what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files Date: 2018-09-11

OpenSSL Toolkit 1.1.1
Posted Sep 11, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added a new ClientHello callback. Added SM2 base algorithm support. Various other updates.
tags | tool, encryption, protocol
systems | unix
MD5 | 7079eb017429e0ffb9efb42bf80ccb21
Kernel Live Patch Security Notice LSN-0043-1
Posted Sep 11, 2018
Authored by Benjamin M. Romer

Piotr Gabriel Kosinski and Daniel Shapira discovered a stack-based buffer overflow in the CDROM driver implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Jann Horn discovered that the ext4 filesystem implementation in the Linux kernel did not properly keep xattr information consistent in some situations. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues have also been addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux
advisories | CVE-2018-11412, CVE-2018-11506, CVE-2018-12233, CVE-2018-13405, CVE-2018-13406
MD5 | 15d9cf4ac6ec9024e548bcb059849043
Debian Security Advisory 4290-1
Posted Sep 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4290-1 - Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or the execution of arbitrary code if a specially crafted file is opened.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-14346, CVE-2018-14347, CVE-2018-16430
MD5 | 95ada67ea55021facccf6ed6bd2c100d
Red Hat Security Advisory 2018-2669-01
Posted Sep 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2669-01 - Red Hat Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. This release of Red Hat Fuse 7.1 serves as a replacement for Red Hat Fuse 7.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, path sanitization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2014-0114, CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340, CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346, CVE-2016-1000352, CVE-2016-5397, CVE-2017-14063, CVE-2018-1000129, CVE-2018-1000130, CVE-2018-1000180, CVE-2018-1114, CVE-2018-1271, CVE-2018-1272, CVE-2018-1338, CVE-2018-1339, CVE-2018-8036, CVE-2018-8088
MD5 | e2467e2f9a34b5dd740776d2a5621843
Ubuntu Security Notice USN-3763-1
Posted Sep 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3763-1 - Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, tcp
systems | linux, ubuntu
advisories | CVE-2018-5390
MD5 | 67c8344e6ac27fd52905ff9715d385a4
Ubuntu Security Notice USN-3762-2
Posted Sep 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3762-2 - USN-3762-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13695, CVE-2018-1118
MD5 | b3f8831743a64c024a52601e55681af9
Ubuntu Security Notice USN-3762-1
Posted Sep 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3762-1 - It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information. Seunghun Han discovered an information leak in the ACPI handling code in the Linux kernel when handling early termination of ACPI table loading. A local attacker could use this to expose sensitive informal. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-13695, CVE-2018-1118
MD5 | 94a6d9e84ad7294c473bb90ede0c6625
Tor Browser 7.x NoScript Bypass
Posted Sep 11, 2018
Authored by x0rz

Tor Browser version 7.x suffers from a NoScript bypass vulnerability.

tags | exploit, bypass
MD5 | ef38c2b6e0e85e188cbd26b95cee544f
SynaMan 40 Build 1488 SMTP Credential Disclosure
Posted Sep 11, 2018
Authored by bzyo

SynaMan version 4.0 build 1488 suffers from an SMTP credential disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2018-10814
MD5 | 355d3631ea9f1a7c3b9b33a27d88b656
TOR Virtual Network Tunneling Tool 0.3.4.8
Posted Sep 11, 2018
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: The Tor 0.3.4 series includes improvements for running Tor in low-power and embedded environments, which should help performance in general.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 84497a248f49ed42c344612501bae934
Android Privilege Escalation
Posted Sep 11, 2018
Authored by Jann Horn, Google Security Research

Android suffers from a privilege escalation vulnerability in zygote that can be leveraged by CVE-2018-9445.

tags | exploit
advisories | CVE-2018-9445, CVE-2018-9488
MD5 | ab958bdb52ab9f8d11c64fe093731380
Red Hat Security Advisory 2018-2666-01
Posted Sep 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2666-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 69.0.3497.81. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-16065, CVE-2018-16066, CVE-2018-16067, CVE-2018-16068, CVE-2018-16069, CVE-2018-16070, CVE-2018-16071, CVE-2018-16073, CVE-2018-16074, CVE-2018-16075, CVE-2018-16076, CVE-2018-16077, CVE-2018-16078, CVE-2018-16079, CVE-2018-16080, CVE-2018-16081, CVE-2018-16082, CVE-2018-16083, CVE-2018-16084, CVE-2018-16085, CVE-2018-16086, CVE-2018-16087, CVE-2018-16088
MD5 | 641dc5403658aa3dd26200b59b29ed6a
Red Hat Security Advisory 2018-2664-01
Posted Sep 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2664-01 - Red Hat JBoss Enterprise Application Platform 5.2 is a platform for Java applications based on jbossas. This asynchronous patch is a security update for RichFaces and Apache CXF packages in Red Hat JBoss Enterprise Application Platform 5.2. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2018-12533
MD5 | e1bb61b7e2e9d8169b49fa70b1d52216
Red Hat Security Advisory 2018-2663-01
Posted Sep 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2663-01 - Red Hat JBoss Enterprise Application Platform 5.2 is a platform for Java applications based on jbossas. This asynchronous patch is a security update for RichFaces and Apache CXF packages in Red Hat JBoss Enterprise Application Platform 5.2. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2018-12533
MD5 | 5fa5e5bb477b2aeec9d49266d87c707f
Easy File Sharing Web Server 6.9 Buffer Overflow
Posted Sep 11, 2018
Authored by Hodorsec

Easy File Sharing Web Server version 6.9 POST msg.ghp UserID remote buffer overflow SEH exploit with DEP bypass and ROP.

tags | exploit, remote, web, overflow
MD5 | b31f7c399d1e719caf9218f318385547
Tor Browser 7.0.8 Information Disclosure
Posted Sep 11, 2018
Authored by Filippo Cavallarin

This write up holds the details for the Tor Browser information disclosure vulnerability as discussed in CVE-2017-16541. Version 7.0.8 is affected.

tags | exploit, info disclosure
advisories | CVE-2017-16541
MD5 | 271de236533c8c6c6b398877415184db
Linux Insufficient Shootdown For Paging-Structure Caches
Posted Sep 11, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from an insufficient shootdown for paging-structure caches.

tags | exploit
systems | linux
MD5 | 8c0d36eab2a0b162e885643f73377706
Page 1 of 1
Back1Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    22 Files
  • 20
    Jun 20th
    15 Files
  • 21
    Jun 21st
    15 Files
  • 22
    Jun 22nd
    2 Files
  • 23
    Jun 23rd
    1 Files
  • 24
    Jun 24th
    23 Files
  • 25
    Jun 25th
    19 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close