exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 453 RSS Feed

Files Date: 2019-05-01 to 2019-05-31

Red Hat Security Advisory 2019-1301-01
Posted May 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1301-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Update Services for SAP Solutions and Telecommunications Update Service for Red Hat Enterprise Linux 7.2 will retire as of November 30, 2019, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 7.2 E4S/TUS after November 30, 2019.

tags | advisory
systems | linux, redhat
SHA-256 | 759b4037201532950516a35b8ca30f4471a3018e586e9b5a6350034e5afb51c2
Ubuntu Security Notice USN-4001-2
Posted May 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4001-2 - USN-4001-1 fixed a vulnerability in libseccomp. This update provides the corresponding update for Ubuntu 14.04 ESM. Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators. An attacker could use this to bypass intended access restrictions for argument-filtered system calls. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-9893
SHA-256 | 3783ae85bece13ddc1bd387465ffc67476ccb3ef43cf43c7d11db72875308e08
Microsoft Windows Remote Desktop BlueKeep Denial Of Service
Posted May 30, 2019
Authored by Spencer

Microsoft Windows Remote Desktop BlueKeep denial of service exploit.

tags | exploit, remote, denial of service
systems | windows
advisories | CVE-2019-0708
SHA-256 | 12f1ce90327e477e2b6666c24b8434b49b8d09e8fc972915cbc601e0c5244dff
Ubuntu Security Notice USN-4001-1
Posted May 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4001-1 - Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators. An attacker could use this to bypass intended access restrictions for argument-filtered system calls.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-9893
SHA-256 | 23b5565883c626d654d99f5b47bd16b675b6316293fe57bab66ec2f2bf383ccf
Apple Security Advisory 2019-5-30-1
Posted May 30, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-5-30-1 - AirPort Base Station Firmware Update 7.9.1 is now available and addresses denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | apple
advisories | CVE-2018-6918, CVE-2019-7291, CVE-2019-8572, CVE-2019-8575, CVE-2019-8578, CVE-2019-8580, CVE-2019-8581, CVE-2019-8588
SHA-256 | ead3e64a1df5a23dbae0304aa37b171e1b4cd8638f201614e6039b89d97eb71c
Red Hat Security Advisory 2019-1300-01
Posted May 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1300-01 - The golang packages provide the Go programming language compiler. A CRLF injection vulnerability was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9741
SHA-256 | fcfb9b11e754de6acde5f5711738b28db0b8c980db8ae55a1bed6f1751c95b3d
Red Hat Security Advisory 2019-1297-01
Posted May 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1297-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.29 Service Pack 2 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.29, and includes bug fixes for CVEs which are linked to in the References section. It addresses denial of service and privilege escalation vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0495, CVE-2018-0732, CVE-2019-0211
SHA-256 | 1d3819c3a795696655f8712247c8df410655f69b1a073bb7b1b32d9271562472
Ubuntu Security Notice USN-3999-1
Posted May 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3999-1 - Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could possibly use this issue to perform plaintext-recovery attacks via analysis of timing data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tavis Ormandy discovered that GnuTLS incorrectly handled memory when verifying certain X.509 certificates. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10844, CVE-2018-10845, CVE-2018-10846, CVE-2019-3829, CVE-2019-3836
SHA-256 | b8834a0c4a4415f7835754310e5da31860dabee4b26c193e7e1297853870b1e3
Ubuntu Security Notice USN-3998-1
Posted May 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3998-1 - Marcus Brinkmann discovered that Evolution Data Server did not correctly interpret the output from GPG when decrypting encrypted messages. Under certain circumstances, this could result in displaying clear-text portions of encrypted messages as though they were encrypted.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-15587
SHA-256 | a09e5bf9ba77f79e2d94d072ce94f1565e935907c3b4ee8590c752d4ac31390a
Red Hat Security Advisory 2019-1294-01
Posted May 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1294-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A rate limiting control is bind has been addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-5743
SHA-256 | 00804d19c6027ea6b15b335ac6ef1890c2ac42d72398e97a5a536f4bdaf742ab
Ubuntu Security Notice USN-3968-2
Posted May 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3968-2 - USN-3968-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Sudo did not properly parse the contents of /proc/[pid]/stat when attempting to determine its controlling tty. A local attacker in some configurations could possibly use this to overwrite any file on the filesystem, bypassing intended permissions. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2017-1000368
SHA-256 | 0093bfbeb408adc4537ce742a490ea2bd368c94a73c936eeb203d7ba7b8ad128
Serv-U FTP Server 15.1.6.25 Local Privilege Escalation
Posted May 30, 2019
Authored by Chris Moberly

Serv-U FTP Server version 15.1.6.25 suffers from a local privilege escalation vulnerability via authentication bypass.

tags | exploit, local
advisories | CVE-2018-19999
SHA-256 | 9520e5100bd633aacd33186e92020821a17ae8024fc9d8d2d19c57caa1bceb16
Ubuntu Security Notice USN-4000-1
Posted May 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4000-1 - It was discovered that Corosync incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-1084
SHA-256 | ce5d4a0577521ada333b48609c10e67b091710bd990d956eb5d017d136689042
Debian Security Advisory 4453-1
Posted May 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4453-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service or sandbox bypass.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2698
SHA-256 | 3b1d45ee7bed0b1843338b8c5affa7db9159c74e5f49693308722e8631ba1213
Red Hat Security Advisory 2019-1296-01
Posted May 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1296-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering. It serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. It addresses denial of service and privilege escalation vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0495, CVE-2018-0732, CVE-2019-0211
SHA-256 | 5ed148ee5c1aa1a8483ec13ffbf8a1df403d3b3e5e5aa321f31d0c7e9dc09b53
Ubuntu Security Notice USN-3996-1
Posted May 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3996-1 - Kuang-che Wu discovered that GNU Screen improperly handled certain input. An attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-6806
SHA-256 | 7b9320a5e5a4b7de01fa3fdcf0fb52e7d67debc5a6b5cb03939a66b67a68318d
Siemens LOGO! 8 Recoverable Password Format
Posted May 29, 2019
Authored by Matthias Deeg, Manuel Stotz | Site syss.de

Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext.

tags | exploit
advisories | CVE-2019-10921
SHA-256 | bf19d9111516d40322d38739d39310498750019c2b579269ac24b9a2f7e683b3
Siemens LOGO! 8 Missing Authentication
Posted May 29, 2019
Authored by Matthias Deeg, Manuel Stotz | Site syss.de

Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext.

tags | exploit
advisories | CVE-2019-10919
SHA-256 | 95e944e33b6b49156158226e4700374427c35dfaaa04a226bf39cb8debb11f9a
Siemens LOGO! 8 Hard-Coded Cryptographic Key
Posted May 29, 2019
Authored by Matthias Deeg, Manuel Stotz | Site syss.de

Due to the use of a hard-coded cryptographic key, an attacker can put the integrity and confidentiality of encrypted data of all Siemens LOGO! 8 PLCs using this key at risk, for instance decrypting network communication during a man-in-the-middle attack.

tags | exploit
advisories | CVE-2019-10920
SHA-256 | fd53041141c43f3ef168910c3f5306ea1625eb1f860ca0581cc979bff7758f8c
Red Hat Security Advisory 2019-1289-01
Posted May 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1289-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, web, denial of service, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2019-5418, CVE-2019-5419
SHA-256 | 295e04ff44625fe2b1afd775f67a1695a4c5c80d13c93f4b05ff3c6cc820a505
Ubuntu Security Notice USN-3997-1
Posted May 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3997-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin protections, or execute arbitrary code. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-18511, CVE-2019-11698, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9820
SHA-256 | b764bdd9b19cdcfafdbccefdf2eb5c2ed724329c12fa5941a2657ae46e5e37f6
Ubuntu Security Notice USN-3845-2
Posted May 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3845-2 - USN-3845-1 fixed several vulnerabilities in FreeRDP. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 18.10. Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 18.04 LTS and Ubuntu 18.10. Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. Eyal Itkin discovered FreeRDP incorrectly handled NTLM authentication. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-8786
SHA-256 | 03e0f2b0386c71326f3ec2373603df509289258f73ad85d03b0eb3bd88fa9b0e
Ubuntu Security Notice USN-3995-2
Posted May 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3995-2 - USN-3995-1 fixed a vulnerability in keepalived. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Keepalived incorrectly handled certain HTTP status response codes. A remote attacker could use this issue to cause Keepalived to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-19115
SHA-256 | 4f93c2c4c34be89ed55ee6d2a814d652253d98f3a1900c1ee4ac0f6b9dd09556
Apple Security Advisory 2019-5-28-1
Posted May 29, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-5-28-1 - iTunes for Windows 12.9.5 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple
advisories | CVE-2019-6237, CVE-2019-8571, CVE-2019-8577, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8598, CVE-2019-8600, CVE-2019-8601, CVE-2019-8602, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628
SHA-256 | a8cf3707208972e2c01ab0be87b5f8b46d4589494882930c1bde0e5d27962e38
Apple Security Advisory 2019-5-28-2
Posted May 29, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-5-28-2 - iCloud for Windows 7.12 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple
advisories | CVE-2019-6237, CVE-2019-8571, CVE-2019-8577, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8598, CVE-2019-8600, CVE-2019-8601, CVE-2019-8602, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628
SHA-256 | 7a79e52f2785aa6d771b3218d0126c9cd1cf4aa23fb826e3656bc0117dd41406
Page 1 of 19
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close