what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files Date: 2019-10-30

Ubuntu Security Notice USN-4171-1
Posted Oct 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4171-1 - Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Various other issues were also addressed.

tags | advisory, local, root
systems | linux, ubuntu
advisories | CVE-2019-11481, CVE-2019-11482, CVE-2019-11483, CVE-2019-11485, CVE-2019-15790
MD5 | 4435b79c84276bd5e52920e950cd2986
Ansvif 1.12
Posted Oct 30, 2019
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This is a bugfix release to ansvif. Many things were tweaked and fixed since the last version, but no real functionality has changed.
tags | tool, fuzzer
systems | unix
MD5 | fb3c8c5f74b8cd710844c5a73a3e6ab4
Red Hat Security Advisory 2019-3255-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3255-01 - Heketi provides a RESTful management interface that can be used to manage the life cycle of GlusterFS volumes. With Heketi, cloud services like OpenStack Manila, Kubernetes, and OpenShift can dynamically provision GlusterFS volumes with any of the supported durability types. Heketi will automatically determine the location for bricks across the cluster, making sure to place bricks and its replicas across different failure domains. Heketi also supports any number of GlusterFS clusters, allowing cloud services to provide network file storage without being limited to a single GlusterFS cluster.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3899
MD5 | 4826792b7ef2183edb45f873efb29d06
iSeeQ Hybrid DVR WH-H4 1.03R / 2.0.0.P (get_jpeg) Stream Disclosure
Posted Oct 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

iSeeQ Hybrid DVR WH-H4 versions 1.03R and 2.0.0.P suffer from an unauthenticated and unauthorized live stream disclosure vulnerability when get_jpeg script is called.

tags | exploit
MD5 | c710c78108eb8eef3cbb203ca10f85c2
Red Hat Security Advisory 2019-3253-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3253-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-10197
MD5 | 0360d9cb55db5bb93b57d3b5c1661590
JavaScriptCore GetterSetter Type Confusion
Posted Oct 30, 2019
Authored by saelo, Google Security Research

JavaScriptCore (JSC) GetterSetter suffers from a type confusion vulnerability during DFG compilation.

tags | exploit
advisories | CVE-2019-8765
MD5 | 63f1952a7a692ab451a162d31ee902ed
Ubuntu Security Notice USN-4170-1
Posted Oct 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4170-1 - Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute code as the whoopsie user.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-11484
MD5 | a84035b492b733edf6e8a3c6ef1f382f
Linux/x86 (NOT|ROT+8 Encoded) execve(/bin/sh) Null Free Shellcode
Posted Oct 30, 2019
Authored by Daniel Ortiz

47 bytes small Linux/x86 (NOT|ROT+8 Encoded) execve(/bin/sh) null free shellcode.

tags | x86, shellcode
systems | linux
MD5 | a9113f7b013779f563b04b416050d879
Citrix StoreFront Server 7.15 XML Injection
Posted Oct 30, 2019
Authored by Vahagn Vardanya

Citrix StoreFront Server version 7.15 suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | 6f5c1fba04bb7a0d33f77002aebcad77
Ubuntu Security Notice USN-4169-1
Posted Oct 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4169-1 - It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18408
MD5 | 5fa6e628153752ffa4f0bff31836d959
WMV To AVI MPEG DVD WMV Converter 4.6.1217 Denial Of Service
Posted Oct 30, 2019
Authored by Nithoshitha S

WMV to AVI MPEG DVD WMV Converter version 4.6.1217 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | fe0e90ffad1e81d90bb940f672daceb2
Red Hat Security Advisory 2019-3245-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3245-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include unbounded memory growth.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9512, CVE-2019-9514
MD5 | d93e2a6695f83a7523cfe3f02a0cb3df
Red Hat Security Advisory 2019-3244-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3244-01 - This release of Red Hat Fuse 7.4.1 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14860
MD5 | cf397179feee53466e8bbfe6db2c65fa
Ajenti 2.1.31 Remote Code Execution
Posted Oct 30, 2019
Authored by Jeremy Brown, Onur ER | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Ajenti versions 2.1.31 and below. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.

tags | exploit, shell
MD5 | 719bfa6b19301442411362d61d7c3263
Ubuntu Security Notice USN-4167-2
Posted Oct 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4167-2 - USN-4167-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. Various other issues were also addressed.

tags | advisory, remote, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-10218, CVE-2019-14847
MD5 | 584d2ef374be5249ad5f412d3fe5f274
Red Hat Security Advisory 2019-3239-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3239-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-1002100, CVE-2019-11249, CVE-2019-11253
MD5 | 91d55b4ca5f3900b9a51847a5ddb314e
Red Hat Security Advisory 2019-3238-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3238-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-0503, CVE-2018-0504, CVE-2018-0505
MD5 | 0f8ef6628479a11b03b9f39a59d7c895
Page 1 of 1
Back1Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close