Ubuntu Security Notice 3111-1 - A use-after-free was discovered in service workers. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via program crash, or execute arbitrary code. It was discovered that web content could access information in the HTTP cache in some circumstances. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
ffd6d84375daa74178a478c8635f4599291a1a43ae3643136d99af097aa90ab8Ubuntu Security Notice 3114-2 - USN-3114-1 fixed a vulnerability in nginx. A packaging issue prevented nginx from being reinstalled or upgraded to a subsequent release. This update fixes the problem. Dawid Golunski discovered that the nginx package incorrectly handled log file permissions. A remote attacker could possibly use this issue to obtain root privileges. Various other issues were also addressed.
9624f67fcd74df71566bea16362a1df2c8cb51b85d3fde2eb0af649b24c90594Red Hat Security Advisory 2016-2101-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: A regular expression denial of service flaw was found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU.
0c1b4ed27f0d1db4f3edc634e7d5fccb7e419a267e21c9074481e69ff631e66bThe GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path name(s) specified on the command line. Versions 1.14 through 1.29 are affected.
9872f2b8fb9c8365d6367de929e2a9d9f3744c7e6f836aad204d328392324992CherryTree version 0.36.9 memory corruption proof of concept exploit.
a73c623309ab0c2fe47472c2cb9b1e12718303197e2fb29512afab216d172f7fJoomla versions 3.4.4 through 3.6.4 suffer from account creation and privilege escalation vulnerabilities.
495bdebaeca0fd37d95ea10730b63dd9b8aceba771e8630ecf9c56de00be0f13HP Security Bulletin HPSBMU03653 1 - Multiple potential security vulnerabilities have been identified in HPE System Management Homepage (SMH) on Windows and Linux. The vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in cross-site scripting (XSS), arbitrary code execution, Denial of Service (DoS), and/or unauthorized disclosure of information. Revision 1 of this advisory.
8c670a2d763c2a2f7a69a05242741bdf9441d037d1584c704b9fdff983643e06HP Security Bulletin HPSBHF3549 1 - A security vulnerability identified with UEFI firmware, dubbed ThinkPwn, has been addressed in certain HP commercial notebook PCs and HP consumer notebook PCs. The vulnerability could be exploited to run arbitrary code in System Management Mode, resulting in elevation of privilege or denial of service. Revision HPSBHF3549 of this advisory.
d316acdb625a0fdff14d3ab3269e8a51e88303d7290a4dc73315c0ce0e70bd55uSQLite version 1.0.0 suffers from a denial of service vulnerability.
3a89d5e80e58ee3a966ebbb0d52131de2fd37b4d4c7f7e4700fb1948d1715b14This post-exploitation Metasploit module requires a meterpreter session to be able to upload/inject our SearchIndexer.exe into WSearch (windows search) service. The WSearch service uses one executable.exe set in binary_path_name and runs it has local/system at startup, this enables local privilege_escalation/persistence_backdooring. To exploit this vulnerability a local attacker needs to inject/replace the executable file into the binary_path_name of the service. Rebooting the system or restarting the service will run the malicious executable with elevated privileges.
147b40da2927d654ea96757dd433f77c12069174180fca4cf82bcd19c6113ae3GNU GTypist version 2.9.5-2 suffers from a local buffer overflow vulnerability.
aca27f7beb816e6d106680dbf916adb2771add6d5cbaebabc7713506fb51dc003dCart version 7.3.0 suffers from a cross site scripting vulnerability.
9863430a576e2a1ba46241ec34cdbc663ce2331fee37e0510c705f41b9663683AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
0434aaf6f3608acef1342519e2b0bbbb0b9ed91d7002f6724b7f2176cf77716aHewlett Packard TouchSmart Calendar Service version 4.1.4245 suffers from a privilege escalation vulnerability.
3ac401606b82093bdf7d0f6ed07c11956a60eeff288f08c6ee1a8ff970f7d3a8Red Hat Security Advisory 2016-2117-01 - OpenStack's File Share Service provides the means to easily provision shared file systems that can be consumed by multiple instances. These shared file systems are provisioned from pre-existing, back-end volumes. The UI component provides the dashboard plugin for the service. Security Fix: A cross-site scripting flaw was discovered in openstack-manila-ui's Metadata field contained in its "Create Share" form. A user could inject malicious HTML/JavaScript code that would then be reflected in the "Shares" overview. Remote, authenticated, but unprivileged users could exploit this vulnerability to steal session cookies and escalate their privileges.
e3745470c67fadf948bd32c8e4a2199fc2b2887dc551d030c708eae080865c05Red Hat Security Advisory 2016-2115-01 - OpenStack's File Share Service provides the means to easily provision shared file systems that can be consumed by multiple instances. These shared file systems are provisioned from pre-existing, back-end volumes. The UI component provides the dashboard plugin for the service. Security Fix: A cross-site scripting flaw was discovered in openstack-manila-ui's Metadata field contained in its "Create Share" form. A user could inject malicious HTML/JavaScript code that would then be reflected in the "Shares" overview. Remote, authenticated, but unprivileged users could exploit this vulnerability to steal session cookies and escalate their privileges.
d404a42f76e49cbb35e2255dc2c142aa737b8716fe2629ad07586e19e27d0604Red Hat Security Advisory 2016-2116-01 - OpenStack's File Share Service provides the means to easily provision shared file systems that can be consumed by multiple instances. These shared file systems are provisioned from pre-existing, back-end volumes. The UI component provides the dashboard plugin for the service. Security Fix: A cross-site scripting flaw was discovered in openstack-manila-ui's Metadata field contained in its "Create Share" form. A user could inject malicious HTML/JavaScript code that would then be reflected in the "Shares" overview. Remote, authenticated, but unprivileged users could exploit this vulnerability to steal session cookies and escalate their privileges.
31f6ebcd49229370b7f2900ffe40967c957825bf8faed803d57574a2a24010a2Red Hat Security Advisory 2016-2118-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
1d008d08d3526b0ffa83651d4b071d5210184d075bdf650210f7f1f6b648c8e1Boonex Dolphin versions 7.3 and below suffer from an authentication bypass vulnerability.
4658d77329bd114fa95331dde278b6549957a93549ef1cd5bc18ffce0cce9541task_t should be considered harmful and can lead to many XNU elevations of privilege.
0c7485685996e007a105a58f511a032918e4823a30285759e8c6228026ef145cKomfy Switch with Camera DKZ-201S/W suffers from a wifi password disclosure vulnerability.
2da0e907e5d7be055bcb38088af54f4f1eb0cc34e40a905e6567878159a08836SmallFTPd version 1.0.3 suffers from a mkd command denial of service vulnerability.
fa4ff306f7fbdcb83d7b886e6ee4d9a7b3a392048f65279003d6fb7e02362261VMware Security Advisory 2016-0017 - VMware product updates address information disclosure issues in VMware Fusion and VMware Tools running on Mac OS X.
82f0e1af00fb6e2af214a5e6c766e4e7e88cf51a23089d7017258dbcdc5e27c0Ubuntu Security Notice 3114-1 - Dawid Golunski discovered that the nginx package incorrectly handled log file permissions. A remote attacker could possibly use this issue to obtain root privileges.
b116940b951075c00e94c3de886a4e2f0c25b77a5edd4f0f00d61be294b8bf2aRed Hat Security Advisory 2016-2110-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
dcb514850d3e86a0c0273e24a7a5b145048460862812fbb5c3e3ddf06f017608
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed