what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2019-10-15

Ubuntu Security Notice USN-4156-1
Posted Oct 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4156-1 - It was discovered that SDL incorrectly handled certain images. If a user were tricked into opening a crafted image file, a remote attacker could use this issue to cause SDL to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13616, CVE-2019-7575, CVE-2019-7635
SHA-256 | 2a81788bd74fc01f6a4d87bd4c76e2f5ad2b57cc82073544912e5e453e0b7f9c
Red Hat Security Advisory 2019-3067-01
Posted Oct 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3067-01 - Java Security Services provides an interface between Java Virtual Machine and Network Security Services. It supports most of the security standards and encryption technologies supported by NSS including communication through SSL/TLS network protocols. JSS is primarily utilized by the Certificate Server as a part of the Identity Management System. An implicit trust issue has been addressed.

tags | advisory, java, protocol
systems | linux, redhat
advisories | CVE-2019-14823
SHA-256 | d0ec640d7850a1859c224dcb835415db37206332e8a01c589d1fc708e6f0e91b
Red Hat Security Advisory 2019-3055-01
Posted Oct 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3055-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, heap overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-20856, CVE-2019-10126, CVE-2019-3846, CVE-2019-9506
SHA-256 | b027026790de1e5b3df9960c8b8f9634c244c64fc94d9cca1b1eec152bf4de1d
Red Hat Security Advisory 2019-3076-01
Posted Oct 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3076-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include heap overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-20856, CVE-2019-10126, CVE-2019-3846, CVE-2019-9506
SHA-256 | fead7025c4a582d00ff91a7edb01aaff16cd6ed600d6c13699241d8d720209a9
Red Hat Security Advisory 2019-3082-01
Posted Oct 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3082-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on WildFly. This asynchronous patch is a security update for the wildfly-core package in Red Hat JBoss Enterprise Application Platform 7.2.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-14838
SHA-256 | 84db3db638978eaf2e7a0357b98d7ed22446b5ceddde8119dfa8b731b022762a
Red Hat Security Advisory 2019-3083-01
Posted Oct 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3083-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on WildFly. This asynchronous patch is a security update for the wildfly-core package in Red Hat JBoss Enterprise Application Platform 7.2.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-14838
SHA-256 | 583f4619cbef72b579e03bdcd33486425c3f0693ff702dae6f99d6698ba8b657
Ubuntu Security Notice USN-4155-1
Posted Oct 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4155-1 - It was discovered that Aspell incorrectly handled certain inputs. An attacker could potentially access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-17544
SHA-256 | 593c7a9968db59d7adfc25cf833f95cab35b4089f8640b3b9c605d8550e20642
Bolt CMS 3.6.10 Cross Site Request Forgery
Posted Oct 15, 2019
Authored by r3m0t3nu11

Bolt CMS version 3.6.10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 542707b978972f0d747d6caecd9f18999f07424eb2c9c2fa696a000f8afbe767
sudo 1.8.28 Security Bypass
Posted Oct 15, 2019
Authored by joev, Mohin Paramasivam

sudo version 1.8.28 suffers from a security bypass vulnerability.

tags | exploit, bypass
SHA-256 | ec35a5c3501bc30592776b4e452cfc692b4f63c07d8cfcfbaac9a2658edd5f5a
ActiveFax Server 6.92 Build 0316 ActiveFaxServiceNT Unquoted Service Path
Posted Oct 15, 2019
Authored by Cakes

ActiveFax Server version 6.92 Build 0316 suffers from an ActiveFaxServiceNT unquoted service path vulnerability.

tags | exploit
SHA-256 | 0cccd601b3e92f4da2e0d26b68b0e827391e76a4e3668eed80dbbadf6da3f2c8
Hacking The PS2 With Yabasic
Posted Oct 15, 2019
Authored by CTurt

Whitepaper that discusses hacking the Sony Playstation 2 with Yabasic.

tags | paper
SHA-256 | a14a8be2940cde824cbb283cda409438d3c54554046b5653892fa56ef8d6ad8f
Debian Security Advisory 4543-1
Posted Oct 15, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4543-1 - Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID - -1 or 4294967295. This could allow a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access.

tags | advisory, arbitrary, root
systems | linux, debian
advisories | CVE-2019-14287
SHA-256 | 4971069c0d651dcd9257a909634aa8a058965dd724849b1ac7aaac423b42c35e
Slackware Security Advisory - sudo Updates
Posted Oct 15, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New sudo packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-14287
SHA-256 | 7b94b505cd8d35e808f3d74558fcd3c8b2ffe7599f1366f78fb4abde60146752
Podman / Varlink Remote Code Execution
Posted Oct 15, 2019
Authored by Jeremy Brown

Remote exploit for Podman when configured with Varlink that allows for remote command execution, denial of service, directory traversal, and information disclosure vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, info disclosure
SHA-256 | 9dade0df8f26903fcb75bd7b183f65c133b07d815d2b11143e1d860fcdd45b69
OpenProject 10.0.1 / 9.0.3 Cross Site Scripting
Posted Oct 15, 2019
Authored by David Haintz | Site sec-consult.com

OpenProject versions 9.0.3 and below and 10.0.1 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-17092
SHA-256 | 27975db18b78df36cf6fd45716d389ffb6c02a0c115be0adaae8b41026649331
Red Hat Security Advisory 2019-3050-01
Posted Oct 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3050-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.4 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and code execution vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-10184, CVE-2019-12086, CVE-2019-12814, CVE-2019-14379, CVE-2019-14820, CVE-2019-14832
SHA-256 | 74c31beb9387ce733882cb7dd37d5042f66b5f7eaf20f14bda92d947ec6064bb
Red Hat Security Advisory 2019-3049-01
Posted Oct 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3049-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. These packages provide security updates to adapters for use with Red Hat Single Sign-On 7.3.4 for Red Hat JBoss Enterprise Application Platform 7.2. An adapter endpoint exposure issue has been addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-14820
SHA-256 | 3f2437905523b998f0a867eeca81792278137ece7f9f1b31003e51757269b873
Red Hat Security Advisory 2019-3041-01
Posted Oct 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3041-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the OpenShift Service Mesh 1.0.1 release. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513
SHA-256 | 097e4aeccf134590f368115ab1b4dc8ab7479fb04038e252d395e22509b49112
Ubuntu Security Notice USN-4154-1
Posted Oct 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4154-1 - Joe Vennix discovered that Sudo incorrectly handled certain user IDs. An attacker could potentially exploit this to execute arbitrary commands as the root user.

tags | advisory, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2019-14287
SHA-256 | d95c55d5a4932a56de956ece1b1935d2931d0e5552d36318a2f7b4c3658fe3f2
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close