Red Hat Security Advisory 2018-2317-01 - XML-RPC is a way to make remote procedure calls over the Internet. It converts procedure calls into XML documents, sends them to a remote server using the HTTP protocol, and gets back the response as XML. Issues addressed include a deserialization vulnerability.
19c1f0116a68d7484fa0a5e62b46d00fRed Hat Security Advisory 2018-2328-01 - The rhvm-setup-plugins package adds functionality exclusive only to Red Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase and other support material. Issues addressed include a bypass vulnerability.
c060a397c9c42bd68a0aab76cb732900Red Hat Security Advisory 2018-2308-01 - OpenSLP is an open source implementation of the Service Location Protocol which is an Internet Engineering Task Force standards track protocol and provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. Issues addressed include code execution and denial of service vulnerabilities.
f935c99bbae2bc1e980eeb092cce4228Red Hat Security Advisory 2018-2309-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
1e0323f0367612bfb37718139c812ea0Slackware Security Advisory - New lftp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
1c605a221e428ff3f6bfc292b3d5b7d0Debian Linux Security Advisory 4260-1 - Several vulnerabilities were discovered in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious CAB, CHM or KWAJ files and use these flaws to cause a denial of service via application crash, or potentially execute arbitrary code.
d755de94a97a35ef3445c6980f25e25cPHP Template Store Script version 3.0.6 suffers from persistent cross site scripting vulnerabilities.
955dd57ab80d69477021cb73445e4ecfBasic B2B Script version 2.0.0 suffers from a cross site scripting vulnerability.
a1df522c04e8693285e8c1824e50e38fPlex Media Server version 1.13.2.5154 suffers from an XML external entity injection vulnerability in SSDP processing.
c18b998e1a1850dfdadeaba4a9126720Vuze Bittorrent Client version 5.7.6.0 suffers from an XML external entity injection vulnerability in SSDP processing.
e4c3c8436b4e3971339e0df9048434ba86 bytes small Linux/x86 reverse TCP (::FFFF:192.168.1.5:4444/TCP) shell (/bin/sh) + null-free + IPv6 shellcode.
841854d50e743d5f6ad22336b8cda687Entrepreneur Job Portal Script version 3.0.1 suffers from a cross site scripting vulnerability.
a7e5295e329bbc1d4c1af0e8d168a58f128 bytes small Linux/ARM TCP/4444 IPv6 bindshell shellcode.
96755523a01f3bd24e8c2517eb974c84Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.
b67abfb8e995de46f414b726468a3fc5Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.
95ed4ef67b7140cf3f4dc8bf1d17af02This Metasploit module attempts to gain root privileges on Linux systems by abusing UDP Fragmentation Offload (UFO). This exploit targets only systems using Ubuntu (Trusty / Xenial) kernels 4.4.0-21 <= 4.4.0-89 and 4.8.0-34 <= 4.8.0-58, including Linux distros based on Ubuntu, such as Linux Mint. The target system must have unprivileged user namespaces enabled and SMAP disabled. Bypasses for SMEP and KASLR are included. Failed exploitation may crash the kernel. This Metasploit module has been tested successfully on various Ubuntu and Linux Mint systems, including: Ubuntu 14.04.5 4.4.0-31-generic x64 Desktop; Ubuntu 16.04 4.8.0-53-generic; Linux Mint 17.3 4.4.0-89-generic; Linux Mint 18 4.8.0-58-generic
365cc8e31e8378f416a359810066fcda
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed