Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest wireless alarm system can easily be cloned and used to deactivate the alarm system in an unauthorized way. Version 3.01.01 is affected.
aa338cacabd821ca894b76e32ad5f5c1Ubuntu Security Notice 3964-1 - Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the output of GnuPG and cause unsigned e-mail to appear signed. It was discovered that python-gnupg incorrectly handled the GPG passphrase. A remote attacker could send a specially crafted passphrase that would allow them to control the output of encryption and decryption operations. Various other issues were also addressed.
168d256d0381d7e3c65d21dcce6b5c85Microsoft Windows PowerShell ISE will execute wrongly supplied code when debugging specially crafted PowerShell scripts that contain array brackets as part of the filename. This can result in ISE executing attacker supplied scripts pointed to by the filename and not the "trusted" PS file currently loaded and being viewed by a user in the host application. This undermines the integrity of PowerShell ISE allowing potential unexpected remote code execution.
bb48180eeb228d14d1afd0a10b2c1e23This archive contains all of the 204 exploits added to Packet Storm in April, 2019.
cd9d10ed9c1755fc105f0bf090c3bd7aUbuntu Security Notice 3953-2 - USN-3953-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
69723f7360175f2dfae6e6b6bf6734acUbuntu Security Notice 3963-1 - It was discovered that Memcached incorrectly handled certain lru command messages. A remote attacker could possibly use this issue to cause Memcached to crash, resulting in a denial of service.
4971508ef7d11c0f5be3e17ef920325fRed Hat Security Advisory 2019-0879-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include an incorrect validation of port settings.
1c7c8fce4951d8b188a1697f251bb9dbDovecot version 2.3 suffers from multiple denial of service conditions. Included in this archive is the advisory as well as patches to address the issue.
1102cebb1f0e77484b1b24dc25a6b90c
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed