Exploit the possiblities
Showing 1 - 21 of 21 RSS Feed

Files Date: 2017-05-26

Red Hat Security Advisory 2017-1285-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1285-01 - collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files. Because the daemon does not start up each time it updates files, it has a low system footprint. The following packages have been upgraded to a newer upstream version: collectd. Security Fix: collectd contains an infinite loop due to how the parse_packet() and parse_part_sign_sha256() functions interact. If an instance of collectd is configured with "SecurityLevel None" and with empty "AuthFile" options an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of service.

tags | advisory, denial of service, udp
systems | linux, redhat
advisories | CVE-2017-7401
MD5 | 1e5823ecffc2f0b50c62569eb2138b2b
Ubuntu Security Notice USN-3298-2
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3298-2 - USN-3298-1 fixed a vulnerability in MiniUPnP. This update provides the corresponding update for Ubuntu 17.04. It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-8798
MD5 | 2f0b46b13787dbe13a58f5d1fcc90e60
Ubuntu Security Notice USN-3296-1
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3296-1 - It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-7494
MD5 | f0f4ec0a75f3d3610c11da4415ced0b9
HP Security Bulletin HPESBHF03750 1
Posted May 26, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03750 1 - Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5, Comware 7 and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or unauthorized modification, or locally exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158
MD5 | 692c408c7a93199bb791312c95aec51b
Gentoo Linux Security Advisory 201705-14
Posted May 26, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201705-14 - A vulnerability in Smb4K could allow local attackers to execute commands as root. Versions less than 1.2.3-r1=E2=80=88 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2017-8849
MD5 | 271f9362f26bb0695e80069785725821
Gentoo Linux Security Advisory 201705-13
Posted May 26, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201705-13 - Teeworlds client vulnerability in snap handling could result in execution of arbitrary code. Versions less than 0.6.4 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2016-9400
MD5 | 7469bb3359112b0a9a314f9ce692bd52
Gentoo Linux Security Advisory 201705-12
Posted May 26, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201705-12 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 25.0.0.171 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3071, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074
MD5 | 3b273e9b0f6ad5f90d417ecf2c6a52f1
Ubuntu Security Notice USN-3297-1
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3297-1 - Bingchang Liu discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. It was discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly disclose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9601, CVE-2017-7885, CVE-2017-7975, CVE-2017-7976
MD5 | c1b6e7f086ab1156bb2c2a8f9e67b97a
Debian Security Advisory 3863-1
Posted May 26, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3863-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV, PICT, XWD, PCD, SFW, MAT, EXR, DCM, MNG, PCX or SVG files are processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2017-7606, CVE-2017-7619, CVE-2017-7941, CVE-2017-7943, CVE-2017-8343, CVE-2017-8344, CVE-2017-8345, CVE-2017-8346, CVE-2017-8347, CVE-2017-8348, CVE-2017-8349, CVE-2017-8350, CVE-2017-8351, CVE-2017-8352, CVE-2017-8353, CVE-2017-8354, CVE-2017-8355, CVE-2017-8356, CVE-2017-8357, CVE-2017-8765, CVE-2017-8830, CVE-2017-9098, CVE-2017-9141, CVE-2017-9142, CVE-2017-9143, CVE-2017-9144
MD5 | 831630db52280259529474c6046a1b5d
Gentoo Linux Security Advisory 201705-11
Posted May 26, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201705-11 - Multiple vulnerabilities have been found in Xen, the worst of which could allow for privilege escalation. Versions less than 4.7.2-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2017-8903, CVE-2017-8904, CVE-2017-8905
MD5 | 0400d9c5fac9c5cfdd5d710a9c4e0eb1
HP Security Bulletin HPESBHF03746 1
Posted May 26, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03746 1 - Potential security vulnerabilities have been identified in HPE Intelligent Management Center (iMC) PLAT. The vulnerabilities could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2017-5820, CVE-2017-5821, CVE-2017-5822, CVE-2017-5823
MD5 | 1fa31053feeb9586dd17f2fef9778af9
Red Hat Security Advisory 2017-1334-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1334-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Security Fix: An input validation vulnerability was found in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2017-7466, CVE-2017-7481
MD5 | 83e1266e0d1bfc7ff2e03076efc28737
Red Hat Security Advisory 2017-1298-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1298-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-7308
MD5 | 68246d6f7e533ab05baff2d7cbd62ba1
Red Hat Security Advisory 2017-1297-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1297-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-7308
MD5 | 4b41d19f3dbd1570049ac04179f9d1a3
Red Hat Security Advisory 2017-1308-01
Posted May 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1308-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-5986, CVE-2017-7308
MD5 | 1a4da6d2bc02d3fd97903c280961b160
Ubuntu Security Notice USN-3298-1
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3298-1 - It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-8798
MD5 | 66c38f559ac82c044d48583caeb6d01e
Ubuntu Security Notice USN-3299-1
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3299-1 - Some security information preloaded in Firefox was due to expire before the next scheduled release. This update bumps the expiration times.

tags | advisory
systems | linux, ubuntu
MD5 | d03e462d2a025f87d58749a6a1558129
Slackware Security Advisory - samba Updates
Posted May 26, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-7494
MD5 | 13e032266744afb649c901258770dbb0
HP Security Bulletin HPESBHF03751 1
Posted May 26, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03751 1 - A potential vulnerability in HPE Aruba AirWave Glass 1.0.0 and 1.0.1 could be remotely exploited to allow remote code execution. Revision 1 of this advisory.

tags | advisory, remote, code execution
advisories | CVE-2017-8946
MD5 | 7ca551d4e6257bb6a081772f154ac71a
Ubuntu Security Notice USN-3296-2
Posted May 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3296-2 - USN-3296-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-7494
MD5 | 3151847994feaadedd5b02ecc2403215
Debian Security Advisory 3861-1
Posted May 26, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3861-1 - Jakub Jirasek of Secunia Research discovered that libtasn1, a library used to handle Abstract Syntax Notation One structures, did not properly validate its input. This would allow an attacker to cause a crash by denial-of-service, or potentially execute arbitrary code, by tricking a user into processing a maliciously crafted assignments file.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2017-6891
MD5 | 788c0ad49d20fd8197c64ffb108a18ec
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close