Ubuntu Security Notice 2151-1 - Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman and Christoph Diehl discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Atte Kettunen discovered an out-of-bounds read during WAV file decoding. If a user had enabled audio, an attacker could potentially exploit this to cause a denial of service via application crash. Various other issues were also addressed.
b9c5d05796f3964f78637e76f8a8bd653489461cb18c7c6f49a37f26b22188a3An authenticated Nessus scan of a target machine may result in local privilege escalation on that target machine if scanned with the Malicious Process Detection plugin (Plugin ID 59275). The Malicious Process Detection plugin created a service which ran as SYSTEM however this binary could be modified by a low level user allowing for privilege escalation. Nessus appliance engine version 5.2.1 the plugin set 201402092115 is affected.
8648f4d711efe44b31bdee0acb14cb37b88fd4f1a78ae2f87ff9765acf082452STAR57 version 6.20.090330 suffers from a remote command execution vulnerability.
433eba217ae3e6257289bddd815eaf98f552a7c8d6d092e667f2d8aa0c9d3f23innoEDIT version 6.2 suffers from a remote command execution vulnerability.
a84ae0a9198c45f8c61093d04e2ace4490cd15507d7a8f10f9f4446e77bcd88eLynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
634569923deb4852e20d6122ff4c30d976bb45da41677eac0dcd3125c233ef4dThis is the fourth issue of PoC || GTFO.
7094f5c6a3936e0d0b8f5e42b4d1940413f568e9a3617be0d7d6dc73cb3420e1This is the third issue of PoC || GTFO.
f427e8d95c0ac15abe61d96fb75cfb55df1fd5ac9e713cf968f3602267ca155eThis is the second issue of PoC || GTFO.
a0f93a265d38257a06fd7fd210f73ea9c55a94ac1305c65c0510ada236c2cc88This is the first issue of the International Journal of PoC || GTFO.
c4d1d1091187b98a9bb28452bc6564a1e8c0ce10d20ba2b4a20f8b7798f7ab64This tool can be used to enumerate Skype users profiles, contacts, messages, and calls from the main.db file. This is automated easy to use application in which to perform forensic spelunking of Skype data.
c5eb5f2d1fcead4e96207e4b85959a611b231d00883e83e72cbcb504f8e2d96d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed