Ubuntu Security Notice 3903-2 - USN-3903-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service or possibly execute arbitrary code in the host kernel. Various other issues were also addressed.
afcaa009d7d28d01ca610ca75faf61e90bc402ea1bad246d79cf7dca496c6849ClearOS 7 Community Edition suffers from a cross site scripting vulnerability.
4838f676acff00168df9e27d725f70e8f6ae331dc06f1947191b7ffaa265d364Red Hat Security Advisory 2019-0469-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP30. Issues addressed include a buffer overflow vulnerability.
64af816d77124b298b0d692d8c3c095a93d88c68b278f91178e57f66fa0ff99bUbuntu Security Notice 3903-1 - Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service or possibly execute arbitrary code in the host kernel. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. Various other issues were also addressed.
73c11215ef38f1741368473e63e13f27c7a6aeadf7ef9a8536e6a489ec56ddf7Ubuntu Security Notice 3902-1 - It was discovered that the PHP XML-RPC module incorrectly handled decoding XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. It was discovered that the PHP PHAR module incorrectly handled certain filenames. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. It was discovered that PHP incorrectly parsed certain DNS responses. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.
c8e41445031ceeae1b65118e4b06e45ae66592a97f879619103917d898a7d5f1This Metasploit module exploits a command injection vulnerability in Imperva SecureSphere version 13.x. The vulnerability exists in the PWS service, where Python CGIs did not properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to command injection. Agent registration credential is required to exploit SecureSphere in gateway mode. This module was successfully tested on Imperva SecureSphere 13.0/13.1/13.2 in pre-ftl mode and unsealed gateway mode.
bdfbc634ef200611fefa72897a8585b4730eee313338e28e3fd534dd61610207This Metasploit module exploits a PHP unserialize() vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also vulnerable (albeit cached). Cached nodes can be exploited only once.
f0577a61447bee5c1e01e80e2168cbe148e2d1b04abd7c1f41da56482db6d02bIt was discovered that virtual address 0 is mappable via privileged write() to /proc/*/mem on Linux.
304236f8a1050e3e16648cbdbb32b50ffb3020bab9e3c600151f688ea0e19fe3getpidcon() usage in hardware binder servicemanager on Android permits ACL bypass.
08f452e1fd544b7af038c758a58f8c160ba8c63c0faeb7a4ea44ade0b02d4a65Android suffer from a binder use-after-free via a racy initialization of ->allow_user_free.
6742e2b4193d7750763a8c792e031aa30b53a3561c2c1e363288b3e13e7e73afDebian Linux Security Advisory 4402-1 - It was discovered that insufficient restrictions in the connection handling of Mumble, a low latency encrypted VoIP client, could result in denial of service.
021179252625b20617a3d71dfaca76cc1c8101cad1b5aefd93ed86440c8db5abUbuntu Security Notice 3901-2 - USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. Various other issues were also addressed.
c25a324edcfdb0698186cf0255921ec343ba3bedda004de93b2622c9d0166073Ubuntu Security Notice 3901-1 - Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. It was discovered that the crypto subsystem of the Linux kernel leaked uninitialized memory to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
2733d1718525888590b59662b23b1cc1de9b8d11aba8290d25b543ffd636e966Red Hat Security Advisory 2019-0464-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a memory disclosure vulnerability.
e817747e77fe27a2008eb384956dfae9c6dcf54625301a44a57f267e5ff792baRed Hat Security Advisory 2019-0462-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a memory disclosure vulnerability.
82056679aea75272222d233f1b51d8aca6a0c88f60f89f174aabb311689c4e27RealTerm Serial Terminal version 2.0.0.70 suffers from an echo port buffer overflow vulnerability. Modifications to the original proof of concept include the fact that it uses a larger payload size for shellcode due to different jump offsets and filters the bad character 0x3a as this is the character for port which causes an error ":".
7d6aa76dc1238452c1e6142d776b2b51e99c79aa8cf79ef87b7b1cde732ae71fOpenSSL Security Advisory 20190306 - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored.
7046cae0aeb64cfd0da455e63cd4180d7948515db33226ee44c4348b59dbc7ddScapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
107dbad9debc4f7bf093537a7d44d34c89dda8f57483a0da86d143dac4fe6888
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed