exploit the possibilities
Showing 1 - 25 of 79 RSS Feed

Files Date: 2019-08-06

Mandos Encrypted File System Unattended Reboot Utility 1.8.7
Posted Aug 6, 2019
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: In the client, always compile with LFS (Large File Support) has been enabled. In the server, a man page has been improved.
tags | tool, remote, root
systems | linux, unix
SHA-256 | a89466d5232583fba0265c011a40644874a0b8cdf8005e0eded48a36f1f8c1c7
Chrome blink::PresentationAvailabilityState::UpdateAvailability Heap Use-After-Free
Posted Aug 6, 2019
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap use-after-free condition in blink::PresentationAvailabilityState::UpdateAvailability.

tags | exploit
SHA-256 | 23c003926c5c85cdcdf771092ba8c81c3f494485b3ff22565d8e9b7a04d1d2d5
FreeBSD Security Advisory - FreeBSD-SA-19:21.bhyve
Posted Aug 6, 2019
Authored by Reno Robert | Site security.freebsd.org

FreeBSD Security Advisory - The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload ("TSO"). The e1000 device model uses an on-stack buffer to generate the modified packet header when simulating these modifications on transmitted packets. When TCP segmentation offload is requested for a transmitted packet, the e1000 device model used a guest-provided value to determine the size of the on-stack buffer without validation. The subsequent header generation could overflow an incorrectly sized buffer or indirect a pointer composed of stack garbage. A misbehaving bhyve guest could overwrite memory in the bhyve process on the host.

tags | advisory, overflow, tcp
systems | freebsd
advisories | CVE-2019-5609
SHA-256 | 5e5c704f8d1d9d95ef61652110af66385c6af7587e83674bd336e945b3308d47
FreeBSD Security Advisory - FreeBSD-SA-19:20.bsnmp
Posted Aug 6, 2019
Authored by Guido Vranken | Site security.freebsd.org

FreeBSD Security Advisory - A function extracting the length from type-length-value encoding is not properly validating the submitted length. A remote user could cause, for example, an out-of-bounds read, decoding of unrelated data, or trigger a crash of the software such as bsnmpd resulting in a denial of service.

tags | advisory, remote, denial of service
systems | freebsd, bsd
advisories | CVE-2019-5610
SHA-256 | f03bcb9feddf2d950ed61f77228c3a12e63a2a09995ac33ae2fea33ab21e623b
FreeBSD Security Advisory - FreeBSD-SA-19:19.mldv2
Posted Aug 6, 2019
Authored by CJD of Apple | Site security.freebsd.org

FreeBSD Security Advisory - The ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs. A remote attacker may be able to cause an out-of-bounds read or write that may cause the kernel to attempt to access an unmapped page and subsequently panic.

tags | advisory, remote, kernel
systems | freebsd
advisories | CVE-2019-5608
SHA-256 | 86cd4d5aa66f71d8010f300a18e1ff2919650d4f774ebb9f118b77a491c22e1b
FreeBSD Security Advisory - FreeBSD-SA-19:18.bzip2
Posted Aug 6, 2019
Site security.freebsd.org

FreeBSD Security Advisory - The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip2(1) file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip2(1) file. An attacker who can cause maliciously crafted input to be processed may trigger either of these bugs. The bzip2recover bug may cause a crash, permitting a denial-of-service. The bzip2 decompressor bug could potentially be exploited to execute arbitrary code. Note that some utilities, including the tar(1) archiver and the bspatch(1) binary patching utility (used in portsnap(8) and freebsd-update(8)) decompress bzip2(1)-compressed data internally; system administrators should assume that their systems will at some point decompress bzip2(1)-compressed data even if they never explicitly invoke the bunzip2(1) utility.

tags | advisory, arbitrary
systems | freebsd
advisories | CVE-2016-3189, CVE-2019-12900
SHA-256 | c0796921394dbd2b07e095dfc85718db5fd86cd3cd5df94e1e8e5e3f050f2c2c
Ubuntu Security Notice USN-4087-1
Posted Aug 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4087-1 - It was discovered that Burrows-Wheeler Aligner mishandled certain crafted .alt files. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-10269
SHA-256 | 51aca66af25c08c6c962fc0c761e94b4ba4857e39f1148b2712df4951ad4ca8d
Ubuntu Security Notice USN-4086-1
Posted Aug 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4086-1 - It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this vulnerability to write arbitrary files to the target's filesystem.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-3902
SHA-256 | 0bf7f43989897b14f7c29947d932dbda752c9e538924a02d82525739ce52458e
Red Hat Security Advisory 2019-2053-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2053-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, code execution, denial of service, and null pointer vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-3186, CVE-2018-10779, CVE-2018-10963, CVE-2018-12900, CVE-2018-17100, CVE-2018-17101, CVE-2018-18557, CVE-2018-18661, CVE-2018-7456, CVE-2018-8905
SHA-256 | eefda7eb2b6cef18da02e156dd6be995cf60b244b555c2542e43adb2561d2f44
Red Hat Security Advisory 2019-2101-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2101-01 - The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. Issues addressed include denial of service, heap overflow, and null pointer vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2017-17724, CVE-2018-10772, CVE-2018-10958, CVE-2018-10998, CVE-2018-11037, CVE-2018-12264, CVE-2018-12265, CVE-2018-14046, CVE-2018-17282, CVE-2018-17581, CVE-2018-18915, CVE-2018-19107, CVE-2018-19108, CVE-2018-19535, CVE-2018-19607, CVE-2018-20096, CVE-2018-20097, CVE-2018-20098, CVE-2018-20099, CVE-2018-8976, CVE-2018-8977, CVE-2018-9305
SHA-256 | 20ff2b4ced357e5a6ec10a28a3e980d79d43fbf130a30444ce9ef217c0a8c851
Red Hat Security Advisory 2019-2078-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2078-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-9824
SHA-256 | c01465c4d0d0cdac17f46a2c48177349271745bf0341c5731b3d68c47b17ebff
Red Hat Security Advisory 2019-2281-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2281-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-11645
SHA-256 | 45020627ddd639ec2cbf2e6c935b43ca1927ffd74044e8bba44786fab42701d4
Red Hat Security Advisory 2019-2166-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2166-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds access vulnerability was addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-17963, CVE-2019-6501
SHA-256 | cb5867265a79f64f29d0458f586c823ea584682e0a52d28a9002fcd0af3bf41b
Red Hat Security Advisory 2019-2130-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2130-01 - LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-16858
SHA-256 | 8b76774498c4a9e9865f3316d475af0f76f8b41d7751ace00c86ea481fdfc252
Red Hat Security Advisory 2019-2308-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2308-01 - The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify virtual machine disk images. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat, windows
advisories | CVE-2019-9755
SHA-256 | d5fda1c68e809856cd0fd875b251798a3d0a792b6c2da8f3315b797d4009f77c
Red Hat Security Advisory 2019-2060-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2060-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-6470
SHA-256 | 0d259abc79bc1bbe751614f1ff393eeb742e0ca44a6b68f577cf8ebf62084c7d
Red Hat Security Advisory 2019-2169-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2169-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. An insufficient validation vulnerability was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-5383
SHA-256 | c28dbc3b015aa1608b45f6e9328f646007a792eac551439eeb42b4362a72a19a
Red Hat Security Advisory 2019-2110-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2110-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, tcp
systems | linux, redhat
advisories | CVE-2018-16881
SHA-256 | 2efeb7249cb42d7593aece29d499cd6c456b47c8612bfa859aa531d3b5b061b9
Red Hat Security Advisory 2019-2112-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2112-01 - mod_auth_openidc enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-6059, CVE-2017-6413
SHA-256 | 683852f86cc126bdb908641f310b1f735d8dc9931014d0a7e44409a0bf9bf6c2
Red Hat Security Advisory 2019-2057-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2057-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-5741
SHA-256 | 409bac022eaffd94a90b4f48a66f3f3bea150a298bcc127008d955940d234e52
Red Hat Security Advisory 2019-2332-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2332-01 - AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP files. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-8379, CVE-2019-8383
SHA-256 | 196e852923fccff2dc9546e8a25dcd11de1770b3174725417fe8ec1e12e8b09e
Red Hat Security Advisory 2019-2022-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2022-01 - Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Issues addressed include buffer overflow and null pointer vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-16646, CVE-2018-18897, CVE-2018-19058, CVE-2018-19059, CVE-2018-19060, CVE-2018-19149, CVE-2018-20481, CVE-2018-20650, CVE-2018-20662, CVE-2019-7310, CVE-2019-9200, CVE-2019-9631
SHA-256 | f061e04600cb7a44b8779e63c60cb0e6e00ccc4f4e226136e98e81aa1893874b
Red Hat Security Advisory 2019-2290-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2290-01 - The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Issues addressed include a null pointer vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-20532, CVE-2018-20533, CVE-2018-20534
SHA-256 | c16e0519287198b30214c8dd47caa5ed386a78eccecff2199486ef0906b7e366
Red Hat Security Advisory 2019-2097-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2097-01 - The Archive::Tar module provides a mechanism for Perl scripts to manipulate tar archive files. Issues addressed include a traversal vulnerability.

tags | advisory, perl
systems | linux, redhat
advisories | CVE-2018-12015
SHA-256 | b503047a7be676f8471bbf9a3187ab71674e8aa318ac5d13a41673d9a39256ba
Red Hat Security Advisory 2019-2043-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2043-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-10853, CVE-2018-13053, CVE-2018-13093, CVE-2018-13094, CVE-2018-13095, CVE-2018-14625, CVE-2018-14734, CVE-2018-15594, CVE-2018-16658, CVE-2018-16885, CVE-2018-18281, CVE-2018-7755, CVE-2018-8087, CVE-2018-9363, CVE-2018-9516, CVE-2018-9517, CVE-2019-11599, CVE-2019-11810, CVE-2019-11833, CVE-2019-3459, CVE-2019-3460, CVE-2019-3882, CVE-2019-3900, CVE-2019-5489, CVE-2019-7222
SHA-256 | e071d742d6603367cb65da2c4efe950228d4321aa8233e8b9ddce2ca45118e06
Page 1 of 4
Back1234Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close