Twenty Year Anniversary
Showing 1 - 17 of 17 RSS Feed

Files Date: 2018-03-15

MikroTik RouterOS SMB Buffer Overflow
Posted Mar 15, 2018
Authored by Core Security Technologies, Juan Caillava, Maximiliano Vidal | Site coresecurity.com

A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it.

tags | exploit, remote, overflow, code execution
advisories | CVE-2018-7445
MD5 | b7e22648d2a91d8ab369593f7eabdb11
Spring Data REST PATCH Request Remote Code Execution
Posted Mar 15, 2018
Authored by Antonio Francesco Sardella

Spring Data REST versions prior to 2.6.9 (Ingalls SR9) and 3.0.1 (Kay SR1) suffer from a PATCH request remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-8046
MD5 | 21e574fce288f467dc83368b9d083a45
Ubuntu Security Notice USN-3598-1
Posted Mar 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3598-1 - Phan Thanh discovered that curl incorrectly handled certain FTP paths. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Dario Weisser discovered that curl incorrectly handled certain LDAP URLs. An attacker could possibly use this issue to cause a denial of service. Max Dymond discovered that curl incorrectly handled certain RTSP data. An attacker could possibly use this to cause a denial of service or even to get access to sensitive data. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
MD5 | 991b132a54cad14aa4100381b63d7a38
Red Hat Security Advisory 2018-0528-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0528-01 - Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-1000385
MD5 | 0b6d3bde42eef7e14e9135eafbb31ceb
Red Hat Security Advisory 2018-0527-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0527-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.7.0 ESR. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow
systems | linux, redhat
advisories | CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5144, CVE-2018-5145
MD5 | 78b747f7a33e150da6441abde2e1e8a7
Debian Security Advisory 4138-1
Posted Mar 15, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4138-1 - Several vulnerabilities were discovered in mbed TLS, a lightweight crypto and SSL/TLS library, that allowed a remote attacker to either cause a denial-of-service by application crash, or execute arbitrary code.

tags | advisory, remote, arbitrary, crypto, vulnerability
systems | linux, debian
advisories | CVE-2017-18187, CVE-2018-0487, CVE-2018-0488
MD5 | d5d19957a8a5081f78111a7aa8f37028
Red Hat Security Advisory 2018-0526-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0526-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.7.0 ESR. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow
systems | linux, redhat
advisories | CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5144, CVE-2018-5145
MD5 | 53613eb28011966d701a092535919936
Ubuntu Security Notice USN-3597-2
Posted Mar 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3597-2 - USN-3597-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. USNS 3541-2 and 3523-2 provided mitigations for Spectre and Meltdown for the i386, amd64, and ppc64el architectures for Ubuntu 16.04 LTS. This update provides the corresponding mitigations for the arm64 architecture. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
MD5 | fd7462c0473a39758790170c8a75e177
Ubuntu Security Notice USN-3597-1
Posted Mar 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3597-1 - USNS 3541-1 and 3523-1 provided mitigations for Spectre and Meltdown for the i386, amd64, and ppc64el architectures in Ubuntu 17.10. This update provides the corresponding mitigations for the arm64 architecture. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
MD5 | e93918164a75a0ef395ad162f045c54e
Red Hat Security Advisory 2018-0522-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0522-01 - .NET Core is a managed software framework. It implements a subset of the .NET framework APIs and includes a CLR implementation. New versions of .NET Core that address several security vulnerabilities are now available. The updated versions are .NET Core 1.0.10, 1.1.7, and 2.0.6. These correspond to the March 2018 security release by .NET Core upstream projects. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0875
MD5 | f89423ce6fefea78257fa0e8dede21d0
Red Hat Security Advisory 2018-0521-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0521-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP20. Issues addressed include insecure handling, randomization, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678
MD5 | 7d31782590243a4bd9357e1cd95d7b9e
Red Hat Security Advisory 2018-0520-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0520-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 29.0.0.113. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2018-4919, CVE-2018-4920
MD5 | 059f6df1b249d3bc26549f2138892d96
Slackware Security Advisory - curl Updates
Posted Mar 15, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
MD5 | 3fc45c96122e7797f10e4474454ddbf1
Debian Security Advisory 4139-1
Posted Mar 15, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4139-1 - Several security issues have been found in the Mozilla Firefox web may lead to the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, web, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5144, CVE-2018-5145
MD5 | 02a6bee2e23b8b2564802558f1123689
VMware Security Advisory 2018-0008
Posted Mar 15, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0008 - Workstation and Fusion updates address a denial-of-service vulnerability.

tags | advisory
advisories | CVE-2018-6957
MD5 | 6335920e71317006bb860ca0531a4c04
Android DRM Services Buffer Overflow
Posted Mar 15, 2018
Authored by Tamir Zahavi-Brunner

Android DRM services suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-13253
MD5 | 320d60ab8f3a3b67a369f945566f96cf
WordPress Duplicator 1.2.32 Cross Site Scripting
Posted Mar 15, 2018
Authored by Stefan Broeder

WordPress Duplicator plugin version 1.2.32 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-7543
MD5 | 45d2ac744bd3dd655b1d3cdb8ca1d9c2
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    2 Files
  • 23
    Apr 23rd
    17 Files
  • 24
    Apr 24th
    24 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close