what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2020-01-23

Ubuntu Security Notice USN-4230-2
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4230-2 - USN-4230-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-15961
SHA-256 | c6be35a15063cde7ea70940962dd6cf7e7c4be37bb06f6a5cf42df85454b62a6
Ubuntu Security Notice USN-4233-2
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4233-2 - USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1 priority strings that can be used to temporarily re-enable SHA1 until certificates can be replaced with a stronger algorithm. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
SHA-256 | 48627f3cc778abc3900d704a88a95b86bedcd0d00322dce1949996ff7b442159
Red Hat Security Advisory 2020-0215-01
Posted Jan 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0215-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14904, CVE-2019-14905
SHA-256 | ba8e323dd6d82fc2d86718cf85c1a492bd14b69f8df1602e71372949e8344871
Red Hat Security Advisory 2020-0218-01
Posted Jan 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0218-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14904, CVE-2019-14905
SHA-256 | 54d99b79d75f732352fa6bc9a398477f7e84660f5e7b58d876aabfb708693860
Red Hat Security Advisory 2020-0216-01
Posted Jan 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0216-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14904, CVE-2019-14905
SHA-256 | bd2b6102033df520889ec0fe2dc6729b30132e7283e5688c2e9a705dbe51979d
Red Hat Security Advisory 2020-0217-01
Posted Jan 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0217-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14904, CVE-2019-14905
SHA-256 | 22a7bda176a19136b6c9b8837bcad7df12774171071b10980fe883a9cc31eab7
Ubuntu Security Notice USN-4247-3
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4247-3 - USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. Various other issues were also addressed.

tags | advisory, remote, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2019-15795, CVE-2019-15796
SHA-256 | 8bddca56dbb4a79bec4c879b8ff74ac63d10d8587c17c8bd9ba9567aefc29c61
Falco 0.19.0
Posted Jan 23, 2020
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Instead of crashing, now falco will report the error when an internal error occurs while handling an event to be inspected. Integration tests now can run on different distributions via docker containers. Various other updates and bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 87c60273c35d544256e471b403497be33f24df662673338236ec92ba3fc1f8b7
qdPM 9.1 Remote Code Execution
Posted Jan 23, 2020
Authored by Rishal Dwivedi

qdPM version 9.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-7246
SHA-256 | 7e38839c57fb28f501a4b08fba6935a0fba1a06153b69a44056f7c139d22ed77
Umbraco CMS 8.2.2 Cross Site Request Forgery
Posted Jan 23, 2020
Authored by A. Melnikova | Site sec-consult.com

Umbraco CMS version 8.2.2 suffers from cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2020-7210
SHA-256 | 98445d4e93cc2900f5594fe3e8c8583a070898d56bfa6014bb215a90ebac81be
Red Hat Security Advisory 2020-0214-01
Posted Jan 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0214-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 79.0.3945.130. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-6378, CVE-2020-6379, CVE-2020-6380
SHA-256 | 46df82a1d7951b5aab18e5614c1e38da7df43eefffeda0cbefb8901f600af955
Ubuntu Security Notice USN-4249-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4249-1 - It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5188
SHA-256 | c7e01c28f33f62032e35e64564b339e695d3b0b58a8fe882259ddd8e841dbe52
Ubuntu Security Notice USN-4247-2
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4247-2 - USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This update fixes the problem. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations. Various other issues were also addressed.

tags | advisory, remote, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2019-15795, CVE-2019-15796
SHA-256 | c5c90b310d7f5f0416773ced5efb38ab57d54948ec0f54e9541ce80aac0c7b0f
Pachev FTP Server 1.0 Path Traversal
Posted Jan 23, 2020
Authored by 1F98D

Pachev FTP Server version 1.0 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | fce413bdfabb6b3915f35ab909f61f24a643c6aa052c9135d2737a1eb83f5a47
BOOTP Turbo 2.0 Denial Of Service
Posted Jan 23, 2020
Authored by Bobby Cooke

BOOTP Turbo version 2.0 SEH denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 4db8d480c1490e0ceaf69100cf1cbe4af9a7ab18d90d91ad177474fee888fd2a
Red Hat Security Advisory 2020-0204-01
Posted Jan 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0204-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, heap overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-12207, CVE-2018-16884, CVE-2019-0154, CVE-2019-0155, CVE-2019-10126, CVE-2019-11135, CVE-2019-14816, CVE-2019-14821, CVE-2019-14901, CVE-2019-3900, CVE-2019-5489, CVE-2019-9506
SHA-256 | b8530fb9276e80ebe2fec5b38a7dd5cf3a19b3a0b32577a66ec4d709877292f7
Ubuntu Security Notice USN-4246-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4246-1 - It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that zlib incorrectly handled vectors involving left shifts of negative integers. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
SHA-256 | 96fd07ce458fb8e61373e902d959b958850935f8f23a8cce5911e7b2eb804982
Ubuntu Security Notice USN-4248-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4248-1 - It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16545, CVE-2017-17500, CVE-2017-17782
SHA-256 | d69fb75ca770c778259412c98fe692a2c6aebc454b35f7d0332f43a9069ad63f
Ubuntu Security Notice USN-4247-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4247-1 - It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations.

tags | advisory, remote, python
systems | linux, ubuntu
advisories | CVE-2019-15795, CVE-2019-15796
SHA-256 | 402fb2d1cf0e095a11a20ae7a60a1b22d65ad8b15259576de22ffc2b62eddc30
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close