Ubuntu Security Notice 3496-1 - It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code.
80fb3c8c7fa006d1e08575782e3dce959bd30004b0f4f8b9f5c5278cc9fbc1e9TempestSDR is an open source tool that allows you to use any SDR that has a supporting ExtIO (such as RTL-SDR, Airspy, SDRplay, HackRF) to receive the unintentional signal radiation from a screen, and turn that signal back into a live image. This is a pre-compiled version of the project that is built to work on Windows with ExtIO interfaces.
8ba8910a4bf58caeac2cb02e3f6edbd07a32333f3304c30c83828aab87b3c55fThis project is a software toolkit for remotely eavesdropping video monitors using a Software Defined Radio (SDR) receiver. It exploits compromising emanations from cables carrying video signals. Raster video is usually transmitted one line of pixels at a time, encoded as a varying current. This generates an electromagnetic wave that can be picked up by an SDR receiver. The software maps the received field strength of a pixel to a gray-scale shade in real-time. This forms a false colour estimate of the original video signal. The toolkit uses unmodified off-the-shelf hardware which lowers the costs and increases mobility compared to existing solutions. It allows for additional post-processing which improves the signal-to-noise ratio. The attacker does not need to have prior knowledge about the target video display. All parameters such as resolution and refresh rate are estimated with the aid of the software. The software consists of a library written in C, a collection of plug-ins for various Software Define Radio (SDR) front-ends and a Java based Graphical User Interface (GUI). It is a multi-platform application, with all native libraries pre-compiled and packed into a single Java jar file. This forked variant of the original contains an updated Makefile to support Windows with ExtIO interfaces.
913741b472128ad1b2ac7ab93cbf5301bd4d26b65a78782bde70fd5f962156a4HikVision Wi-Fi IP cameras come with a default SSID "davinci", with a setting of no WiFi encryption or authentication. Depending on the firmware version, there is no configuration option within the camera to turn off Wi-Fi. If a camera is deployed via wired ethernet, then the WiFi settings won't be adjusted, and a rogue AP with the SSID "davinci" can be associated to the camera to provide a new attack vector via WiFi to a wired network camera. Tested on firmware versions 5.3.0, 5.4.0, and 5.4.5 and model number DS-2CD2432F-IW.
f5308846195618c1d90deb701b32687a1044057024da5ebb8faa201a03647d06There is a directory traversal issue in attachment downloads in Gmail. For non-gmail accounts, there is no path sanitization on the attachment filename in the email, so when attachments are downloaded, a file with any name and any contents can be written to anywhere on the filesystem that the Gmail app can access.
acde40f4552aa5149be44a28077696e55fd9ef012ef17e6a02fc5ba02d2dce2cExim version 4.89 suffers from a denial of service vulnerability while parsing the BDAT data header.
06400f3e55ff24c12a728e79c0653462e865d8c5b296a559adff089a0a57f067Diving Log version 6.0 suffers from an XML external entity injection vulnerability.
d0450eb5a8f82ef2929848b75adb39ccab2685f6239626955cde5507f931229dA security vulnerability in RSA Authentication Agent API/SDK for C versions 8.5 and 8.6 could potentially lead to authentication bypass in certain limited implementations.
96e44facec66d245517ed5775e0250836be88213983c6ab0a939fbec80c2e1daA security vulnerability in RSA Authentication Agent for Web for Apache Web Server could potentially lead to authentication bypass. Versions 8.0 and 8.0.1 prior to build 618 are affected.
e809201aa940c6a9c8357406fa7d2d471668ca0e033a43147728363b0bbfc35dThis is the Iceman fork of the Chameleon Mini source code for the firmware. The Chameleon Mini is a versatile contactless smartcard emulator compliant to NFC. A popular hardware revision is the Chameleon Mini rev E - rebooted.
6d43a0f372b8297935c834c2db448e3fc735feda1b2cbedd7cff95edcbe021bbUbuntu Security Notice 3477-2 - USN-3477-1 fixed vulnerabilities in Firefox. The update caused search suggestions to not be displayed when performing Google searches from the search bar. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. It was discovered that javascript: URLs pasted in to the addressbar would be executed instead of being blocked in some circumstances. If a user were tricked in to copying a specially crafted URL in to the addressbar, an attacker could potentially exploit this to conduct cross-site scripting attacks. It was discovered that exported bookmarks do not strip script elements from user-supplied tags. If a user were tricked in to adding specially crafted tags to bookmarks, exporting them and then opening the resulting HTML file, an attacker could potentially exploit this to conduct cross-site scripting attacks. Various other issues were also addressed.
9d86fd5032018e790c3b211d4a6351a163087b4a1457ea87bb4f30d6d755a7b4Ubuntu Security Notice 3495-1 - It was discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service, or possibly execute arbitrary code.
9a2b0afb95212034eda457751a8409bd3790121144231c5a778b06133163530aiptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.
582595982431a35d6b5544384918bf51a031a9c773ee746826bacc9afd647b34Ubuntu Security Notice 3494-1 - It was discovered that XML::LibXML incorrectly handled memory when processing a replaceChild call. A remote attacker could possibly use this issue to execute arbitrary code.
72b732fd3f05827c401246f726f4d428a69a60db0e46fbefe772bb646b472cbaUbuntu Security Notice 3493-1 - It was discovered that Exim incorrectly handled memory in the ESMTP CHUNKING extension. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.
b682ce23a365c9f0c1a12f999ea8890678e6432dec8406a563bfa963c428342cUbuntu Security Notice 3476-2 - USN-3476-1 fixed two vulnerabilities in postgresql-common. This update provides the corresponding update for Ubuntu 12.04 ESM. Dawid Golunski discovered that the postgresql-common pg_ctlcluster script incorrectly handled symlinks. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
334649fe863d6da15bfb22775417958a6004976a01d7fb36d76466fbe9a48233CMS Made Simple version 2.1.6 suffers from cross site scripting and server-side template injection vulnerabilities.
6b78c3370b093a9afe1f6852a2f1df3a510d50c437d422d4e858dd8f8493fba3ZTE ZXDSL 831 suffers from an insecure direct object reference vulnerability.
56ed9803c128c1aed4f617858b3568c7769896b1c746cd91482983cbe371b484Red Hat Security Advisory 2017-3265-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Security Fix: This update fixes several vulnerabilities in the MySQL database server.
ef0733358f7868bd51e823af67579e4d81acf87a3799ba07337735c84fab869aRed Hat Security Advisory 2017-3264-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP5. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
b9201431909936ea9fd97a7fcd50d51c4350b43fe1f82c552c0ae26c8fd37e75Red Hat Security Advisory 2017-3263-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker could exploit this flaw to potentially cause information disclosure or crash the application.
c5eab8bf1e060a52f1aeaf4d8be2f3887a32098d9807d9da833a0c80320d986cRed Hat Security Advisory 2017-3260-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code.
72bff5eeaf95fdb4b4ac2ebcf68af55321ee8f64acf7739996295673df7acc07Red Hat Security Advisory 2017-3261-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code.
fed469e8e8d4a4134ed22714125824df53afefc6638baa14aa62045722f9a4bdLinux mincore() discloses uninitialized kernel heap pages. When __walk_page_range() is used on a VM_HUGETLB VMA, callbacks from the mm_walk structure are only invoked for present pages. However, do_mincore() assumes that it will always get callbacks for all pages in the range passed to walk_page_range(), and when this assumption is violated, sys_mincore() copies uninitialized memory from the page allocator to userspace.
61d7e638f72f1ff725aa52efa074d8cca09a3c845e1725489d85845af7ce7c09On Windows 10 32-bit version 1709, a kernel stack memory disclosure was discovered in win32kfull!GreUpdateSpriteInternal.
311cb2fdcf45820b4bf355d49b361e30e088454da5c387727d873126a4419ea2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed