Exploit the possiblities
Showing 1 - 25 of 204 RSS Feed

Files

Apple Security Advisory 2017-04-03-1
Posted Apr 3, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-04-03-1 - iOS 10.3.1 is now available and addresses a wifi vulnerability.

tags | advisory
systems | apple, ios
advisories | CVE-2017-6975
MD5 | d02ac418fea92c51f16e1bf3a1de203d
HP Security Bulletin HPESBGN03722 1
Posted Mar 31, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03722 1 - A security vulnerability in Linux kernel, also known as "Dirty COW", has been addressed in HPE Operations Agent. This vulnerability could be exploited locally to allow escalation of privilege. Revision 1 of this advisory.

tags | advisory, kernel
systems | linux
advisories | CVE-2016-5195
MD5 | 6e048f342c976bad5812d28b477f7348
Red Hat Security Advisory 2017-0860-01
Posted Mar 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0860-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 57.0.2987.133. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-5052, CVE-2017-5053, CVE-2017-5054, CVE-2017-5055, CVE-2017-5056
MD5 | 90de5cd59a8378af4cb6a0bfda885a3d
Ubuntu Security Notice USN-3216-2
Posted Mar 31, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3216-2 - USN-3216-1 fixed vulnerabilities in Firefox. The update resulted in a startup crash when Firefox is used with XRDP. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass same origin restrictions, obtain sensitive information, spoof the addressbar, spoof the print dialog, cause a denial of service via application crash or hang, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5401, CVE-2017-5402, CVE-2017-5403, CVE-2017-5404, CVE-2017-5405, CVE-2017-5406, CVE-2017-5407, CVE-2017-5408, CVE-2017-5410, CVE-2017-5412, CVE-2017-5413, CVE-2017-5414, CVE-2017-5415, CVE-2017-5416, CVE-2017-5417, CVE-2017-5418, CVE-2017-5419, CVE-2017-5420, CVE-2017-5421, CVE-2017-5422, CVE-2017-5426, CVE-2017-5427
MD5 | f2ea3e9e2adacc4804c46ca42d86a0bc
Red Hat Security Advisory 2017-0854-01
Posted Mar 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0854-01 - After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase. This means that new bug fixes, security updates, and product enhancements will no longer be provided for the following product versions: Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5 Details of the Satellite support policy can be found at:

tags | advisory
systems | linux, redhat
MD5 | 3207e8b81c2bfc8bcf8b6d5d16c3bc68
Red Hat Security Advisory 2017-0855-01
Posted Mar 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0855-01 - After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase. This means that new bug fixes, security updates, and product enhancements will no longer be provided for the following product versions: Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5 Details of the Satellite support policy can be found at:

tags | advisory
systems | linux, redhat
MD5 | 96c86c2f738c59712b204fe4101117a7
Ubuntu Security Notice USN-3242-2
Posted Mar 31, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3242-2 - USN-3242-1 fixed a vulnerability in Samba. The upstream fix introduced a regression when Samba is configured to disable following symbolic links. This update fixes the problem. Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
MD5 | 7db8e91ec14a014c1151d2c7c62819c5
Trend Micro Enterprise Mobile Security Android Application Man-In-The-Middle
Posted Mar 30, 2017
Authored by David Coomber

The Trend Micro Enterprise Mobile Security android application suffers from a man-in-the-middle SSL certificate vulnerability.

tags | advisory
advisories | CVE-2016-9319
MD5 | f80c525a43a419b297b0ae9bdde3471e
HP Security Bulletin HPESBHF03723 1
Posted Mar 30, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03723 1 - A potential security vulnerability has been identified in HPE Aruba ClearPass Policy Manager. The vulnerability could be remotely exploited to allow execution of code. **Note:** The ClearPass Policy Manager administrative Web interface is affected by the vulnerability. ClearPass Guest, Insight, and Graphite are NOT impacted. Revision 1 of this advisory.

tags | advisory, web
advisories | CVE-2017-5638
MD5 | 1666fe9ad4b21011ece5ae9300469066
HP Security Bulletin HPESBUX03725 1
Posted Mar 30, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBUX03725 1 - Potential security vulnerabilities have been identified with HP-UX Web Server Suite running Apache on HP-UX 11iv3. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), Unauthorized Read Access to Data and other impacts including: * Padding Oracle attack in Apache mod_session_crypto * Apache HTTP Request Parsing Whitespace Defects. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability
systems | hpux
advisories | CVE-2016-0736, CVE-2016-2161, CVE-2016-2183, CVE-2016-8740, CVE-2016-8743
MD5 | 62093eab7a4c2c4b060ec05c72eca532
Ubuntu Security Notice USN-3251-2
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3251-2 - USN-3251-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
MD5 | d2f57dbf39e6f9068665426b0f9cc880
Ubuntu Security Notice USN-3251-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3251-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
MD5 | 3a9c7289ffc228fde7d16fcf70ff8929
Ubuntu Security Notice USN-3250-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3250-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
MD5 | 43a1b2cd1fe7d604c361bd87d0271815
Ubuntu Security Notice USN-3250-2
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3250-2 - USN-3250-1 fixed a vulnerability in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
MD5 | 5657c785b324e9563c6a8fb394214b5a
Ubuntu Security Notice USN-3249-2
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3249-2 - USN-3249-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
MD5 | 4bc57c0944248dba7d3742cd39d01992
Ubuntu Security Notice USN-3248-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3248-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
MD5 | d427d51bb7dc8fbcd75e3da231f98728
Ubuntu Security Notice USN-3249-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3249-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
MD5 | f14827acb72b4543c24f697a5b51e629
Ubuntu Security Notice USN-3236-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3236-1 - Multiple vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, spoof application UI by causing the security status API or webview URL to indicate the wrong values, bypass security restrictions, cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5029, CVE-2017-5030, CVE-2017-5031, CVE-2017-5033, CVE-2017-5035, CVE-2017-5037, CVE-2017-5040, CVE-2017-5041, CVE-2017-5044, CVE-2017-5045, CVE-2017-5046
MD5 | 2d12005fa61a17afc2f37976a14bf296
Debian Security Advisory 3824-1
Posted Mar 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3824-1 - George Noseevich discovered that firebird2.5, a relational database system, did not properly check User-Defined Functions (UDF), thus allowing remote authenticated users to execute arbitrary code on the firebird server.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2017-6369
MD5 | a903fa771ede3f94a6d8411f77b8cc7c
Debian Security Advisory 3798-2
Posted Mar 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3798-2 - DSA-3798-1 for tnef introduced a regression that caused crashes on some attachments.

tags | advisory
systems | linux, debian
MD5 | 260283bf449b761e5d5aeb62df159960
Red Hat Security Advisory 2017-0847-01
Posted Mar 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0847-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: It was found that the fix for CVE-2015-3148 in curl was incomplete. An application using libcurl with HTTP Negotiate authentication could incorrectly re-use credentials for subsequent requests to the same server.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2017-2628
MD5 | 2c2ce6c1907416090995e490f547d69e
Slackware Security Advisory - mariadb Updates
Posted Mar 30, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mariadb packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-3302, CVE-2017-3313
MD5 | 157b0cfb0fc4e5342aea72e923417cea
EMC Isilon OneFS Path Traversal
Posted Mar 29, 2017
Site emc.com

EMC Isilon OneFS versions 7.1.0 through 7.1.1.10, 7.2.0 through 7.2.1.3, and 8.0.0 through 8.0.0.1 suffer from a path traversal vulnerability.

tags | advisory
advisories | CVE-2017-4980
MD5 | 5d5e4d9eb8db48aa773765e3e89d94f4
Samsung RKP Kernel Protection Bypass
Posted Mar 29, 2017
Authored by Google Security Research, laginimaineb

Samsumg suffers from an RKP kernel protection bypass via lack of MSR trapping on Qualcomm devices.

tags | advisory, kernel
MD5 | b5c4ef10d1a12872e9129f24e017bee2
RSA Archer Information Disclosure
Posted Mar 29, 2017
Site emc.com

RSA Archer Security Operations Management with RSA Unified Collector Framework contains a sensitive information disclosure vulnerability that could potentially be exploited by malicious users to compromise an affected system.

tags | advisory, info disclosure
advisories | CVE-2017-4977
MD5 | 3458181a524dac0e35d4c9ae6258d809
Page 1 of 9
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close