exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-02-07

Slackware Security Advisory - php Updates
Posted Feb 7, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2 to fix security issues. A bugfix release for -current is also available.

tags | advisory, php
systems | linux, slackware
MD5 | 241501ceb48c75b8e0823857c713c89f
Ubuntu Security Notice USN-3871-5
Posted Feb 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3871-5 - Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2018-10876, CVE-2018-10877, CVE-2018-10880, CVE-2018-10883, CVE-2018-14625, CVE-2018-16882, CVE-2018-17972, CVE-2018-18281, CVE-2018-19407, CVE-2018-9516
MD5 | 4b4d0eac27f8b493efdf43f83d8596cc
Ubuntu Security Notice USN-3878-2
Posted Feb 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3878-2 - It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information. Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use. A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-14625, CVE-2018-16882, CVE-2018-19407, CVE-2018-19854
MD5 | d8dbdd1eab453e97381b6d1a7b1e34a7
OpenText Documentum Webtop 5.3 SP2 Open Redirect
Posted Feb 7, 2019
Authored by Rafael Pedrero

OpenText Documentum Webtop version 5.3.SP2 suffers from an open redirection vulnerability.

tags | exploit, xss
advisories | CVE-2019-7416
MD5 | 102dd183fab1da8ddddaaccbe760332a
Red Hat Security Advisory 2019-0212-01
Posted Feb 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0212-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss, ruby
systems | linux, redhat
advisories | CVE-2018-11627
MD5 | 6577192796db1ab307a7960b52e49ff6
Ubuntu Security Notice USN-3885-1
Posted Feb 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3885-1 - Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output.

tags | advisory, remote, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2018-20685
MD5 | 558941eba51b7779c1347a96125fa2cc
Apple Security Advisory 2019-2-07-3
Posted Feb 7, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-2-07-3 - Shortcuts 2.1.3 for iOS is now available and addresses information disclosure and sandbox escape vulnerabilities.

tags | advisory, vulnerability, info disclosure
systems | apple, ios
advisories | CVE-2019-7289, CVE-2019-7290
MD5 | f8403109d411196a3673f3ceda924d25
Apple Security Advisory 2019-2-07-1
Posted Feb 7, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-2-07-1 - iOS 12.1.4 is now available and addresses memory corruption and logic issues.

tags | advisory
systems | apple, ios
advisories | CVE-2019-6223, CVE-2019-7286, CVE-2019-7287, CVE-2019-7288
MD5 | 297750c37318b199cf5351054968da1c
Apple Security Advisory 2019-2-07-2
Posted Feb 7, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-2-07-2 - macOS Mojave 10.14.3 Supplemental Update is now available and addresses memory corruption and logic issues.

tags | advisory
systems | apple
advisories | CVE-2019-6223, CVE-2019-7286, CVE-2019-7288
MD5 | 11061c1bc626018a5c663e9a73dd1c96
NUUO NVRmini upgrade_handle.php Remote Command Execution
Posted Feb 7, 2019
Authored by Berk Dusunur, numan turle | Site metasploit.com

This Metasploit module exploits a vulnerability in the web application of NUUO NVRmini IP camera, which can be done by triggering the writeuploaddir command in the upgrade_handle.php file.

tags | exploit, web, php
advisories | CVE-2018-14933
MD5 | 82e2720684ff38edfa0d4244f5b84680
Evince CBT File Command Injection
Posted Feb 7, 2019
Authored by FX, Sebastian Krahmer, Brendan Coles, Matlink | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Evince before version 3.24.1 when opening comic book `.cbt` files. Some file manager software, such as Nautilus and Atril, may allow automatic exploitation without user interaction due to thumbnailer preview functionality. Note that limited space is available for the payload.

tags | exploit
advisories | CVE-2017-1000083
MD5 | 518ed0c670d289725a426edf1b4243c3
Falco 0.14.0
Posted Feb 7, 2019
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Rules versioning support: The falco engine and executable now have an engine version that represents the fields they support. Now allows SSL for K8s audit endpoint/embedded webserver. Various other fixes and updates.
tags | tool, intrusion detection
systems | unix
MD5 | ea250cb9b73ba0721f1f5a16c0f6b0a9
Ubuntu Security Notice USN-3884-1
Posted Feb 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3884-1 - It was discovered that libarchive incorrectly handled certain 7zip files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-1000019
MD5 | d1fb528d9a15eafc7742944b5b429bab
Slackware Security Advisory - curl Updates
Posted Feb 7, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-16890, CVE-2019-3822, CVE-2019-3823
MD5 | 94a3f99ebf000e845519b576af5096b3
Debian Security Advisory 4386-1
Posted Feb 7, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4386-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-16890, CVE-2019-3822, CVE-2019-3823
MD5 | 0b5291ca75b37da8828dd930b9951035
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close