what you don't know can hurt you
Showing 1 - 12 of 12 RSS Feed

Files Date: 2019-03-12

Debian Security Advisory 4406-1
Posted Mar 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4406-1 - Francis McBratney discovered that the Windows Azure Linux Agent created swap files with world-readable permissions, resulting in information disclosure.

tags | advisory, info disclosure
systems | linux, windows, debian
advisories | CVE-2019-0804
SHA-256 | e7e6e6f311f95c46b911de10379bfec0f94c85ee6858e172be2b777f9ee858d9
Ubuntu Security Notice USN-3908-1
Posted Mar 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3908-1 - Jann Horn discovered a race condition in the fork system call in the Linux kernel. A local attacker could use this to gain access to services that cache authorizations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-6133
SHA-256 | 023d1e358ad840166c4cd8f953f17797e904596a1e9445469abd9820bf705639
Ubuntu Security Notice USN-3902-2
Posted Mar 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3902-2 - USN-3902-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the PHP XML-RPC module incorrectly handled decoding XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, php
systems | linux, ubuntu
advisories | CVE-2019-9020, CVE-2019-9021, CVE-2019-9023, CVE-2019-9024
SHA-256 | 8c5cc0af99e03f737cb519150962c02823fb921e860b9c2988049030499ed991
Ubuntu Security Notice USN-3907-1
Posted Mar 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3907-1 - It was discovered that WALinuxAgent created swap files with incorrect permissions. A local attacker could possibly use this issue to obtain sensitive information from the swap file.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-0804
SHA-256 | d2c083e3afaa3efd89261d641354aab2fb7f9c9b4909c258e407052ce4a00f56
Debian Security Advisory 4407-1
Posted Mar 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4407-1 - Ross Geerlings discovered that the XMLTooling library didn't correctly handle exceptions on malformed XML declarations, which could result in denial of service against the application using XMLTooling.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2019-9628
SHA-256 | 586faef27e4ffc72757add5604584928b2751e1c19e08f7438ec9a9bc2dcd219
Red Hat Security Advisory 2019-0487-01
Posted Mar 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0487-01 - Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-20699
SHA-256 | 59cd607108e71d543a7513616c46c93c9e6f8ba58f029ead8e5418be1ee38a30
Red Hat Security Advisory 2019-0525-01
Posted Mar 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0525-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-10876, CVE-2018-11412
SHA-256 | 213fea24e7a280a922ce0031dca1c4cc6e2a9a23bcab516535af465bc2e46cf0
elFinder PHP Connector exiftran Command Injection
Posted Mar 12, 2019
Authored by Brendan Coles, Thomas Chauchefoin, q3rv0 | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in elFinder versions prior to 2.1.48. The PHP connector component allows unauthenticated users to upload files and perform file modification operations, such as resizing and rotation of an image. The file name of uploaded files is not validated, allowing shell metacharacters. When performing image operations on JPEG files, the filename is passed to the exiftran utility without appropriate sanitization, causing shell commands in the file name to be executed, resulting in remote command injection as the web server user. The PHP connector is not enabled by default. The system must have exiftran installed and in the PATH. This module has been tested successfully on elFinder versions 2.1.47, 2.1.20, and 2.1.16 on Ubuntu.

tags | exploit, remote, web, shell, php
systems | linux, ubuntu
SHA-256 | 5222268c0c1677f7e0637fd6b8a807ef9ea4bfb24107aadeb85ce45155354bc3
Ubuntu Security Notice USN-3906-1
Posted Mar 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3906-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10779, CVE-2019-6128
SHA-256 | 1b284193f01aec4b4188cb1c45cf5c82f43eb0d73619c189f7830fcc0f3bc97d
robinbhandari FTP Remote Denial Of Service
Posted Mar 12, 2019
Authored by x90c

robinbhandari FTP suffers from a denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2019-9668
SHA-256 | b314daf661574d92eabdc5a8fee14abb66ab76b20a043a782e002bd16169b7c9
PilusCart 1.4.1 Cross Site Request Forgery
Posted Mar 12, 2019
Authored by Gionathan Reale

PilusCart version 1.4.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 699810efb977ae941fc6f36d1cacd164c97e110f203896553af3ce22f3516b93
Core FTP 2.0 Build 653 PBSZ Denial Of Service
Posted Mar 12, 2019
Authored by Hodorsec

Core FTP version 2.0 build 653 suffers from a PBSZ command denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 00eab4c7b5f5b0eaa067ef5307df33a9314ec54ced7998e6a06d61125051fb73
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close