Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-11-21

Ubuntu Security Notice USN-3825-1
Posted Nov 21, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3825-1 - Jan Ingvoldstad discovered that mod_perl incorrectly handled configuration options to disable being used by unprivileged users, contrary to the documentation. A local attacker could possibly use this issue to execute arbitrary Perl code.

tags | advisory, arbitrary, local, perl
systems | linux, ubuntu
advisories | CVE-2011-2767
MD5 | 9d677f50c922e8159d80dbba054a65ad
Governikus Autent SDK 3.8.1 Signature Bypass
Posted Nov 21, 2018
Authored by Wolfgang Ettlinger | Site sec-consult.com

Governikus Autent SDK versions 3.8.1 and below suffer from a signature bypass vulnerability. This vulnerability could allow an attacker to impersonate any German citizen on a vulnerable web application.

tags | exploit, web, bypass
MD5 | 66a2046d90ce6dc8fd56bd9619e0ad54
Miss Marple Enterprise Edition File Upload / Hardcoded AES Key
Posted Nov 21, 2018
Authored by Marius Schwarz | Site sec-consult.com

Miss Marple Enterprise Edition versions prior to 2.0 suffer from arbitrary file upload, hardcoded AES key, validation bypass, and other vulnerabilities.

tags | advisory, arbitrary, vulnerability, file upload
advisories | CVE-2018-19233, CVE-2018-19234
MD5 | 5fc5d23b1a1b5d01c8a5758c57afca63
Red Hat Security Advisory 2018-2906-01
Posted Nov 21, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2906-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.7.72. Issues addressed include a crash.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-14632
MD5 | 7c5f3d2ebd28827eb7f1c629273ce56b
Microsoft Skype 2015 / 2016 Denial Of Service
Posted Nov 21, 2018
Authored by Sabine Degen | Site sec-consult.com

A large number of emojis received in one message by the Skype For Business client freezes the program for a few seconds. This can be exploited to perform denial of service attacks against Skype for Business users and compromises the availability of the program. Affected includes Skype for Business 2015 (Lync 2013) before version 15.0.5075.1000 and Skype for Business 2016 before version 16.0.4756.1000.

tags | exploit, denial of service
advisories | CVE-2018-8546
MD5 | 0134e3427becbd4819ebcaa8bc17eb55
WebOfisi E-Ticaret 4 SQL Injection
Posted Nov 21, 2018
Authored by Ozkan Mustafa Akkus

WebOfisi E-Ticaret version 4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | afba2bd1b71b62520bd6453e5e195a60
WordPress CherryFramework Themes 3.1.4 Backup File Download
Posted Nov 21, 2018
Authored by b1p0l4r

WordPress CherryFramework Themes version 3.1.4 suffers from a backup file download vulnerability.

tags | exploit, info disclosure
MD5 | 9df16ac2c1bc683bcca82958108b2bb9
Ticketly 1.0 SQL Injection
Posted Nov 21, 2018
Authored by Javier Olmedo

Ticketly version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-18923
MD5 | 7e4378143396c0e0e46df5f74d10c399
OpenSSL Toolkit 1.1.1a
Posted Nov 21, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a timing vulnerability in DSA signature generation and another in ECDSA signature generation. Added EVP_PKEY_ECDH_KDF_X9_63 and ecdh_KDF_X9_63() as replacements for the EVP_PKEY_ECDH_KDF_X9_62 KDF type and ECDH_KDF_X9_62(). Various other updates.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2018-0734, CVE-2018-0735
MD5 | 963deb2272d6be7d4c2458afd2517b73
Dell EMC Avamar / IDPA Command Injection
Posted Nov 21, 2018
Site emc.com

Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) suffer from a command injection vulnerability. Affected versions include Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1, Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2.

tags | advisory
advisories | CVE-2018-11077
MD5 | 3b0110cc3a978fcc65325ceb59fed789
Dell EMC Avamar / IDPA Information Exposure
Posted Nov 21, 2018
Site emc.com

Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) suffer from an information exposure vulnerability. Affected versions include Dell EMC Avamar Server 7.2.0 and 7.2.1, Dell EMC Avamar Server 7.3.0 and 7.3.1, Dell EMC Avamar Server 7.4.0 and 7.4.1, and Dell EMC Integrated Data Protection Appliance (IDPA) 2.0.

tags | advisory
advisories | CVE-2018-11076
MD5 | e17d04b72932a55dcc499bfc40b8b1f6
Microsoft Security Advisory Updates For November 20, 2018
Posted Nov 21, 2018
Site microsoft.com

This Microsoft summary lists Microsoft security updates released for November 20, 2018.

tags | advisory
MD5 | cd8d93882375ef946e14bfb39f60acde
Dell EMC Avamar / IDPA Remote Code Execution / Open Redirection
Posted Nov 21, 2018
Authored by Jarrod Farncomb | Site emc.com

Dell EMC Avamar and IDPA suffer from remote code execution and open redirection vulnerabilities. Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 are affected.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2018-11066, CVE-2018-11067
MD5 | aa8fc98fcef1bc7d6f4151d73af7edd2
Red Hat Security Advisory 2018-3643-01
Posted Nov 21, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3643-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2018-14634
MD5 | 6d25a3162fa4900b38136d8459c91896
Red Hat Security Advisory 2018-3644-01
Posted Nov 21, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3644-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 31.0.0.153. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2018-15981
MD5 | 2d0750dcfd116fcbf04f537a11233b1e
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    7 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close