what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2018-08-14

Debian Security Advisory 4271-1
Posted Aug 14, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4271-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2018-10858, CVE-2018-10919
SHA-256 | 1cd23e688938ba7d5034395ba01b18fc3d061baf0c1802c7177355634269b102
Debian Security Advisory 4272-1
Posted Aug 14, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4272-1 - Juha-Matti Tilli discovered a flaw in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker can take advantage of this flaw to trigger time and calculation expensive fragment reassembly algorithms by sending specially crafted packets, leading to remote denial of service. This is mitigated by reducing the default limits on memory usage for incomplete fragmented packets.

tags | advisory, remote, denial of service, kernel
systems | linux, debian
advisories | CVE-2018-5391
SHA-256 | 0728079d095807496cbcd5cf2912b81abbd6595bfa96cba6e6502591a1bae9f9
Linux PAM 0.6.9 Authentication Replay
Posted Aug 14, 2018
Authored by Eric Sesterhenn

It is possible to replay an authentication by using a specially prepared smartcard or token in case pam-pkcs11 is compiled with NSS support. Furthermore two minor implementation issues have been identified. Linux PAM version 0.6.9 is affected.

tags | advisory
systems | linux
SHA-256 | b156716f0716691c0ca438fba63d6af0df228025140f98efed7f8babd73f2e70
Yubico 0.1.9 libykneomgr Out Of Bounds Read / Write
Posted Aug 14, 2018
Authored by Eric Sesterhenn

Yubico version 0.1.9 libykneomgr suffers from out of bounds read and write vulnerabilities.

tags | advisory, vulnerability
SHA-256 | f026402949671b5c7eaa93c8c450e63c93a2dd7a8bf17ecede7d2e2b8238938b
Apple Smart Card Services Memory Corruption
Posted Aug 14, 2018
Authored by Eric Sesterhenn

Attackers with local access can exploit security issues in the smartcard driver. These result in memory corruptions, which might lead to code execution. Since smartcards can be used for authentication, the vulnerabilities may allow an attacker to login to the system without valid credentials as any user.

tags | advisory, local, vulnerability, code execution
advisories | CVE-2018-4300, CVE-2018-4301
SHA-256 | 03f8a989d5a6ce06634983e336918a7bae2b2c343a199065eb0802f689d3a8c5
Kernel Live Patch Security Notice LSN-0042-1
Posted Aug 14, 2018
Authored by Benjamin M. Romer

On August 14, fixes for CVE-2018-3620 and CVE-2018-3646 were released into the Ubuntu Xenial and Bionic kernels. These CVEs are security vulnerabilities caused by flaws in the design of speculative execution hardware in the computer's CPU. Researchers discovered that memory present in the L1 data cache of an Intel CPU core may be visible to other processes running on the same core.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646
SHA-256 | 85663d16e365831ddb6166944044cd7b5c82c443b513338e9cf44622ed20b0c4
OpenSC 0.18.0 Buffer Overflow / Out Of Bounds Read
Posted Aug 14, 2018
Authored by Eric Sesterhenn

Multiple issues have been identified in OpenSC, ranging from stack based buffer overflows to out of bounds reads and writes on the heap. They can be triggered by malicious smartcards sending malformed responses to APDU commands. Additionally to those fixes reported here, a lot of minor issues (eg. OOB reads and similar) have been reported and fixed. Version 0.18.0 is affected.

tags | advisory, overflow
SHA-256 | 7cbf1ff1fb1b510bc49220cd0645d75c841ff20cdb39c8575a2bdfc1fe2b2b64
ASUSTOR NAS ADM 3.1.0 Remote Command Execution / SQL Injection
Posted Aug 14, 2018
Authored by Kyle Lovett

ASUSTOR NAS ADM version 3.1.0 suffers from code execution and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
advisories | CVE-2018-11509, CVE-2018-11510, CVE-2018-11511
SHA-256 | 1644681fa9ff008830ac7ddad2b94c3263d391b10d2e6962b1b9eaf1341a36be
cgit Directory Traversal
Posted Aug 14, 2018
Authored by Dhiraj Mishra | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability in cgit versions prior to 1.2.1.

tags | exploit
advisories | CVE-2018-14912
SHA-256 | a6e005dc2280ba56fb5c4225445c65d8851f8cf8775107d49d6da21b41b8d918
Nasdaq BWise 5.0 JMX/RMI Interface Remote Code Execution
Posted Aug 14, 2018
Authored by Anibal Aguiar

Nasdaq BWise version 5.0 suffers from a JMX/RMI interface remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-11247
SHA-256 | bd5c8c9b2bdc9af063a4f07d2fccdc991619335996b3a5f28f30a14b6f598b5e
Yubico PIV Tool 1.5.0 Buffer Overflow
Posted Aug 14, 2018
Authored by Eric Sesterhenn

A buffer overflow and an out of bounds memory read were identified in the yubico-piv-tool-1.5.0, these can be triggered by a malicious token.

tags | advisory, overflow
advisories | CVE-2018-14779, CVE-2018-14780
SHA-256 | ba4bb77ccc36b888c9bfe1c04ac1e72de278a001510604b38d74fbc9bf952c81
Wansview 1.0.2 Denial Of Service
Posted Aug 14, 2018
Authored by Gionathan Reale

Wansview version 1.0.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 174b4f4e48a463dcff4ceeb63f875334dd8fd156adc424ebfd23e4a5102e130c
Slackware Security Advisory - openssl Updates
Posted Aug 14, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-0732, CVE-2018-0737
SHA-256 | 6e711887d2814ee045ff01a89ca03e6b1ae678c324141c1fa0b6f5d63c441183
Microsoft Security Advisory Updates For August 14, 2018
Posted Aug 14, 2018
Site microsoft.com

This Microsoft advisory notification includes advisories released or updated on August 14, 2018.

tags | advisory
SHA-256 | 395e66cd10014a37e907ad50920568dfcff21a31416ad12b47a5634a4be5182e
Microsoft Security Advisory Updates For August 14, 2018
Posted Aug 14, 2018
Site microsoft.com

This Microsoft advisory notification includes security updates released on August 14, 2018.

tags | advisory
SHA-256 | 7becd88c44c59c30bc785ebce0e77ae01984d49fce4197987c1e9fad17bd273e
Cloudme 1.9 Buffer Overflow
Posted Aug 14, 2018
Authored by Raymond Wellnitz | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Cloudme version 1.8.x and 1.9.x.

tags | exploit, overflow
advisories | CVE-2018-6892
SHA-256 | 89e2b67fa70ea47b854afcbf57cff077380559cd4f00fe5f4a75523fe83aa13e
Jetty 6.1.6 Cross Site Scripting
Posted Aug 14, 2018
Authored by 1N3

Jetty version 6.1.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2009-1524
SHA-256 | 5a16f6df9887b8370e3580d8d5ebef0042e20e2a03a0475e679f35aa0a28c482
cPanel 76 Cross Site Scripting
Posted Aug 14, 2018
Authored by Numan OZDEMIR

cPanel versions 76 and below suffer from a filename based cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | eba54bf5cdcd8ef8d37af72785eee2c438d212069d085667cd2048a3c7e2995f
Page 1 of 1
Back1Next

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close