Ubuntu Security Notice 4171-1 - Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Various other issues were also addressed.
414c77c1efcd581bccb93eb38f2173989c5cd936f5639b87bd9d281606c00e45Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
b1ab3d738d61d727cce3db2834c74e0d3f9d64dd23f7c1d305ccd92c05839223Red Hat Security Advisory 2019-3255-01 - Heketi provides a RESTful management interface that can be used to manage the life cycle of GlusterFS volumes. With Heketi, cloud services like OpenStack Manila, Kubernetes, and OpenShift can dynamically provision GlusterFS volumes with any of the supported durability types. Heketi will automatically determine the location for bricks across the cluster, making sure to place bricks and its replicas across different failure domains. Heketi also supports any number of GlusterFS clusters, allowing cloud services to provide network file storage without being limited to a single GlusterFS cluster.
dedb851428a54d9ccf67f8fbfcc2929ffa91dcb5d8801c33e85cab12d4bea8a9iSeeQ Hybrid DVR WH-H4 versions 1.03R and 2.0.0.P suffer from an unauthenticated and unauthorized live stream disclosure vulnerability when get_jpeg script is called.
2527c2f23c073d2297e68ff7e40a00e0d9b7718b04646a0169d6462b16fd1c31Red Hat Security Advisory 2019-3253-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and various information.
e618919ed776649dfce281b1c564622323d2d94f2b50f4885029fcdb324b1c6dJavaScriptCore (JSC) GetterSetter suffers from a type confusion vulnerability during DFG compilation.
f8e60930397de757314b85c289c63228a5b19761b6793d77e58b54ffc9aab262Ubuntu Security Notice 4170-1 - Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute code as the whoopsie user.
6fac85dce2731913253b710497a95e001fbe05954d7fe2840f6f78e566c0ef8147 bytes small Linux/x86 (NOT|ROT+8 Encoded) execve(/bin/sh) null free shellcode.
5126a940c58c7f5f3299183cf28243ed1ac37a3f18ff919c6188dec22e23f309Citrix StoreFront Server version 7.15 suffers from an XML external entity injection vulnerability.
179c0d1aea2e1a88c424e879d0658af19c0726c2fbf5308693fd30506d076ec8Ubuntu Security Notice 4169-1 - It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly execute arbitrary code.
49e751148e79baf76e691a3db5344f7464dfb778c39475e930265e4cc7492926WMV to AVI MPEG DVD WMV Converter version 4.6.1217 suffers from a denial of service vulnerability.
8beb518893d841f080cf953c404ca650f462bddc06447c5f6a5f61191e6b8233Red Hat Security Advisory 2019-3245-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include unbounded memory growth.
7109fee70b5637b2e5b176db11d56b0ba3ba07ab6e791ed8ede3d1dad2c562b9Red Hat Security Advisory 2019-3244-01 - This release of Red Hat Fuse 7.4.1 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
472947f2afb495f3a83c7d81d41d1b56610b9d58b5a704ac0bab74c68c04f27dUbuntu Security Notice 4167-2 - USN-4167-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. Various other issues were also addressed.
b5fb0142cc993c986386d3ffec9da13cd0602f1b07d4c30053d11a3bbcb90d49Red Hat Security Advisory 2019-3239-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and traversal vulnerabilities.
5b03eefa48a154f9b334fb50aaeaa5c76a0250f458dd00c3dbcd0d7dc1edc068Red Hat Security Advisory 2019-3238-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.
33861b64c541b1dcaea4a8cd365910f372ddebcb9b10e3707a44ab96149e0bd5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed