what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2017-05-26

Red Hat Security Advisory 2017-1285-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1285-01 - collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files. Because the daemon does not start up each time it updates files, it has a low system footprint. The following packages have been upgraded to a newer upstream version: collectd. Security Fix: collectd contains an infinite loop due to how the parse_packet() and parse_part_sign_sha256() functions interact. If an instance of collectd is configured with "SecurityLevel None" and with empty "AuthFile" options an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of service.

tags | advisory, denial of service, udp
systems | linux, redhat
advisories | CVE-2017-7401
SHA-256 | 776f60d9d717f98debe6591d5c749394531c12b7c6f20e209f53577feadf7e52
Ubuntu Security Notice USN-3298-2
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3298-2 - USN-3298-1 fixed a vulnerability in MiniUPnP. This update provides the corresponding update for Ubuntu 17.04. It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-8798
SHA-256 | 5a1f244a639723fbd4203f9d69ead26cbeb2abd49dbc6d279bb0532f02b34f38
Ubuntu Security Notice USN-3296-1
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3296-1 - It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-7494
SHA-256 | 74c8dce6464b45a17a96071c45ced2918a74b90c99d10b7e5dc0109233c1a292
HPE Security Bulletin HPESBHF03750 1
Posted May 26, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03750 1 - Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5, Comware 7 and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or unauthorized modification, or locally exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158
SHA-256 | 7f882c6324716b75cd78a8b4cab85a38448ce39540c3887364e56b39ae65a64d
Gentoo Linux Security Advisory 201705-14
Posted May 26, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201705-14 - A vulnerability in Smb4K could allow local attackers to execute commands as root. Versions less than 1.2.3-r1=E2=80=88 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2017-8849
SHA-256 | 9be6ea56f40f00cf7923d6ab881d6124ac5ea1313b410131e4fb7deccec6e898
Gentoo Linux Security Advisory 201705-13
Posted May 26, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201705-13 - Teeworlds client vulnerability in snap handling could result in execution of arbitrary code. Versions less than 0.6.4 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2016-9400
SHA-256 | 726fa651af570a6bf068da3abe00936709c9bea5e589202f2cac0f36b007c521
Gentoo Linux Security Advisory 201705-12
Posted May 26, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201705-12 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 25.0.0.171 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3071, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074
SHA-256 | 259b808761e0e98470f16e5aabd7f216dc8d5a307d8f2381e704cf2cbd78d433
Ubuntu Security Notice USN-3297-1
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3297-1 - Bingchang Liu discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. It was discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly disclose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9601, CVE-2017-7885, CVE-2017-7975, CVE-2017-7976
SHA-256 | 8995d60474715ca698f623cfd847001e10d5652f23121b9db2700dc1ab3047cc
Debian Security Advisory 3863-1
Posted May 26, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3863-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV, PICT, XWD, PCD, SFW, MAT, EXR, DCM, MNG, PCX or SVG files are processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2017-7606, CVE-2017-7619, CVE-2017-7941, CVE-2017-7943, CVE-2017-8343, CVE-2017-8344, CVE-2017-8345, CVE-2017-8346, CVE-2017-8347, CVE-2017-8348, CVE-2017-8349, CVE-2017-8350, CVE-2017-8351, CVE-2017-8352, CVE-2017-8353, CVE-2017-8354, CVE-2017-8355, CVE-2017-8356, CVE-2017-8357, CVE-2017-8765, CVE-2017-8830, CVE-2017-9098, CVE-2017-9141, CVE-2017-9142, CVE-2017-9143, CVE-2017-9144
SHA-256 | d67b514719632528efba1567bd135fdf63d7336a14fc411155a5bbc9412f99c4
Gentoo Linux Security Advisory 201705-11
Posted May 26, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201705-11 - Multiple vulnerabilities have been found in Xen, the worst of which could allow for privilege escalation. Versions less than 4.7.2-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2017-8903, CVE-2017-8904, CVE-2017-8905
SHA-256 | 88256f8cd485249f5f238de1a9910c899d9943d9e363d9853729ce40b2c2c543
HPE Security Bulletin HPESBHF03746 1
Posted May 26, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03746 1 - Potential security vulnerabilities have been identified in HPE Intelligent Management Center (iMC) PLAT. The vulnerabilities could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2017-5820, CVE-2017-5821, CVE-2017-5822, CVE-2017-5823
SHA-256 | 1ea0082d1774a3deb45526dce71a859acda9cb53b77a5847982fa6bdf2b9f3a2
Red Hat Security Advisory 2017-1334-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1334-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Security Fix: An input validation vulnerability was found in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2017-7466, CVE-2017-7481
SHA-256 | 204a789202d549f591081ca3fc1e84f843d4846f5dca491183ea3afac773bf62
Red Hat Security Advisory 2017-1298-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1298-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-7308
SHA-256 | 40f0d88fee842312c08174e9a755735d073fbc79231455636cffc86f445ac1fd
Red Hat Security Advisory 2017-1297-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1297-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-7308
SHA-256 | 4cdf95d71fe190028c5b4eaf8a98bb01e7ca1f467d3e4a94c93169e92070f5df
Red Hat Security Advisory 2017-1308-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1308-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-5986, CVE-2017-7308
SHA-256 | 05e1316e780dc2164e9b946f6bf6af0785375c6af129a7e24f7c80990de20921
Ubuntu Security Notice USN-3298-1
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3298-1 - It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-8798
SHA-256 | 631298feb6a5b1934adf10d2fd480579073fd086c0ef642c6eb804daf10480a8
Ubuntu Security Notice USN-3299-1
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3299-1 - Some security information preloaded in Firefox was due to expire before the next scheduled release. This update bumps the expiration times.

tags | advisory
systems | linux, ubuntu
SHA-256 | df3414b2d818c1a38bdba2005fdd90d516dbc52be88231e97df0d51c9e68bc35
Slackware Security Advisory - samba Updates
Posted May 26, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-7494
SHA-256 | 9513be389e78976da3f00c4485ef02d0ed3bee97954917bf86af4ff2cd2589d4
HPE Security Bulletin HPESBHF03751 1
Posted May 26, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03751 1 - A potential vulnerability in HPE Aruba AirWave Glass 1.0.0 and 1.0.1 could be remotely exploited to allow remote code execution. Revision 1 of this advisory.

tags | advisory, remote, code execution
advisories | CVE-2017-8946
SHA-256 | 1722d4cad3d0d2c67f2fd4e92eae1dd12ceb75eb0f8239a356d352732d1de17f
Ubuntu Security Notice USN-3296-2
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3296-2 - USN-3296-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-7494
SHA-256 | 582154a3e5f15b8b497e94262789591a1ba008088aa8adf694d1ab35ee200e61
Debian Security Advisory 3861-1
Posted May 26, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3861-1 - Jakub Jirasek of Secunia Research discovered that libtasn1, a library used to handle Abstract Syntax Notation One structures, did not properly validate its input. This would allow an attacker to cause a crash by denial-of-service, or potentially execute arbitrary code, by tricking a user into processing a maliciously crafted assignments file.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2017-6891
SHA-256 | a686af7b3ef858fd2228b341cc27e32399ed5f33d77e41ebaf52b825d43fa96d
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close