what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-08-13 to 2019-08-14

Debian Security Advisory 4497-1
Posted Aug 13, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4497-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-8553, CVE-2018-20836, CVE-2018-20856, CVE-2018-5995, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-1125, CVE-2019-13631, CVE-2019-13648, CVE-2019-14283, CVE-2019-14284, CVE-2019-3882, CVE-2019-3900
MD5 | 5cbc4a8b5b504c3bf0d4fe88ab472dd3
Ubuntu Security Notice USN-4093-1
Posted Aug 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4093-1 - It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-10126, CVE-2019-1125, CVE-2019-12614, CVE-2019-12984, CVE-2019-13233, CVE-2019-13272, CVE-2019-3846
MD5 | c0b6be2dc1ffa0bcd5add84b3fac57df
Ubuntu Security Notice USN-4095-1
Posted Aug 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4095-1 - Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during Diffie-Hellman key exchange in some situations. An attacker could use this to expose sensitive information. It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2018-5383, CVE-2019-10126, CVE-2019-1125, CVE-2019-11599, CVE-2019-12614, CVE-2019-13272, CVE-2019-3846
MD5 | ff726cc76288b070879d39966cb18209
Ubuntu Security Notice USN-4094-1
Posted Aug 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4094-1 - It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-13053, CVE-2018-13093, CVE-2018-13096, CVE-2018-13098, CVE-2018-13099, CVE-2018-13100, CVE-2018-14609, CVE-2018-14610, CVE-2018-14613, CVE-2018-14614, CVE-2018-14617, CVE-2018-16862, CVE-2018-20169, CVE-2018-20511, CVE-2018-20856, CVE-2018-5383, CVE-2019-10126, CVE-2019-1125, CVE-2019-12614, CVE-2019-12818, CVE-2019-12819, CVE-2019-12984, CVE-2019-13233, CVE-2019-13272, CVE-2019-2024, CVE-2019-2101, CVE-2019-3846
MD5 | 3b73671d729375d8de90582cb3d31f24
Red Hat Security Advisory 2019-2471-01
Posted Aug 13, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2471-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. A padding oracle vulnerability has been addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-1559
MD5 | 5f7b2075e0503b29c80a8881178eb479
Red Hat Security Advisory 2019-2473-01
Posted Aug 13, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2473-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a null pointer vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-17805, CVE-2018-17972, CVE-2019-1125, CVE-2019-5489
MD5 | 442ff53536c6389d9a0b4098876a0071
NSKeyedUnarchiver SGBigUTF8String Decoding Information Leak
Posted Aug 13, 2019
Authored by Google Security Research, natashenka

NSKeyedUnarchiver suffers from an information leak when decoding the SGBigUTF8String class using [SGBigUTF8String initWithCoder:]. This class initializes the string using [SGBigUTF8String initWithUTF8DataNullTerminated:] even though there is no guarantee the bytes provided to the decoder are null terminated. It should use [SGBigUTF8String initWithUTF8Data:] instead.

tags | exploit
advisories | CVE-2019-8663
MD5 | 5ebdb23ae44a72166cf9916fedd9770a
msctf Text Services Framework Design Flaws
Posted Aug 13, 2019
Authored by Tavis Ormandy, Google Security Research

msctf in the Text Services Framework suffers from multiple design flaws that can lead to things like UIPI bypass and interfering with processes.

tags | exploit
MD5 | 189c76e3be251b75e5537879968164e9
TortoiseSVN 1.12.1 Remote Code Execution
Posted Aug 13, 2019
Authored by PingFanZettaKe | Site vulnerability-lab.com

TortoiseSVN version 1.12.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-14442
MD5 | c2b2ef9f102ec3dce79dfa3d1c853566
Ubuntu Security Notice USN-4070-3
Posted Aug 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4070-3 - USN-4070-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758,CVE-2019-2805, CVE-2019-2628, CVE-2019-2627, CVE-2019-2614 in MariaDB 10.3. Ubuntu 19.04 has been updated to MariaDB 10.3.17. In addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-2614, CVE-2019-2739, CVE-2019-2758, CVE-2019-2805
MD5 | 389cc4bca2cbe716440fdfc60864929f
Red Hat Security Advisory 2019-2466-01
Posted Aug 13, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2466-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. An improper authorization issue was addressed.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2019-10159
MD5 | 8820739f3ca31ee3c24a5e25453728eb
Ubuntu Security Notice USN-4070-2
Posted Aug 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4070-2 - USN-4070-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2805 in MariaDB 10.1. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.41. In addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-2737, CVE-2019-2805
MD5 | 40f1deae8fa6d48f65d7ec6631971378
AZORult Botnet SQL Injection
Posted Aug 13, 2019
Authored by prsecurity

AZORult Botnet suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 387fc5727c7039a0e5dadbe0e6068a11
Agent Tesla Botnet Arbitrary Code Execution
Posted Aug 13, 2019
Authored by prsecurity

Agent Tesla Botnet arbitrary code execution exploit.

tags | exploit, arbitrary, code execution
MD5 | d18ae99b8fbed9928285f9fed71ee6b0
Steam Windows Client Local Privilege Escalation
Posted Aug 13, 2019
Authored by Absozed

Steam Windows client local privilege escalation exploit.

tags | exploit, local
systems | windows
MD5 | 70f2ec205f8ac7a877ee45b923875fde
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    9 Files
  • 23
    Aug 23rd
    3 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close