what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-02-07

Slackware Security Advisory - php Updates
Posted Feb 7, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2 to fix security issues. A bugfix release for -current is also available.

tags | advisory, php
systems | linux, slackware
SHA-256 | 0f420b22277ddb140369dde619a7d53c5fefaef9095b42044308668e971633bf
Ubuntu Security Notice USN-3871-5
Posted Feb 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3871-5 - Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2018-10876, CVE-2018-10877, CVE-2018-10880, CVE-2018-10883, CVE-2018-14625, CVE-2018-16882, CVE-2018-17972, CVE-2018-18281, CVE-2018-19407, CVE-2018-9516
SHA-256 | a5d71e69056829a026e081231955a45dd385e4689768c26f0fa5281f7bb32196
Ubuntu Security Notice USN-3878-2
Posted Feb 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3878-2 - It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information. Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use. A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-14625, CVE-2018-16882, CVE-2018-19407, CVE-2018-19854
SHA-256 | 836e2d26e3cb7e111d07f62c277179c810b8d3827600b341b6da1a764f655919
OpenText Documentum Webtop 5.3 SP2 Open Redirect
Posted Feb 7, 2019
Authored by Rafael Pedrero

OpenText Documentum Webtop version 5.3.SP2 suffers from an open redirection vulnerability.

tags | exploit, xss
advisories | CVE-2019-7416
SHA-256 | e44a6f8701efdc6da276208167ec596d64a4551e4442fbde0fc4a21cdf70744d
Red Hat Security Advisory 2019-0212-01
Posted Feb 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0212-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss, ruby
systems | linux, redhat
advisories | CVE-2018-11627
SHA-256 | 835760b3d6dfa49fe6d91c0adf7b5055c3da00d6b75ac1af0554eedc1a8d3faf
Ubuntu Security Notice USN-3885-1
Posted Feb 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3885-1 - Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output.

tags | advisory, remote, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2018-20685
SHA-256 | 081649ccfa282b9f8eeb5c454b5712ab60990d297495d610ee10e4ab2229c421
Apple Security Advisory 2019-2-07-3
Posted Feb 7, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-2-07-3 - Shortcuts 2.1.3 for iOS is now available and addresses information disclosure and sandbox escape vulnerabilities.

tags | advisory, vulnerability, info disclosure
systems | apple, ios
advisories | CVE-2019-7289, CVE-2019-7290
SHA-256 | 65531847afd9d520f000898444aae963fdc7b61e902aacb814789f5987e4721d
Apple Security Advisory 2019-2-07-1
Posted Feb 7, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-2-07-1 - iOS 12.1.4 is now available and addresses memory corruption and logic issues.

tags | advisory
systems | apple, ios
advisories | CVE-2019-6223, CVE-2019-7286, CVE-2019-7287, CVE-2019-7288
SHA-256 | c5d6f82cbefa18848dead9bac8bdb6df4221120b037ddf81eac68fb7a009a80e
Apple Security Advisory 2019-2-07-2
Posted Feb 7, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-2-07-2 - macOS Mojave 10.14.3 Supplemental Update is now available and addresses memory corruption and logic issues.

tags | advisory
systems | apple
advisories | CVE-2019-6223, CVE-2019-7286, CVE-2019-7288
SHA-256 | 10a0844b8bff43b9944f9fd5da2df403da6942242f43163a7b4ceca69b0ea882
NUUO NVRmini upgrade_handle.php Remote Command Execution
Posted Feb 7, 2019
Authored by Berk Dusunur, numan turle | Site metasploit.com

This Metasploit module exploits a vulnerability in the web application of NUUO NVRmini IP camera, which can be done by triggering the writeuploaddir command in the upgrade_handle.php file.

tags | exploit, web, php
advisories | CVE-2018-14933
SHA-256 | 0e6d6f16b31358d1595593354838281181d64f454a338a4ce6a5d4c2cc1f34b3
Evince CBT File Command Injection
Posted Feb 7, 2019
Authored by Sebastian Krahmer, Brendan Coles, Matlink, Felix Wilhelm | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Evince before version 3.24.1 when opening comic book `.cbt` files. Some file manager software, such as Nautilus and Atril, may allow automatic exploitation without user interaction due to thumbnailer preview functionality. Note that limited space is available for the payload.

tags | exploit
advisories | CVE-2017-1000083
SHA-256 | be7441cb5d0ca4f4495067990292385a52fbdd586a1d34cad46036dcc7576c4c
Falco 0.14.0
Posted Feb 7, 2019
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Rules versioning support: The falco engine and executable now have an engine version that represents the fields they support. Now allows SSL for K8s audit endpoint/embedded webserver. Various other fixes and updates.
tags | tool, intrusion detection
systems | unix
SHA-256 | 0e09198a685a4fa3d23e3d0f714045a36c147c0c07ed29f5da71d2347d764101
Ubuntu Security Notice USN-3884-1
Posted Feb 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3884-1 - It was discovered that libarchive incorrectly handled certain 7zip files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-1000019
SHA-256 | b7f40e2deafea3896a92d15326d375475a4087695f4a9f74337c025802fe1394
Slackware Security Advisory - curl Updates
Posted Feb 7, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-16890, CVE-2019-3822, CVE-2019-3823
SHA-256 | 55bfd78a791cb07eb86d9eb4ab83a37d47182932d30e450c37338132fe078005
Debian Security Advisory 4386-1
Posted Feb 7, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4386-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-16890, CVE-2019-3822, CVE-2019-3823
SHA-256 | 389920e5b0a54ae3c59ca15c0208b0912c4ae38e63794ae0abf9317bbce73127
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close