Debian Linux Security Advisory 4123-1 - Multiple vulnerabilities have been found in the Drupal content management framework.
65bcddb5127fe0c94eb776c1e4ca7d94Debian Linux Security Advisory 4122-1 - Several vulnerabilities have been discovered in Squid3, a fully featured web proxy cache.
9ef4b3729b02dbd49c78b7e5631e5ef4Debian Linux Security Advisory 4120-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
87f0dca6b1b225ebfb15055fac6299cfDebian Linux Security Advisory 4121-1 - This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates.
87245a623ef26fdd0d572d9e12848b6fThis Metasploit module attempts to gain root privileges on systems running MagniComp SysInfo versions prior to 10-H64. The .mcsiwrapper suid executable allows loading a config file using the '--configfile' argument. The 'ExecPath' config directive is used to set the executable load path. This Metasploit module abuses this functionality to set the load path resulting in execution of arbitrary code as root. This Metasploit module has been tested successfully with SysInfo version 10-H63 on Fedora 20 x86_64, 10-H32 on Fedora 27 x86_64, 10-H10 on Debian 8 x86_64, and 10-GA on Solaris 10u11 x86.
8b66a6c82ba59a4ce479a1d17b9e36b6Debian Linux Security Advisory 4119-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.
2a1d9f8a84328acf0e9acb5b84c0df02Debian Linux Security Advisory 4118-1 - Jonas Klempel reported that tomcat-native, a library giving Tomcat access to the Apache Portable Runtime (APR) library's network connection (socket) implementation and random-number generator, does not properly handle fields longer than 127 bytes when parsing the AIA-Extension field of a client certificate. If OCSP checks are used, this could result in client certificates that should have been rejected to be accepted.
c56c23b13001ea2e3e827020aa818472Debian Linux Security Advisory 4117-1 - This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates.
769be64f1b789883b6bd010a9e171ba7Debian Linux Security Advisory 4116-1 - Krzysztof Sieluzycki discovered that the notifier for removable devices in the KDE Plasma workspace performed insufficient sanitization of FAT/VFAT volume labels, which could result in the execution of arbitrary shell commands if a removable device with a malformed disk label is mounted.
8bfe9448284b074dff9a1fabba58ddf3Debian Linux Security Advisory 4115-1 - Several vulnerabilities have been discovered in Quagga, a routing daemon.
19d97fa7ebec5bb1ff560eb626ce1667Debian Linux Security Advisory 4114-1 - It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker to perform code execution by providing maliciously crafted input.
ca2602db7870b61fbdcb3dfd1df31f02Debian Linux Security Advisory 4113-1 - Two vulnerabilities were discovered in the libraries of the Vorbis audio compression codec, which could result in denial of service or the execution of arbitrary code if a malformed media file is processed.
3e78b5f22d8d879f4bbbb3a2bdf5e149Debian Linux Security Advisory 4112-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.
227a4e95c43bc1ebc4f9762fff3d1f24Debian Linux Security Advisory 4111-2 - Mikhail Klementev, Ronnie Goodrich and Andrew Krasichkov discovered that missing restrictions in the implementation of the WEBSERVICE function in LibreOffice could result in the disclosure of arbitrary files readable by the user who opens a malformed document.
df5fa3515315ff3ab6f16abf80984634Debian Linux Security Advisory 4111-1 - Mikhail Klementev, Ronnie Goodrich and Andrew Krasichkov discovered that missing restrictions in the implementation of the WEBSERVICE function in LibreOffice could result in the disclosure of arbitrary files readable by the user who opens a malformed document.
29e7cddfca383d97f95385a564fbacaeDebian Linux Security Advisory 4110-1 - Meh Chang discovered a buffer overflow flaw in a utility function used in the SMTP listener of Exim, a mail transport agent. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially the execution of arbitrary code via a specially crafted message.
9bf9a6ae2812c2a0e4e752f35153e3a6Debian Linux Security Advisory 4109-1 - Lalith Rallabhandi discovered that OmniAuth, a Ruby library for implementing multi-provider authentication in web applications, mishandled and leaked sensitive information. An attacker with access to the callback environment, such as in the case of a crafted web application, can request authentication services from this module and access to the CSRF token.
209150e6c8b25b260f506e39aec1bad3This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library (glibc) dynamic linker. glibc ld.so in versions before 2.11.3, and 2.12.x before 2.12.2 does not properly restrict use of the LD_AUDIT environment variable when loading setuid executables. This allows loading arbitrary shared objects from the trusted library search path with the privileges of the suid user. This Metasploit module uses LD_AUDIT to load the libpcprofile.so shared object, distributed with some versions of glibc, and leverages arbitrary file creation functionality in the library constructor to write a root-owned world-writable file to a system trusted search path (usually /lib). The file is then overwritten with a shared object then loaded with LD_AUDIT resulting in arbitrary code execution. This Metasploit module has been tested successfully on glibc version 2.11.1 on Ubuntu 10.04 x86_64 and version 2.7 on Debian 5.0.4 i386. RHEL 5 is reportedly affected, but untested. Some glibc distributions do not contain the libpcprofile.so library required for successful exploitation.
2bf9e1106acf9e1f0a7b618fe7f2da3fDebian Linux Security Advisory 4108-1 - Calum Hutton and the Mailman team discovered a cross site scripting and information leak vulnerability in the user options page. A remote attacker could use a crafted URL to steal cookie information or to fish for whether a user is subscribed to a list with a private roster.
4f68db027d8c873d8be795e63da0a7e8Debian Linux Security Advisory 4105-2 - A regression was detected in the previously issued fix for CVE-2018-6360. The patch released with DSA 4105-1 broke the feature of invoking mpv with raw YouTube ids. This update fixes this functionality issue.
001a1cafc6dd1b95ad3024dbfa259269Debian Linux Security Advisory 4107-1 - It was discovered that the webhook validation of Anymail, a Django email backends for multiple ESPs, is prone to a timing attack. A remote attacker can take advantage of this flaw to obtain a WEBHOOK_AUTHORIZATION secret and post arbitrary email tracking events.
19242d0186d2470142753e3b728d4c56Debian Linux Security Advisory 4106-1 - Two vulnerabilities were discovered in Libtasn1, a library to manage ASN.1 structures, allowing a remote attacker to cause a denial of service against an application using the Libtasn1 library.
59b81c16b6973dde15225d9c0c8a9a19Debian Linux Security Advisory 4105-1 - It was discovered that mpv, a media player, was vulnerable to remote code execution attacks. An attacker could craft a malicious web page that, when used as an argument in mpv, could execute arbitrary code in the host of the mpv user.
bfcbda579d18140ffb85913b522a3969Debian Linux Security Advisory 4104-1 - 'landave' discovered a heap-based buffer overflow vulnerability in the NCompress::NShrink::CDecoder::CodeReal method in p7zip, a 7zr file archiver with high compression ratio. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running p7zip, if a specially crafted shrinked ZIP archive is processed.
37f24efc8b47c5221b4ad9a8a14807e1Debian Linux Security Advisory 4103-1 - Several vulnerabilities have been discovered in the chromium web browser.
ea3f7884f763eea2a60473cfda0b5b22
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed