exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 195 RSS Feed

Files

Asterisk Project Security Advisory - AST-2017-008
Posted Sep 20, 2017
Authored by Klaus-Peter Junghanns | Site asterisk.org

Asterisk Project Security Advisory - Insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the nat and symmetric_rtp options allow redirecting where Asterisk sends the next RTCP report.

tags | advisory
advisories | CVE-2017-14099
SHA-256 | 313ff9367083c848ad358358e1ef5d2e2cc08ab243a86253a3085a0a2c87e354
Apple Security Advisory 2017-09-20-1
Posted Sep 20, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-20-1 - This advisory provides additional information for APPLE-SA-2017-09-19-1 iOS 11.

systems | apple, ios
advisories | CVE-2017-7072, CVE-2017-7085, CVE-2017-7088, CVE-2017-7089, CVE-2017-7097, CVE-2017-7103, CVE-2017-7105, CVE-2017-7106, CVE-2017-7108, CVE-2017-7110, CVE-2017-7112, CVE-2017-7115, CVE-2017-7116, CVE-2017-7118, CVE-2017-7133
SHA-256 | 8aeb5a27b696a6b9371d6de6e28fa2fbc84fc7b2623227bae3da19122efca2d6
Ubuntu Security Notice USN-3414-2
Posted Sep 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3414-2 - USN-3414-1 fixed vulnerabilities in QEMU. The patch backport for CVE-2017-9375 was incomplete and caused a regression in the USB xHCI controller emulation support. This update fixes the problem. Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges inside the guest. Li Qiang discovered that QEMU incorrectly handled VMWare PVSCSI emulation. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources or crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-10664, CVE-2017-10806, CVE-2017-10911, CVE-2017-11434, CVE-2017-12809, CVE-2017-7493, CVE-2017-8112, CVE-2017-8380, CVE-2017-9060, CVE-2017-9310, CVE-2017-9330, CVE-2017-9373, CVE-2017-9374, CVE-2017-9375, CVE-2017-9503, CVE-2017-9524
SHA-256 | 1d827ba81365c6bdfd6f012da771e75dd4ada8902a22473187bbbf26c49b80d4
Ubuntu Security Notice USN-3425-1
Posted Sep 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3425-1 - Hanno Boeck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed.

tags | advisory, remote, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-9798
SHA-256 | a1a39c1915ac88f760d98cc7fd6c63b884d3ccb7402a2440e1864e64c6cc73fa
Red Hat Security Advisory 2017-2771-01
Posted Sep 20, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2771-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Security Fix: A command injection flaw within the Emacs "enriched mode" handling has been discovered. By tricking an unsuspecting user into opening a specially crafted file using Emacs, a remote attacker could exploit this flaw to execute arbitrary commands with the privileges of the Emacs user.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2017-14482
SHA-256 | 28bd09fac5e30458608e8154c11408ed75f185f0abee5e8ea7f00a64c4edf902
Red Hat Security Advisory 2017-2770-01
Posted Sep 20, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2770-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event() and vfs_rename() while running the rename operation against the same file. As a result of the race the next slab data or the slab's free list pointer can be corrupted with attacker-controlled data, which may lead to the privilege escalation.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-7533
SHA-256 | 8ce1e8eda24ca99789ffae91e998f600aa35c54fea94475650ac19fd442faa90
Apple Security Advisory 2017-09-19-3
Posted Sep 20, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-19-3 - Xcode 9 is now available and addresses code execution and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2017-1000117, CVE-2017-7076, CVE-2017-7134, CVE-2017-7135, CVE-2017-7136, CVE-2017-7137, CVE-2017-9800
SHA-256 | b323f39eaec8eb4fc3557dbe54e6dc9f0deb4ab6e1e1465cd32b69c5e7ba3a49
Apple Security Advisory 2017-09-19-2
Posted Sep 20, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-19-2 - Safari 11 is now available and addresses address bar spoofing and other vulnerabilities.

tags | advisory, spoof, vulnerability
systems | apple
advisories | CVE-2017-7085, CVE-2017-7089, CVE-2017-7106
SHA-256 | 646b56a1d048967dab28769f1aaf50de1bdc5527808800579ae3d7c67b9fe324
Apple Security Advisory 2017-09-19-1
Posted Sep 20, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-19-1 - iOS 11 is now available and addresses cross site scripting, denial of service, and various other vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | cisco, apple, ios
advisories | CVE-2017-7072, CVE-2017-7085, CVE-2017-7088, CVE-2017-7089, CVE-2017-7097, CVE-2017-7106, CVE-2017-7118, CVE-2017-7133
SHA-256 | 865ddf6e4616468e824f454d3cd875358dafbfd0bc8839b6bdf8c0c9a75125c5
Microsoft Security Bulletin Defense In Depth Update For September, 2017
Posted Sep 20, 2017
Site microsoft.com

This Microsoft bulletin summary notes that the ADV170015 Defense in Depth Update has undergone a major revision increment.

tags | advisory
SHA-256 | 0a31b8b3975bdc82af9108af71693dd319cb56d6daf751d66384208beeb54a14
Microsoft Windows Kernel win32k!NtGdiHLSurfGetInformation Memory Disclosure
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiHLSurfGetInformation.

tags | advisory, kernel
systems | windows
advisories | CVE-2017-8677
SHA-256 | 9771af75ba5776d56facb4df49d7fb859a4bfd6477530871ca30eecee7176653
Kernel Live Patch Security Notice LSN-0030-1
Posted Sep 19, 2017
Authored by Benjamin M. Romer

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service (system crash). It was discovered that the Flash-Friendly File System (f2fs) implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux
advisories | CVE-2017-1000251, CVE-2017-1000379, CVE-2017-10663
SHA-256 | f03b9428d67dc46ff3b712d7c827a00f746ceef20553d5b7b9236072384bb73e
Microsoft Security Bulletin CVE Update For September, 2017
Posted Sep 19, 2017
Site microsoft.com

This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.

tags | advisory
advisories | CVE-2017-11767
SHA-256 | 0fd670ee0f6c6f5dbfa40428bd339e9dffb1fade0801ed1ea13795174324240d
Red Hat Security Advisory 2017-2760-01
Posted Sep 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2760-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-1583
SHA-256 | 63f5ba90523673c11c99253e704d39c3afc183161c91cfb839cfbf9db858fc32
Slackware Security Advisory - httpd Updates
Posted Sep 19, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-9798
SHA-256 | 97b8715bb9db5aec6be07858d3912d7ecc9bc15538757630f3773ccab81653b8
Slackware Security Advisory - libgcrypt Updates
Posted Sep 19, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libgcrypt packages are available for Slackware 14.2 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-0379
SHA-256 | 3ab1b2701a09358e5c8df7ba71e1c84ea6e57e96762fda5dea19c3733e3def3b
Slackware Security Advisory - ruby Updates
Posted Sep 19, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ruby packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory, ruby
systems | linux, slackware
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064
SHA-256 | be1ba25794f035e28999574213d415357807edc5768e3d15dc3461a14570466f
Debian Security Advisory 3978-1
Posted Sep 19, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3978-1 - Marcin Noga discovered a buffer overflow in the JPEG loader of the GDK Pixbuf library, which may result in the execution of arbitrary code if a malformed file is opened.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2017-2862
SHA-256 | 94dbcf92c3f4c69880ac9d09639d51be2809a7552119c6ca235f5b5e4dc6e36e
Ubuntu Security Notice USN-3424-1
Posted Sep 19, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3424-1 - It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. It was discovered that libxml2 did not properly validate parsed entity references. An attacker could use this to specially construct XML data that could expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-0663, CVE-2017-7375, CVE-2017-7376, CVE-2017-9047, CVE-2017-9048, CVE-2017-9049, CVE-2017-9050
SHA-256 | a5303f8530af68ac27eded66713bd807b2b44981490a742e52cf5b57786807cd
Ubuntu Security Notice USN-3422-2
Posted Sep 19, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3422-2 - USN-3422-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-10044, CVE-2016-10200, CVE-2016-7097, CVE-2016-8650, CVE-2016-9083, CVE-2016-9084, CVE-2016-9178, CVE-2016-9191, CVE-2016-9604, CVE-2016-9754, CVE-2017-1000251, CVE-2017-5970, CVE-2017-6214, CVE-2017-6346, CVE-2017-6951, CVE-2017-7187, CVE-2017-7472, CVE-2017-7541
SHA-256 | e27780348a8f8c6fe548f4fc823a3618d213ad1642631507a915d8fe3daa444c
Ubuntu Security Notice USN-3423-1
Posted Sep 19, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3423-1 - It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel
systems | linux, ubuntu
advisories | CVE-2017-1000251
SHA-256 | 87295b6caa27c3ded5ece56a064c7422e1582070bd41149c139ac47f9df75c3f
Ubuntu Security Notice USN-3422-1
Posted Sep 19, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3422-1 - It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service. It was discovered that the asynchronous I/O subsystem of the Linux kernel did not properly set permissions on aio memory mappings in some situations. An attacker could use this to more easily exploit other vulnerabilities. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-10044, CVE-2016-10200, CVE-2016-7097, CVE-2016-8650, CVE-2016-9083, CVE-2016-9084, CVE-2016-9178, CVE-2016-9191, CVE-2016-9604, CVE-2016-9754, CVE-2017-1000251, CVE-2017-5970, CVE-2017-6214, CVE-2017-6346, CVE-2017-6951, CVE-2017-7187, CVE-2017-7472, CVE-2017-7541
SHA-256 | 59a73826987ffa71daea232f292915ef55c02017c0d971591db5164b7d4e6e9d
Ubuntu Security Notice USN-3420-1
Posted Sep 19, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3420-1 - It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service. It was discovered that the Flash-Friendly File System implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000251, CVE-2017-10663, CVE-2017-12762, CVE-2017-8831
SHA-256 | 121d74ff01c97dc17adc587c56c8b84bf85cf03412480c1e717209d3c1561270
Slackware Security Advisory - kernel Updates
Posted Sep 19, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.1, 14.2, and -current to fix a security issue.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2017-1000251
SHA-256 | e7c08682afc17b1617414ffcdfde953d5259a323f01736b63e0c4844d7abb155
Debian Security Advisory 3975-1
Posted Sep 19, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3975-1 - Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code execution when rendering text/enriched MIME data (e.g. when using Emacs-based mail clients).

tags | advisory, arbitrary, code execution
systems | linux, debian
advisories | CVE-2017-14482
SHA-256 | 7930854fd8f7d16eca5554af352467589b32d0c62625694cb0b8ae8a175cad9a
Page 4 of 8
Back23456Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close