Ubuntu Security Notice 3698-1 - It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array implementation in the Linux kernel sometimes did not properly handle adding a new entry. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
7da0a1087ba0d19f5b16753982535d7adcdc67fada9d245a7c967312fca4844cUbuntu Security Notice 3696-1 - It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Wei Fang discovered an integer overflow in the F2FS filesystem implementation in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that an information leak existed in the generic SCSI driver in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
8512d94bba9cbe7f7683bbee28a609dffc96c7e19622258f64608dca591ae0ecUbuntu Security Notice 3695-1 - Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service. It was discovered that the cdrom driver in the Linux kernel contained an incorrect bounds check. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
8027dac45fca8f547843ef43e09760d5bbb95bb1ee7469c2947cce1a51b7622fUbuntu Security Notice 3695-2 - USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
702548617b260a8caa37ca81a615acaf101fb1759be6eb65f217617fd0740351This Metasploit module exploits a stack buffer overflow in Boxoft WAV to MP3 Converter versions 1.0 and 1.1. By constructing a specially crafted WAV file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode.
7ce78a44af7a5f6b6d50bbd053541d443704b24c121b5a53d4540734c686a507OX App Suite version 7.8.5 suffers from XML external entity injection, information disclosure, and cross site scripting vulnerabilities.
c70d8220abd64fcb08a298d9510add6aeba463a05de8fedbb79e7b7f24e8956bMicrosoft Windows Kernel (win32k.sys) suffers from a local denial of service null pointer vulnerability in NtUserConsoleControl.
86a086e5f1f20c3922d862e53a6241005dcd8473c973a2b52f82a0788801f936RSA Certificate Manager 6.9 contains a fix for a path traversal vulnerability that could potentially be exploited by malicious users to compromise the affected system. Affected versions include RSA Certificate Manager versions 6.9 build 560 through 6.9 build 564. Related CVE number: CVE-2018-11051.
b0a39301b468f6278c926e7a95b90552a4cafafb112b929629b3e67eccf66e49An issue was found in openslp version 2.0.0 that can be used to induce a double free bug or memory corruption by corrupting glibc's doubly-linked memory chunk list. An exploit in included in the advisory.
24cc5fd64d89c90d9150bee25f9b36046758270970383ef9497c40c50ec44527NuCom NC-WR644GACV with software versions STA 005 and below suffer from a configuration file download vulnerability that allows for extraction of the administrative credentials.
481d7531f60c8241e9d174340b7dfc74636635a321f74bda54a0a542f4b92749An issue was discovered on D-Link DIR-890L A2 devices. Due to the predictability of the /docs/captcha_(number).jpeg URI, being local to the network, but unauthenticated to the administrator's panel, an attacker can disclose the CAPTCHAs used by the access point and can elect to load the CAPTCHA of their choosing, leading to unauthorized login attempts to the access point.
8acb847f07e8c2e49d3d517591f2ed4886971da5555d91abe3f74c0cef383bfentop-ng versions prior to 3.4.180617 suffer from a deterministic session ID vulnerability.
293e483b1657fc81d2b659a8a75d1e23868b22fc3c0808ccbfa06ca1866cbf96extjs versions prior to 6.6.0 suffer from a cross site scripting vulnerability.
79ea0ea84a969e84d5e265b2c35cf53a7d1e1a5af11f6ba5523692acb2521445The WePay Chat SDK suffers from an XML external entity injection vulnerability.
dc799ed5541ef9c408c36d05245165306bc138d2bf7e6d43b1720f640049b01aMicrosoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome.
8d4365ff29749bb00d4c8602fbe202d9eb5614113efcfe36a584be9168f59cadDell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to read and modify S3 objects by supplying specially crafted S3 requests.
a67fdaf6998afee82adca54af6ed7795b4850a6fe09b10400511f965ca2bd31fAxis Cameras suffer from authorization bypass, unrestricted dbus access, command injection, denial of service, and information disclosure vulnerabilities.
5e9747cd700a38abddaca3fd3d40d3df83bf20b08c4efc814e47b25f3307c9bf37 bytes small Linux/x86 execve /bin/cat /etc/passwd shellcode.
f84530cbbb07015b10d65703a24c895085ad869390e042e9fdc0cfebd84ab0d5DAMICMS version 6.0.0 suffers from an add administrator cross site request forgery vulnerability.
35f79736afba22e0e75fc0774289d1ce0f753be2a173a3657d3362828418908fDolibarr ERP CRM versions 7.0.3 and below suffers from a remote PHP code injection vulnerability.
fc5142ae39b8819bd3b4adc9a7e85a1e61e619336e7858b6ec007649132d9999Core FTP LE version 2.2 buffer overflow proof of concept exploit.
67c3454254dc0a842790c199ddb5cab2c921e376d6952b501e8ec82011b8c84bSIPp version 3.6 suffers from a local buffer overflow vulnerability.
48d3be73161c0caf2b1a85aff2ef503859763c75b7070912bef416f69c4b80e2Delta Industrial Automation COMMGR version 1.08 stack buffer overflow proof of concept exploit.
31bd3e947b94ae771db04052a06edf75a60597c83defb0da2df81874c4d21c36This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/simple_loglistjs.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.12.0.19 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.12.0.4 firmware.
b06cdd72647a3c5ae361e51c53891472ce5c21a9a290972228f38c754cae44d6VMware NSX SD-WAN Edge versions prior to 3.1.2 suffer from a code execution vulnerability.
58947e45aeebf479114edd1f7dd48b3b567fd8d1dcad3839a700c59138685e42
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed