Twenty Year Anniversary
Showing 1 - 12 of 12 RSS Feed

Files Date: 2018-04-06

Slackware Security Advisory - patch Updates
Posted Apr 6, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New patch packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-1000156
MD5 | d82d0bb32c2cf43806488c987a1059fb
Dell EMC Avamar / Integrated Data Protection Missing Access Control
Posted Apr 6, 2018
Authored by Kapil Khot | Site emc.com

The Dell EMC Avamar Installation Manager component, within Dell EMC Avamar Server and Integrated Data Protection Appliance, is affected by a missing access control vulnerability. Dell EMC Avamar Server versions 7.3.1, 7.4.1, 7.50 and Dell EMC Integrated Data Protection Appliance versions 2.0 and 2.1 are affected.

tags | advisory
advisories | CVE-2018-1217
MD5 | 085fd424dd71f30286023e81af3df696
Ubuntu Security Notice USN-3596-2
Posted Apr 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3596-2 - USN-3596-1 fixed vulnerabilities in Firefox. The update caused an issue where it was not possible to customize the toolbars when running Firefox in Unity. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or opening new tabs, escape the sandbox, bypass same-origin restrictions, obtain sensitive information, confuse the user with misleading permission requests, or execute arbitrary code. It was discovered that the fetch API could incorrectly return cached copies of no-store/no-cache resources in some circumstances. A local attacker could potentially exploit this to obtain sensitive information in environments where multiple users share a common profile. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-5126, CVE-2018-5127, CVE-2018-5128, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5133, CVE-2018-5136, CVE-2018-5137, CVE-2018-5140, CVE-2018-5141, CVE-2018-5142, CVE-2018-5143
MD5 | 49ca5b9a2e96eafbbfd9de997c943394
Red Hat Security Advisory 2018-0647-01
Posted Apr 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0647-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.7.0. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5144, CVE-2018-5145, CVE-2018-5146
MD5 | bdb3968215778e7a0a67038c95f8e336
Video Downloader Universal Cross Site Scripting
Posted Apr 6, 2018
Authored by Tavis Ormandy, Google Security Research

The Video Downloader Chrome extension suffers from a universal cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7773a2a48a1659869a5f513b21355dfb
Ubuntu Security Notice USN-3619-2
Posted Apr 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3619-2 - USN-3619-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the Berkeley Packet Filter implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-0861, CVE-2017-1000407, CVE-2017-11472, CVE-2017-15129, CVE-2017-16528, CVE-2017-16532, CVE-2017-16536, CVE-2017-16537, CVE-2017-16645, CVE-2017-16646, CVE-2017-16649, CVE-2017-16650, CVE-2017-16911, CVE-2017-16912, CVE-2017-16913, CVE-2017-16914, CVE-2017-16994, CVE-2017-16995, CVE-2017-17448, CVE-2017-17449, CVE-2017-17450, CVE-2017-17558, CVE-2017-17741, CVE-2017-17805, CVE-2017-17806, CVE-2017-17807
MD5 | bc8d51fb1a6f01647ffe1a71b00640a3
Debian Security Advisory 4167-1
Posted Apr 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4167-1 - A buffer-overflow vulnerability was discovered in Sharutils, a set of utilities handle Shell Archives. An attacker with control on the input of the unshar command, could crash the application or execute arbitrary code in the its context.

tags | advisory, overflow, arbitrary, shell
systems | linux, debian
advisories | CVE-2018-1000097
MD5 | f45edf0e1ca9bff52faa495942d41a56
Cobub Razor 0.7.2 Cross Site Request Forgery
Posted Apr 6, 2018
Authored by ppb

Cobub Razor version 0.7.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-7746
MD5 | b8e2eb4df5cce7fb90eec9d6b2f756fd
Cockpit CMS 0.13.0 Server Side Request Forgery
Posted Apr 6, 2018
Authored by Jiawang Zhang, Qian Wu, Bo Wang

Cockpit CMS version 0.13.0 suffers from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2017-14611
MD5 | a8f5621bbb2134b06037d093d935393e
LineageOS 14.1 Blueborne Remote Code Execution
Posted Apr 6, 2018
Authored by Marcin Kozlowski

LineageOS version 14.1 Blueborne suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-0781
MD5 | 90410d5586fb58a108784ae1818b9a2b
WebKit WebAssembly Missing Order Check
Posted Apr 6, 2018
Authored by Google Security Research, natashenka

When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder() does not adequately check that sections are in the correct order when a binary contains custom sections.

tags | exploit
MD5 | d9c23ee48266ac97c0d46ca18c95d336
Onethink CMS Server Side Request Forgery
Posted Apr 6, 2018
Authored by Jiawang Zhang, Qian Wu, Bo Wang

Onethink CMS versions released up to date 2018/04/06 suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2017-14323
MD5 | 37fbf6905231e41dc7ab8bbf92cf136c
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close