what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 205 RSS Feed

Files

Debian Security Advisory 3933-1
Posted Aug 11, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3933-1 - Two vulnerabilities were found in the PJSIP/PJProject communication library, which may result in denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2017-9359, CVE-2017-9372
SHA-256 | 30e014a2b67c34791038c3854024e7c6718f91ef1c57bc78bf88bef6bdd6561b
Ubuntu Security Notice USN-3383-1
Posted Aug 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3383-1 - Aleksandar Nikolic discovered a stack based buffer overflow when handling chunked encoding. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-2885
SHA-256 | d7c0396f8bdb083d40f718df72795e6d257d1e8c292bfb46319c39bc2eb754ff
Apache Subversion Arbitrary Code Execution
Posted Aug 11, 2017
Site subversion.apache.org

Apache Subversion has released version 1.9.7 which addresses an arbitrary code execution vulnerability.

tags | advisory, arbitrary, code execution
advisories | CVE-2017-9800
SHA-256 | 585a9fde58f7e2538f6923e554f14c1d32f0baf2b51e326916874d231c289c2b
Red Hat Security Advisory 2017-2459-01
Posted Aug 11, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2459-01 - The libsoup packages provide an HTTP client and server library for GNOME. Security Fix: A stack-based buffer overflow flaw was discovered within the HTTP processing of libsoup. A remote attacker could exploit this flaw to cause a crash or, potentially, execute arbitrary code by sending a specially crafted HTTP request to a server using the libsoup HTTP server functionality or by tricking a user into connecting to a malicious HTTP server with an application using the libsoup HTTP client functionality.

tags | advisory, remote, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2017-2885
SHA-256 | c321e39764d4ea90115daaa085e98f4fb231f535452f14a5c6e22c4c92dd6699
Ubuntu Security Notice USN-3382-1
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3382-1 - It was discovered that the PHP opcache created keys for files it cached based on their filepath. A local attacker could possibly use this issue in a shared hosting environment to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS. It was discovered that the PHP URL parser incorrectly handled certain URI components. A remote attacker could possibly use this issue to bypass hostname-specific URL checks. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote, local, php
systems | linux, ubuntu
advisories | CVE-2015-8994, CVE-2016-10397, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11362, CVE-2017-11628, CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229
SHA-256 | ad9cf63865d9cf099b246adbfb7844ca072a1d8c2f6456d48165e03202b65312
Debian Security Advisory 3929-1
Posted Aug 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3929-1 - Aleksandar Nikolic of Cisco Talos discovered a stack-based buffer overflow vulnerability in libsoup2.4, a HTTP library implementation in C. A remote attacker can take advantage of this flaw by sending a specially crafted HTTP request to cause an application using the libsoup2.4 library to crash (denial of service), or potentially execute arbitrary code.

tags | advisory, remote, web, denial of service, overflow, arbitrary
systems | cisco, linux, debian
advisories | CVE-2017-2885
SHA-256 | 310a70ae21393eb773e894d9e3c1fe126f02479b49ecada180120eac46f3355c
Red Hat Security Advisory 2017-2457-01
Posted Aug 10, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2457-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 26.0.0.151. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2017-3085, CVE-2017-3106
SHA-256 | bc261cc226330a0e53b449833017b1d1ad3992238aed0ef8134477caa856ae2a
Microsoft Security Bulletin CVE Update For August, 2017
Posted Aug 10, 2017
Site microsoft.com

This Microsoft bulletin summary lists one CVE that has undergone a major revision increment.

tags | advisory
advisories | CVE-2017-8658
SHA-256 | e9de975e99950a5f6015f3c8ff37def008306d6d9eadbd3e5e8ee494a0d70958
Ubuntu Security Notice USN-3388-1
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3388-1 - Joern Schneeweisz discovered that Subversion did not properly handle host names in 'svn+ssh://' URLs. A remote attacker could use this to construct a subversion repository that when accessed could run arbitrary code with the privileges of the user. Daniel Shahaf and James McCoy discovered that Subversion did not properly verify realms when using Cyrus SASL authentication. A remote attacker could use this to possibly bypass intended access restrictions. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2167, CVE-2016-8734, CVE-2017-9800
SHA-256 | afb947313ea3b2743fc9ec546b5a4c8ac5e42c19227852d40f19315d56ae31a2
Ubuntu Security Notice USN-3387-1
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3387-1 - Brian Neel, Joern Schneeweisz, and Jeff King discovered that Git did not properly handle host names in 'ssh://' URLs. A remote attacker could use this to construct a git repository that when accessed could run arbitrary code with the privileges of the user.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-1000117
SHA-256 | 2454d1074bcfce4098620dc87e4f3cdd0b6f626dc388f4864442e2b508277d87
Ubuntu Security Notice USN-3386-2
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3386-2 - USN-3386-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
SHA-256 | a876e7d4b791e40fefb320217a46bff63e6300d72ad9306f4f51b493d9536c67
Ubuntu Security Notice USN-3386-1
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3386-1 - Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
SHA-256 | 647b2d1d1c8bb541cd4e3690728e76a854d20ea18c6dba3a92754a2e3124f25b
Ubuntu Security Notice USN-3385-2
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3385-2 - USN-3385-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
SHA-256 | 664a65bdbca4a92e2983a2e23ad4f87d42ad55a05cf9741672aaffa9b5128288
Ubuntu Security Notice USN-3385-1
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3385-1 - Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
SHA-256 | f410650ac5386976fb5b72d6502ef110b7e9e6a866a422120c929e5c641a36b1
Ubuntu Security Notice USN-3384-2
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3384-2 - USN-3384-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
SHA-256 | f900ee14d39b21ba30d2c6c233e495641d3cbde809659718430d6eec5a923fb1
Ubuntu Security Notice USN-3384-1
Posted Aug 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3384-1 - Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2017-1000111, CVE-2017-1000112
SHA-256 | 9c0a1ae85f7530bab528e798e750966790ccbf6b7702ec5330b525b7b5c41602
Red Hat Security Advisory 2017-2456-01
Posted Aug 10, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2456-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.3.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-7753, CVE-2017-7779, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787, CVE-2017-7791, CVE-2017-7792, CVE-2017-7798, CVE-2017-7800, CVE-2017-7801, CVE-2017-7802, CVE-2017-7803, CVE-2017-7807, CVE-2017-7809
SHA-256 | fa00f88f21fc30d57f934392adfd181666574cf0140b83acc3d046ee311dbc89
Red Hat Security Advisory 2017-1832-01
Posted Aug 10, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1832-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-6644, CVE-2016-8749, CVE-2016-9879, CVE-2017-2589, CVE-2017-2594, CVE-2017-3156, CVE-2017-5643, CVE-2017-5653, CVE-2017-5656, CVE-2017-5929, CVE-2017-7957
SHA-256 | db404937bf2d117f42d43a4031591a656b71c1b768a92a1406a510b3ac573aef
Debian Security Advisory 3936-1
Posted Aug 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3936-1 - Several vulnerabilities have been found in the PostgreSQL database system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-7546, CVE-2017-7547, CVE-2017-7548
SHA-256 | 66c7a3b7cf22b115bb7384ea9597bc3a5ab8a2d482919832a30e6177465ccf24
Debian Security Advisory 3935-1
Posted Aug 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3935-1 - Several vulnerabilities have been found in the PostgreSQL database system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-7546, CVE-2017-7547, CVE-2017-7548
SHA-256 | ff488fd435e41ef6c9824f010c3d622d766fb2160300338efb121d8498ad2660
HPE Security Bulletin HPESB3P03762 1
Posted Aug 10, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESB3P03762 1 - HPE StoreFabric C-series Switch Software uses Ciscos Prime Data Center Network Manager (DCNM). Cisco has identified a remote code execution vulnerability in two versions of Cisco Prime Data Center Network Manager (DCNM) which HPE had included for download for customers under contract from the HPE Support Center. The affected versions of DCNM are 10.1(1) and 10.1(2). HPE bundled these DCNM versions with the following MDS and Nexus firmware downloads: * MDS 7.3(0)DY(1), released February 2017 * MDS 7.3(1)DY(1), released April 2017 * Nexus 5.2(1)N1(9b), released May 2017 **Note:** A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The vulnerability is due to the lack of authentication and authorization mechanisms for a debugging tool that was inadvertently enabled in the affected software. An attacker could exploit this vulnerability by remotely connecting to the debugging tool via TCP. A successful exploit could allow the attacker to access sensitive information about the affected software or execute arbitrary code with root privileges on the affected system. Revision 1 of this advisory.

tags | advisory, remote, arbitrary, root, tcp, code execution
systems | cisco
advisories | CVE-2017-6639
SHA-256 | a8e09be97b4de5cb5a24c72c56585c40b90a364dc24e2d76e252404144141bc3
Slackware Security Advisory - mozilla-firefox Updates
Posted Aug 9, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 17947dbac6eec2ffdc3b7b6ba3430596d708387e43a7dae33bbee164d450a7f2
Slackware Security Advisory - curl Updates
Posted Aug 9, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101
SHA-256 | c4f6e0ad6af38514253f79de53ba34d35bab1d4d728d22e4a39e068844f20592
Microsoft Security Bulletin CVE Update For August, 2017
Posted Aug 8, 2017
Site microsoft.com

This Microsoft bulletin summary lists multiple CVEs and security bulletins that have undergone a major revision increment.

tags | advisory
advisories | CVE-2017-0071, CVE-2017-0228, CVE-2017-0299
SHA-256 | 161586e64259dc4b705b4ce46b4a0914803be67a146156a1ec784629170dcf5d
Microsoft Security Bulletin Summary For August, 2017
Posted Aug 8, 2017
Site microsoft.com

This Microsoft bulletin lists dozens of updates for August, 2017.

tags | advisory
SHA-256 | b3660056fd3a1e28a4c8696cbe86d46898db7a81d7f714a386e8e033dc64a2fe
Page 5 of 9
Back34567Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Apple Suddenly Drops NSO Group Spyware Lawsuit
Posted Sep 18, 2024

tags | headline, privacy, phone, flaw, israel, spyware, apple
11 Dead, Thousands Injured In Explosive Supply Chain Attack On Hezbollah Pagers
Posted Sep 18, 2024

tags | headline, wireless, cyberwar, israel, terror, backdoor
Cops Across The World Arrest 51 In Orchestrated Takedown Of Ghost Crime Platform
Posted Sep 18, 2024

tags | headline, hacker, government, australia, cybercrime, fraud
Wait... Did Pagers Get Hacked To Blow People Up?
Posted Sep 17, 2024

tags | headline, cyberwar, israel, terror
Predator Spyware Kingpins Added To US Sanctions List
Posted Sep 17, 2024

tags | headline, hacker, government, privacy, spyware
D-Link Patches Critical Router Vulnerabilities
Posted Sep 17, 2024

tags | headline, flaw, patch
France Uses Tough, Untested Cybercrime Law To Target Durov
Posted Sep 17, 2024

tags | headline, government, cybercrime, france, social
Malware Attack Targets US-Taiwan Defense Conference
Posted Sep 17, 2024

tags | headline, government, malware, usa, china, cyberwar, taiwan, military
TikTok Is Getting Its Day In Court
Posted Sep 16, 2024

tags | headline, government, privacy, usa, phone, china, cyberwar, spyware
Ransomware Group Leaks Data Stolen From Kawasaki Motors
Posted Sep 16, 2024

tags | headline, hacker, privacy, cybercrime, data loss, cryptography
View More News →
packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close