nZEDb version 0.7.3.3 suffers from a cross site scripting vulnerability.
757d005f6b520fede3eb3727f1000b70a7cba60ba57bf72e6e42c924497fd1a9This Microsoft bulletin summary lists multiple CVEs and security bulletins that have undergone a major revision increment.
161586e64259dc4b705b4ce46b4a0914803be67a146156a1ec784629170dcf5dSynology Photo Station versions 6.7.3-3432 and 6.3-2967 suffer from a code execution vulnerability.
aee069f51577df77fc6d3c899ca3c89aa1f4c3de9f2251ed8ac15f6a9b582141WildMIDI version 0.4.2 suffers from multiple invalid memory read vulnerabilities that can result in a denial of service.
612fdf77abbe0d5c163e14706f4ce2d0d0d044df31edc4b7ba5f6129a2baafc2minidjvu version 0.8 suffers from multiple invalid memory read vulnerabilities that can result in a denial of service.
a0f3b6b136bf5a53a4d68b7de9e7314cf7b4d67e1c02588b83b53563379c8b43This Microsoft bulletin lists dozens of updates for August, 2017.
b3660056fd3a1e28a4c8696cbe86d46898db7a81d7f714a386e8e033dc64a2feswap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc.
53147e0cf82da4bdc5ee73a8bc75667f3afd51f62351d8d4a1ef19fbcbf6f22fI2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
94867fc8ac91eb561598736f6d51773375110db546f8b057c29758b0045931d8Demystifying Windows Kernel Exploitation by Abusing GDI Objects. This has the Windows 7 SP1 x86 exploit demonstrated at Defcon 25.
6287c58e621193e7199a983298783aa8371bbb55c1eb72e967dedb90de150e9fRed Hat Security Advisory 2017-2452-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.
e332da797d136dab5f35b8a55aee5d467b8ffc2e646ac39b1bf719a5381fb561Red Hat Security Advisory 2017-2447-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-arptables, net.bridge.bridge-nf-call-ip6tables, and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.
6f49858c20fc978a17ddcb8ce3cd27ecaba0391a568aaed6ff0540f9b8a81821Red Hat Security Advisory 2017-2449-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.
8b30f6b05789306a07e613c91c5e2667da08e978fcf6a5de1413a5956ff9591bRed Hat Security Advisory 2017-2448-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.
1cbccfb08fa42b0999e1dd879f15005572bfbf3367c6ad68492bbb48d3bf1234Red Hat Security Advisory 2017-2451-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.
0fd69ae991c87f5efd6f8613d49aa915ec40d810af6cc0f1ce47d023553feff2Red Hat Security Advisory 2017-2450-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.
623056c231c64973bc7222d56464222367014397b0645b32a0f17c0e8317270eRed Hat Security Advisory 2017-2445-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: Quick Emulator built with the Network Block Device Server support is vulnerable to a crash via a SIGPIPE signal. The crash can occur if a client aborts a connection due to any failure during negotiation or read operation. A remote user/process could use this flaw to crash the qemu-nbd server resulting in a DoS.
564a8bd494449c806fc2eeae091b4c27627588bc4d2d063bec0ad1ed101993afRed Hat Security Advisory 2017-2444-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system. A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.
1fb9ce595e7c80e760f459ffa8a8b09a3a16c5f8891d2ff710a4383d51d5b053Red Hat Security Advisory 2017-2437-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system. A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.
8bf76b236d5b2df60d52f09cd101ddac0fadabb550736b9a086a865e6826e552
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed