 7069b55c974764404a6bd3c1a7386f8efd74a673a5217b50585d13825906a1ff
Debian Security Advisory 3824-1
Posted Mar 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3824-1 - George Noseevich discovered that firebird2.5, a relational database system, did not properly check User-Defined Functions (UDF), thus allowing remote authenticated users to execute arbitrary code on the firebird server.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2017-6369
SHA-256 | 77569fa3e3fe5a77943c7cab473511a3a5e942a79f3b4057eec65f15d8cdbc0e
Debian Security Advisory 3798-2
Posted Mar 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3798-2 - DSA-3798-1 for tnef introduced a regression that caused crashes on some attachments.

tags | advisory
systems | linux, debian
SHA-256 | 91907dc419eacbfe525acaae6b9baccfc9233d9873b50246b5cf24e06fb463de
Red Hat Security Advisory 2017-0847-01
Posted Mar 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0847-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: It was found that the fix for CVE-2015-3148 in curl was incomplete. An application using libcurl with HTTP Negotiate authentication could incorrectly re-use credentials for subsequent requests to the same server.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2017-2628
SHA-256 | 974b5fabd635b171138950d3c4169a2374eec8a7fa006d510de7b420497dd80f
Slackware Security Advisory - mariadb Updates
Posted Mar 30, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mariadb packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-3302, CVE-2017-3313
SHA-256 | d28bdd977d39f007c77399f719272fae2c4233f4574b5f1bad80d829ac511400
EMC Isilon OneFS Path Traversal
Posted Mar 29, 2017
Site emc.com

EMC Isilon OneFS versions 7.1.0 through 7.1.1.10, 7.2.0 through 7.2.1.3, and 8.0.0 through 8.0.0.1 suffer from a path traversal vulnerability.

tags | advisory
advisories | CVE-2017-4980
SHA-256 | e19aca5b754771c11a24391d2108333efd59db0c26f9b6719e2dd9b3d446f54c
Samsung RKP Kernel Protection Bypass
Posted Mar 29, 2017
Authored by Google Security Research, laginimaineb

Samsumg suffers from an RKP kernel protection bypass via lack of MSR trapping on Qualcomm devices.

tags | advisory, kernel
SHA-256 | 0dbe80fe47e0d163198f99af0f2dd6414287047cc82447e99da5cf0bff3da457
RSA Archer Information Disclosure
Posted Mar 29, 2017
Site emc.com

RSA Archer Security Operations Management with RSA Unified Collector Framework contains a sensitive information disclosure vulnerability that could potentially be exploited by malicious users to compromise an affected system.

tags | advisory, info disclosure
advisories | CVE-2017-4977
SHA-256 | 10839de202bb4655a184d8961982e46440c4191ebe1429db50e9ec565998237e
Page 1 of 9
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close