what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2019-04-03

Ubuntu Security Notice USN-3935-1
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3935-1 - Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Mathias Krause discovered that BusyBox incorrectly handled kernel module loading restrictions. A local attacker could possibly use this issue to bypass intended restrictions. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-5325, CVE-2014-9645, CVE-2015-9261, CVE-2016-2147, CVE-2016-2148, CVE-2017-15873, CVE-2017-16544, CVE-2018-1000517, CVE-2018-20679
SHA-256 | d04293581994ba012e305b667f533a43f91c013c6da677eff4fa9c29ace725ff
Ubuntu Security Notice USN-3934-1
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3934-1 - It was discovered that PolicyKit incorrectly relied on the fork system call in the Linux kernel being atomic. A local attacker could possibly use this issue to gain access to services that have cached authorizations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-6133
SHA-256 | c8d204f7fe9cea49ee5d807afdb6f7cdfa086127bccf23406e8c8a76fc5ec584
Debian Security Advisory 4422-1
Posted Apr 3, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4422-1 - Several vulnerabilities have been found in the Apache HTTP server.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2018-17189, CVE-2018-17199, CVE-2019-0196, CVE-2019-0211, CVE-2019-0217, CVE-2019-0220
SHA-256 | 961d97f7066c2153712981e824caca1ecdd1c8ed3bcf22d5649c1e105a41be19
Slackware Security Advisory - wget Updates
Posted Apr 3, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New wget packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 6f7c9bf6930258c4b9cd925dfbbad55769b68eb9834ab3de64199aaf3f349568
TeemIp IPAM Command Injection
Posted Apr 3, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in TeemIp versions prior to 2.4.0. The "new_config" parameter of "exec.php" allows you to create a new PHP file with the exception of config information. The malicious PHP code sent is executed instantaneously and is not saved on the server. The vulnerability can be exploited by an authorized user (Administrator). Module allows remote command execution by sending php payload with parameter 'new_config'.

tags | exploit, remote, php
SHA-256 | 6b23f44b58a78b7d7096bae0b41143c292c72490f68b7275ef4ce25d71e55466
Ubuntu Security Notice USN-3933-2
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3933-2 - USN-3933-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that an information leak vulnerability existed in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could possibly expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000410, CVE-2017-18360, CVE-2018-19824, CVE-2019-3460, CVE-2019-6974, CVE-2019-7222, CVE-2019-9213
SHA-256 | 293ab65e73bf98d20f314b55630ebb7d784a521cd0ca32fe2129f80d23b2e3ac
Ubuntu Security Notice USN-3933-1
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3933-1 - It was discovered that an information leak vulnerability existed in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could possibly expose sensitive information. It was discovered that the USB serial device driver in the Linux kernel did not properly validate baud rate settings when debugging is enabled. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000410, CVE-2017-18360, CVE-2018-19824, CVE-2019-3460, CVE-2019-6974, CVE-2019-7222, CVE-2019-9213
SHA-256 | dacdaa1df1a65a7d64811fadba0688d21342dc6a545f4369b2f3a0d1e7628320
Clinic Pro 4 SQL Injection
Posted Apr 3, 2019
Authored by Abdullah Celebi

Clinic Pro version 4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5bea9587cd72fb3a99087201ad844fd9929953293c46ae99bdac59e3436b8294
Ubuntu Security Notice USN-3932-2
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3932-2 - USN-3932-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the f2fs file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-18249, CVE-2018-14610, CVE-2018-14612, CVE-2018-14613, CVE-2018-14614, CVE-2018-14616, CVE-2018-16884, CVE-2018-9517, CVE-2019-3459, CVE-2019-3701, CVE-2019-3819, CVE-2019-6974, CVE-2019-7221, CVE-2019-7222, CVE-2019-9213
SHA-256 | 6b04b1ca2b939f9ef77c26b11ce5669d6f7a229ddfbabf646e284686af89d8a3
PhreeBooks ERP 5.2.3 Remote Command Execution
Posted Apr 3, 2019
Authored by Metin Yunus Kandemir

PhreeBooks ERP version 5.2.3 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | ef91e23045cc28f2a527c8875343db76430b6f42d8e278cc154800d093f173ab
Ubuntu Security Notice USN-3932-1
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3932-1 - It was discovered that a race condition existed in the f2fs file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Wen Xu discovered that the f2fs file system implementation in the Linux kernel did not properly validate metadata. An attacker could use this to construct a malicious f2fs image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-18249, CVE-2018-14610, CVE-2018-14612, CVE-2018-14613, CVE-2018-14614, CVE-2018-14616, CVE-2018-16884, CVE-2018-9517, CVE-2019-3459, CVE-2019-3701, CVE-2019-3819, CVE-2019-6974, CVE-2019-7221, CVE-2019-7222, CVE-2019-9213
SHA-256 | 8a9cf057269e567e457b41d6710b7b91e84287f5f6e3ab62365a668b68242bbc
Ubuntu Security Notice USN-3931-2
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3931-2 - USN-3931-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS. M. Vefa Bicakci and Andy Lutomirski discovered that the kernel did not properly set up all arguments to an error handler callback used when running as a paravirtualized guest. An unprivileged attacker in a paravirtualized guest VM could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-14678, CVE-2018-18021, CVE-2018-19824, CVE-2019-3460, CVE-2019-6974, CVE-2019-7221, CVE-2019-7222, CVE-2019-7308, CVE-2019-8912, CVE-2019-8980, CVE-2019-9213
SHA-256 | 3da25881795c75e4bb949d560d025be98c843cd588e2826360ca5c71e4e66c69
Ubuntu Security Notice USN-3931-1
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3931-1 - M. Vefa Bicakci and Andy Lutomirski discovered that the kernel did not properly set up all arguments to an error handler callback used when running as a paravirtualized guest. An unprivileged attacker in a paravirtualized guest VM could use this to cause a denial of service. It was discovered that the KVM implementation in the Linux kernel on ARM 64bit processors did not properly handle some ioctls. An attacker with the privilege to create KVM-based virtual machines could use this to cause a denial of service or execute arbitrary code in the host. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2018-14678, CVE-2018-18021, CVE-2018-19824, CVE-2019-3460, CVE-2019-6974, CVE-2019-7221, CVE-2019-7222, CVE-2019-7308, CVE-2019-8912, CVE-2019-8980, CVE-2019-9213
SHA-256 | 8648907b306a30de1b668a41a8ae79574d61f4eeddb6db9b310b4966103ace78
PhreeBooks ERP 5.2.3 Arbitrary File Upload
Posted Apr 3, 2019
Authored by Abdullah Celebi

PhreeBooks ERP version 5.2.3 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | 8946af8607d01cdbb4bbf87907507e414123374fc00ec083466a26acdbe24cb7
Ubuntu Security Notice USN-3930-2
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3930-2 - USN-3930-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sound Architecture subsystem. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-19824, CVE-2019-6974, CVE-2019-7221, CVE-2019-7222, CVE-2019-7308, CVE-2019-8912, CVE-2019-8956, CVE-2019-8980, CVE-2019-9003, CVE-2019-9162, CVE-2019-9213
SHA-256 | 4102f0cd3e3625cbe62726a696226a0b078386a4844fe7aa1d3769f8d3be7544
Ubuntu Security Notice USN-3930-1
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3930-1 - Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sound Architecture subsystem. A physically proximate attacker could use this to cause a denial of service. Shlomi Oberman, Yuli Shapiro, and Ran Menscher discovered an information leak in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2018-19824, CVE-2019-6974, CVE-2019-7221, CVE-2019-7222, CVE-2019-7308, CVE-2019-8912, CVE-2019-8956, CVE-2019-8980, CVE-2019-9003, CVE-2019-9162, CVE-2019-9213
SHA-256 | 368e9dbf141a9e760054a79a440120646f0b3026e48ac5716619c4793e2820ff
Slackware Security Advisory - ghostscript Updates
Posted Apr 3, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ghostscript packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-3835, CVE-2019-3838, CVE-2019-6116
SHA-256 | abebe83ea8a0adef25f49987ca9bc808814c9bb0422eca0d29b97ebc3ef1f249
Ubuntu Security Notice USN-3929-1
Posted Apr 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3929-1 - It was discovered that Firebird incorrectly handled certain malformed packets. A remote attacker could possibly use this issue with a specially crafted network packet to cause Firebird to crash, resulting in a denial of service. It was discovered that Firebird incorrectly handled certain UDF libraries. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9323, CVE-2017-6369
SHA-256 | f2e28f902dd88d8beb6c8c1326bc248e679f5fe5aff3b26ca2c8d74944fb3b3c
AIDA64 Business 5.99.4900 SEH Buffer Overflow
Posted Apr 3, 2019
Authored by Peyman Forouzan

AIDA64 Business version 5.99.4900 SEH buffer overflow exploit with egghunter.

tags | exploit, overflow
SHA-256 | b6d0250046d5e3791787f6b8eb1a37d9d007fe3aec47fcaa47c94c5ecc35a1a9
Ashop Shopping Cart Software SQL Injection
Posted Apr 3, 2019
Authored by Ahmet Umit Bayram

Ashop Shopping Cart Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 533760c67d1d7fa6de35406aeccb7237b87feddc499a0a0f9f448cf2d85166ce
iScripts ReserveLogic SQL Injection
Posted Apr 3, 2019
Authored by Ahmet Umit Bayram

iScripts ReserveLogic suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 860f8981d085a7ac4e933bf61573a124c96dacb0a9741a486848a551a27ab80b
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close