Red Hat Security Advisory 2017-1856-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An out-of-bounds memory access issue was found in Quick Emulator in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.
92a1e5eb7e2832421e19e24e6aa230b81a1e335730df1aa162dcfec33ebcf9f1Red Hat Security Advisory 2017-2016-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescaping of data. An attacker could potentially use these flaws to crash an application using libcurl by sending a specially crafted input to the affected libcurl functions.
906c4ff2d3f849a7b7ac9bcccb058730586fb09e9d5031c7e88d4cff935f2c95This Metasploit module exploits an information disclosure vulnerability found in Advantech SUSIAccess versions 3.0 and below. The vulnerability is triggered when sending a GET request to the server with a series of dot dot slashes (../) in the file parameter.
987feed6e20b7d8688f866350e62c7ccd8559ac0d7a669fdd86a82be99cf233cRed Hat Security Advisory 2017-1865-01 - The X11 libraries provide library routines that are used within all X Window applications. The following packages have been upgraded to a later upstream version: libX11, libXaw, libXdmcp, libXfixes, libXfont, libXi, libXpm, libXrandr, libXrender, libXt, libXtst, libXv, libXvMC, libXxf86vm, libdrm, libepoxy, libevdev, libfontenc, libvdpau, libwacom, libxcb, libxkbfile, mesa, mesa-private-llvm, xcb-proto, xkeyboard-config, xorg-x11-proto-devel.
2454fbb7037ebbdc80b4a6947f9e13ee65e1806892b4a60080841fce649d6bdbRed Hat Security Advisory 2017-1860-01 - Libtasn1 is a library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. The following packages have been upgraded to a later upstream version: libtasn1. Security Fix: A heap-based buffer overflow flaw was found in the way the libtasn1 library decoded certain DER-encoded inputs. A specially crafted DER-encoded input could cause an application using libtasn1 to perform an invalid read, causing the application to crash.
4e1518276ab61f012581d289e98462389a2b11059b8faa634132b7d1358f0f04Digital Whisper Electronic Magazine issue 84. Written in Hebrew.
4d6ad77c959c2fff252b553732904591efec653bb577dbb4dc15e9cbad464a57SOL.Connect ISET-mpp meter version 1.2.4.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0ef389dd243df44a683e5e4fbc1d9f0af3d2c3dbdb26842b92a00919c116ddf9Red Hat Security Advisory 2017-1975-01 - LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix: An out-of-bounds write flaw was found in the way Libreoffice rendered certain documents containing Polygon images. By tricking a user into opening a specially crafted LibreOffice file, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file.
22bb809c1b29ea770f1612f4490cf54519b4b4ad80b3a023fc637eb3d44edd93Ubuntu Security Notice 3294-2 - USN-3294-1 fixed a vulnerability in Bash. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Bash incorrectly handled the SHELLOPTS and PS4 environment variables. A local attacker could use this issue to execute arbitrary code with root privileges. Various other issues were also addressed.
1c5f65968b7a178ac908c453b9766134aaed4348c26fa73062a3fee0ee96039eRed Hat Security Advisory 2017-1871-01 - The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. The following packages have been upgraded to a later upstream version: tcpdump. Security Fix: Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode which could cause it to display incorrect data, crash or enter an infinite loop.
543ecbee65f5ca3dd083ab9fb102943ec0f4ab45e0c6b83beeec67475a6e0ba9Red Hat Security Advisory 2017-2335-01 - Red Hat Certificate System is an enterprise software system designed to manage enterprise public key infrastructure deployments. PKI Core contains fundamental packages required by Red Hat Certificate System, which comprise the Certificate Authority subsystem. Security Fix: It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates.
52da16b7f5cada3618cecf32b6c6a386fe53e450a412c32a4748cfa33f276e1dRed Hat Security Advisory 2017-2299-01 - NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband, and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. The libnl3 packages contain a convenience library that simplifies using the Linux kernel's Netlink sockets interface for network manipulation. The following packages have been upgraded to a later upstream version: NetworkManager, network-manager-applet.
1151dd610b9f14d0f158da5142d2f5d8d60bf4f991ab785aed627bf67116c74fDebian Linux Security Advisory 3923-1 - Tyler Bohan of Talos discovered that FreeRDP, a free implementation of the Remote Desktop Protocol (RDP), contained several vulnerabilities that allowed a malicious remote server or a man-in-the-middle to either cause a DoS by forcibly terminating the client, or execute arbitrary code on the client side.
93a7aa82e118a13ddf823aaaec23331ffdb56c114ffc871a121494f135b49625Red Hat Security Advisory 2017-2292-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. The following packages have been upgraded to a later upstream version: gnutls. Security Fix: A double-free flaw was found in the way GnuTLS parsed certain X.509 certificates with Proxy Certificate Information extension. An attacker could create a specially-crafted certificate which, when processed by an application compiled against GnuTLS, could cause that application to crash.
c3486f3faa819e7510a3c9b084abd586ba71538517de37cd25648d051b4640f1Red Hat Security Advisory 2017-2338-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions.
e2f3c035f6437815bfc98b0e784bab9e8144444eb788738a8a5bebcb101ea653Red Hat Security Advisory 2017-2285-01 - The authconfig packages contain a command-line utility and a GUI application that can configure a workstation to be a client for certain network user information, authentication schemes, and other user information and authentication-related options. Security Fix: A flaw was found where authconfig could configure sssd in a way that treats existing and non-existing logins differently, leaking information on existence of a user. An attacker with physical or network access to the machine could enumerate users via a timing attack.
2d050f634e082c5c1a3184f47341efcb456065fdcd014f58b84276e42a154311VehicleWorkshop suffers from a remote file upload vulnerability.
d432afd836ca92cee5515ba67567d6329a5ad23eae90e05a8d2bc57a312f34b9This Metasploit module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain a dynamic icon, loaded from a malicious DLL. This vulnerability is a variant of MS15-020 (CVE-2015-0096). The created LNK file is similar except in an additional SpecialFolderDataBlock is included. The folder ID set in this SpecialFolderDataBlock is set to the Control Panel. This is enough to bypass the CPL whitelist. This bypass can be used to trick Windows into loading an arbitrary DLL file.
63ff862692b9e1b52aec2b632659c94eVehicleWorkshop suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0bd45c9f3ab5b3cdca856bbe8862d749b5c68c5efa5fb016a3e7901d024a0f44heinekingmedia StashCat Android versions 1.7.5 and below, Web versions 0.0.80w and below, and Desktop versions 0.0.86 and below suffer from cryptographic and various other vulnerabilities.
4bab8f2f74766bd7c12e476c20b3571bffe8e9742d8e279326fd26383dcb3b75
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed