Exploit the possiblities
Showing 1 - 25 of 29 RSS Feed

Files Date: 2017-01-11

Ubuntu Security Notice USN-3168-2
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3168-2 - USN-3168-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9756, CVE-2016-9793, CVE-2016-9794, CVE-2016-9806
MD5 | cc949ff987241c976d84bdd72b306293
Ubuntu Security Notice USN-3167-1
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3167-1 - Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9756, CVE-2016-9794
MD5 | de7cf485c4d80c27427111666102e255
Red Hat Security Advisory 2017-0057-01
Posted Jan 11, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0057-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 24.0.0.194. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935, CVE-2017-2936, CVE-2017-2937, CVE-2017-2938
MD5 | 6954e346bcbe692f0b626087ab6e1b2b
Ubuntu Security Notice USN-3171-1
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3171-1 - Josef Gajdusek discovered that the LibVNCServer client library incorrectly handled certain FrameBufferUpdate messages. If a user were tricked into connecting to a malicious server, an attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9941, CVE-2016-9942
MD5 | 810697f5713301de2317a7b5b05eb1bb
Debian Security Advisory 3757-1
Posted Jan 11, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3757-1 - Multiple security issues have been found in Icedove, Debian's version of to the execution of arbitrary code, data leakage or bypass of the content security policy.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-9893, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899, CVE-2016-9900, CVE-2016-9904, CVE-2016-9905
MD5 | 72111a21c15e76e0df4351f5722b36a2
Red Hat Security Advisory 2017-0059-01
Posted Jan 11, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0059-01 - Red Hat Mobile Application Platform 4.2 is delivered as a set of Docker-formatted container images.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-8704, CVE-2016-8705
MD5 | 1e1f522d0252aa619cfd0310eb69135b
Gentoo Linux Security Advisory 201701-32
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-32 - Multiple vulnerabilities have been found in phpMyAdmin, the worst of which could lead to arbitrary code execution. Versions less than 4.6.5.1 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2016-4412, CVE-2016-5097, CVE-2016-5098, CVE-2016-5099, CVE-2016-5701, CVE-2016-5702, CVE-2016-5703, CVE-2016-5704, CVE-2016-5705, CVE-2016-5706, CVE-2016-5730, CVE-2016-5731, CVE-2016-5732, CVE-2016-5733, CVE-2016-5734, CVE-2016-5739, CVE-2016-6606, CVE-2016-6607, CVE-2016-6608, CVE-2016-6609, CVE-2016-6610, CVE-2016-6611, CVE-2016-6612, CVE-2016-6613, CVE-2016-6614, CVE-2016-6615, CVE-2016-6616, CVE-2016-6617
MD5 | 91aeac1b57ca172159b5b0157b2b03c8
Gentoo Linux Security Advisory 201701-31
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-31 - Flex might generate code with a buffer overflow making applications using such scanners vulnerable to the execution of arbitrary code. Versions less than 2.6.1 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2016-6354
MD5 | 644836899894a6e9b596c9b141de6220
Gentoo Linux Security Advisory 201701-29
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-29 - A vulnerability has been found in Vim and gVim concerning how certain modeline options are treated. Versions less than 8.0.0106 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-1248
MD5 | b427688f5478daa92ab0491ffedcc181
Gentoo Linux Security Advisory 201701-30
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-30 - A vulnerability in vzctl might allow attackers to gain control over ploop containers. Versions less than 4.9.4 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2015-6927
MD5 | f5964ee22376f1b0f0bdbadda1e335b5
Gentoo Linux Security Advisory 201701-28
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-28 - A heap-based buffer overflow in c-ares might allow remote attackers to cause a Denial of Service condition. Versions less than 1.12.0 are affected.

tags | advisory, remote, denial of service, overflow
systems | linux, gentoo
advisories | CVE-2016-5180
MD5 | de02c0754d9719cad294144b11db9e65
FreeBSD Security Advisory - FreeBSD-SA-17:01.openssh
Posted Jan 11, 2017
Site security.freebsd.org

FreeBSD Security Advisory - The ssh-agent(1) agent supports loading a PKCS#11 module from outside a trusted whitelist. An attacker can request loading of a PKCS#11 module across forwarded agent-socket. When privilege separation is disabled, forwarded Unix domain sockets would be created by sshd(8) with the privileges of 'root' instead of the authenticated user. A remote attacker who have control of a forwarded agent-socket on a remote system and have the ability to write files on the system running ssh-agent(1) agent can run arbitrary code under the same user credential. Because the attacker must already have some control on both systems, it is relatively hard to exploit this vulnerability in a practical attack. When privilege separation is disabled (on FreeBSD, privilege separation is enabled by default and has to be explicitly disabled), an authenticated attacker can potentially gain root privileges on systems running OpenSSH server.

tags | advisory, remote, arbitrary, root
systems | unix, freebsd, bsd
advisories | CVE-2016-10009, CVE-2016-10010
MD5 | 2022ff5492e80b6bf9eb7f85b3d2016f
Gentoo Linux Security Advisory 201701-27
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-27 - Multiple vulnerabilities have been found in 7-Zip, the worst of which may allow execution of arbitrary code. Versions less than 16.02-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2334, CVE-2016-2335
MD5 | 60156dee1c71eedd6b509cb97557edbd
Gentoo Linux Security Advisory 201701-26
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-26 - A vulnerability in BIND might allow remote attackers to cause a Denial of Service condition. Versions less than 9.10.4_p4 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2016-8864
MD5 | e52b21854ad1f1b054a34e8b348d1b09
Gentoo Linux Security Advisory 201701-25
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-25 - Multiple vulnerabilities have been found in phpBB, the worst of which may allow remote attackers to inject arbitrary web script or HTML. Versions less than 3.1.10 are affected.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-1431, CVE-2015-1432
MD5 | e1701ac48658f80f41356a522f3f0349
Gentoo Linux Security Advisory 201701-24
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-24 - Multiple vulnerabilities have been found in PgBouncer, the worst of which may allow an attacker to bypass authentication. Versions less than 1.7.2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2015-4054, CVE-2015-6817
MD5 | fb68b6cc4bbfdf46a1ae9aa0d719ac6b
Gentoo Linux Security Advisory 201701-23
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-23 - Multiple vulnerabilities have been found in Botan, the worst of which might allow remote attackers to obtain ECDSA secret keys. Versions less than 1.10.13 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2849, CVE-2016-2850
MD5 | 4e4fded4d23af64fbcbc023404df39b9
Gentoo Linux Security Advisory 201701-22
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-22 - Gentoo's NGINX ebuilds are vulnerable to privilege escalation due to the way log files are handled. Versions less than 1.10.2-r3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-1247
MD5 | 6b8b2ccfcc7f829dbb83cd5eaee9e576
Gentoo Linux Security Advisory 201701-21
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-21 - Multiple vulnerabilities have been found in Expat, the worst of which may allow execution of arbitrary code. Versions less than 2.2.0-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6702, CVE-2013-0340, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300
MD5 | 9900fb8757b3436555947e2691bf6f5e
Gentoo Linux Security Advisory 201701-20
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-20 - A vulnerability has been found in D-Bus possibly resulting in a local Denial of Service. Versions less than 1.10.12 are affected.

tags | advisory, denial of service, local
systems | linux, gentoo
MD5 | c59a903d1ffd8d8a1b17145bae1aeb2a
Gentoo Linux Security Advisory 201701-19
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-19 - A vulnerability in NTFS-3G allows local users to gain root privileges. Versions less than 2016.2.22 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2015-3202
MD5 | be6b6b7c02a8dd858ebdfb9ba887b057
Ubuntu Security Notice USN-3170-2
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3170-2 - Andrey Konovalov discovered that the ipv6 icmp implementation in the Linux kernel did not properly check data structures on send. A remote attacker could use this to cause a denial of service. Andrey Konovalov discovered that signed integer overflows existed in the setsockopt system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9793, CVE-2016-9919
MD5 | 6233dfb8b4e35acbafb792f317ce7fc3
Ubuntu Security Notice USN-3170-1
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3170-1 - Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Andrey Konovalov discovered that signed integer overflows existed in the setsockopt system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9756, CVE-2016-9793
MD5 | 5c1db0e80bfb9ac18007008ffba06817
Ubuntu Security Notice USN-3169-4
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3169-4 - Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Andrey Konovalov discovered that signed integer overflows existed in the setsockopt system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9793, CVE-2016-9794
MD5 | a6552a4f447f2eb8f27d8b08c57898d6
Ubuntu Security Notice USN-3169-2
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3169-2 - USN-3169-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9756, CVE-2016-9793, CVE-2016-9794
MD5 | 1178edfd65b0eb93b716ee3fabf157e3
Page 1 of 2
Back12Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    28 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close