what you don't know can hurt you
Showing 1 - 22 of 22 RSS Feed

Files Date: 2019-10-29

Ubuntu Security Notice USN-4168-1
Posted Oct 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4168-1 - It was discovered that Libidn2 incorrectly handled certain inputs. A attacker could possibly use this issue to impersonate domains. It was discovered that Libidn2 incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12290, CVE-2019-18224
MD5 | 10f4de4f7ee6c221a81466a5e5d7679b
Red Hat Security Advisory 2019-3231-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3231-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. BR/EDR encryption key negotiation attacks were addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-9506
MD5 | 5b834fab35e4b489a2b086cdaa86ef53
Red Hat Security Advisory 2019-3222-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3222-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Out-of-bounds read and state injection vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2018-15686, CVE-2018-16866
MD5 | 14477b4669afe9df27efd4027d627074
Red Hat Security Advisory 2019-3225-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3225-01 - Java Security Services provides an interface between Java Virtual Machine and Network Security Services. It supports most of the security standards and encryption technologies supported by NSS including communication through SSL/TLS network protocols. JSS is primarily utilized by the Certificate Server as a part of the Identity Management System. The OCSP policy Leaf and Chain implicitly trusts the root certificate.

tags | advisory, java, root, protocol
systems | linux, redhat
advisories | CVE-2019-14823
MD5 | 041a48e4265ed01347d8984710428491
Ubuntu Security Notice USN-4167-1
Posted Oct 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4167-1 - Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. Simon Fonteneau and Bjoern Baumbach discovered that Samba incorrectly handled the check password script. This issue could possibly bypass custom password complexity checks, contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.04, and Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, remote, local
systems | linux, ubuntu
advisories | CVE-2019-10218, CVE-2019-14833, CVE-2019-14847
MD5 | fb9bb75af7733c67fa3cb40b9b5f6643
Ubuntu Security Notice USN-4166-2
Posted Oct 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4166-2 - USN-4166-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2019-11043
MD5 | ef6238f8e5b72babf4cb9b04e3a3e34b
Craft CMS Rate Limiting / Brute Force
Posted Oct 29, 2019
Authored by Mohammed Abdul Raheem

Craft CMS versions up to 3.1.7 are missing rate limiting on password validations.

tags | exploit
advisories | CVE-2019-15929
MD5 | 20a945b5a9341d9bb8431f7153be5809
WordPress 5.2.4 Cross Origin Resource Sharing
Posted Oct 29, 2019
Authored by Milad Khoshdel

WordPress version 5.2.4 fails to validate an origin header.

tags | exploit
MD5 | 1db094f57934f8621b34b78783495b19
Red Hat Security Advisory 2019-3232-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3232-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-19788
MD5 | 0e6d0f2e8f2d8a63206c06f8a27d9bfd
Red Hat Security Advisory 2019-3234-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3234-01 - Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-1010238
MD5 | c913a3d6da61144cb9646b6a9ddb9177
Red Hat Security Advisory 2019-3237-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3237-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903
MD5 | 60ec85b1820b0b6269efef0b1a103727
Microsoft Windows Server 2012 Group Policy Security Feature Bypass
Posted Oct 29, 2019
Authored by Thomas Zuk

Microsoft Windows Server 2012 suffers from a Group Policy security feature bypass vulnerability.

tags | exploit, bypass
systems | windows
advisories | CVE-2015-0009
MD5 | 0beb75f489ff7b7e008f70ed3e84ded8
Red Hat Security Advisory 2019-3220-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3220-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-1125, CVE-2019-3900, CVE-2019-9506
MD5 | c1cda2c555e2692c33e6f3a0db10df55
Red Hat Security Advisory 2019-3217-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3217-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, denial of service, null pointer, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-10902, CVE-2018-20856, CVE-2019-11810, CVE-2019-9500, CVE-2019-9506
MD5 | 4f8fa3c1a7c224ba455015f723255f36
Red Hat Security Advisory 2019-3218-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3218-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. BR/EDR encryption key negotiation attacks were addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-9506
MD5 | 530e30e7196393a498e83ada7547a332
Red Hat Security Advisory 2019-3219-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3219-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. A privilege escalation vulnerability has been addressed.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2019-14287
MD5 | 7f68ee711bca7c2c5e2efd6a5655cebc
Microsoft Windows Server 2012 Group Policy Remote Code Execution
Posted Oct 29, 2019
Authored by Thomas Zuk

Microsoft Windows Server 2012 suffers from a Group Policy remote code execution vulnerability.

tags | exploit, remote, code execution
systems | windows
advisories | CVE-2015-0008
MD5 | 19d9f8bceae9d13ea92a5d4a9528b318
Red Hat Security Advisory 2019-3210-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3210-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903
MD5 | ac7a0525843379bd70b3cef3c0a29c6d
rConfig 3.9.2 Remote Code Execution
Posted Oct 29, 2019
Authored by Askar

rConfig version 3.9.2 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-16662
MD5 | 2dc764b912bb271d4a13e36dc91a18ba
Red Hat Security Advisory 2019-3211-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3211-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120. Issues addressed include bypass, cross site request forgery, file download, heap overflow, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2019-13659, CVE-2019-13660, CVE-2019-13661, CVE-2019-13662, CVE-2019-13663, CVE-2019-13664, CVE-2019-13665, CVE-2019-13666, CVE-2019-13667, CVE-2019-13668, CVE-2019-13669, CVE-2019-13670, CVE-2019-13671, CVE-2019-13673, CVE-2019-13674, CVE-2019-13675, CVE-2019-13676, CVE-2019-13677, CVE-2019-13678, CVE-2019-13679, CVE-2019-13680, CVE-2019-13681, CVE-2019-13682, CVE-2019-13686, CVE-2019-13688, CVE-2019-13691
MD5 | d08bcd1c8d5ac5e60797d9b0b7741537
Win10 MailCarrier 2.51 Buffer Overflow
Posted Oct 29, 2019
Authored by Dino Covotsos, Lance Biggerstaff

Win10 MailCarrier version 2.51 POP3 User remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | c479d83a3653b09d10f592d1df3e7b74
Intelligent Security System SecurOS Enterprise 10.2 Unquoted Service Path
Posted Oct 29, 2019
Authored by Alberto Vargas

Intelligent Security System SecurOS Enterprise version 10.2 suffers from a SecurosCtrlService unquoted service path vulnerability.

tags | exploit
MD5 | d9081058c662d2b3c1302de345d620bd
Page 1 of 1
Back1Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    15 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close