what you don't know can hurt you
Showing 1 - 25 of 36,411 RSS Feed

Operating System: Linux

Red Hat Security Advisory 2019-3892-01
Posted Nov 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3892-01 - This release of Red Hat Fuse 7.5.0 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, information leakage, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2017-15095, CVE-2017-17485, CVE-2018-1000850, CVE-2018-11307, CVE-2018-1131, CVE-2018-11775, CVE-2018-11796, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-8009, CVE-2018-8034, CVE-2019-0201, CVE-2019-0204, CVE-2019-10173, CVE-2019-14860, CVE-2019-16869, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518
MD5 | caca5850ecb30715635fef3da933c44f
Ubuntu Security Notice USN-4194-1
Posted Nov 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4194-1 - Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-3466
MD5 | 3d5d5b5594832e582b24922191aae2ed
Red Hat Security Advisory 2019-3890-01
Posted Nov 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3890-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14869
MD5 | 104bfffb96dddc58059aaf58fd2aebbc
Ubuntu Security Notice USN-4193-1
Posted Nov 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4193-1 - Paul Manfred and Lukas Schauer discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14869
MD5 | 4d26777cb9ff426bb18a110b0c3ac708
Red Hat Security Advisory 2019-3888-01
Posted Nov 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3888-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14869
MD5 | 4b658d4553d6e4ec831b77adf3a99a72
Red Hat Security Advisory 2019-3889-01
Posted Nov 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3889-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write vulnerability was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
MD5 | 4263ac85ef2fe7982d3d023485738ab2
Red Hat Security Advisory 2019-3887-01
Posted Nov 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3887-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. An arbitrary kernel memory write vulnerability was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
MD5 | d53c3f3eb540cb8764a9a082833ccf6c
FusionPBX Operator Panel exec.php Command Execution
Posted Nov 14, 2019
Authored by Brendan Coles, Dustin Cobb | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability in FusionPBX versions 4.4.3 and prior. The exec.php file within the Operator Panel permits users with operator_panel_view permissions, or administrator permissions, to execute arbitrary commands as the web server user by sending a system command to the FreeSWITCH event socket interface. This module has been tested successfully on FusionPBX version 4.4.1 on Ubuntu 19.04 (x64).

tags | exploit, web, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2019-11409
MD5 | 8371c066836fe4c5336f32a7b5aa18d5
FusionPBX Command exec.php Command Execution
Posted Nov 14, 2019
Authored by Brendan Coles | Site metasploit.com

This Metasploit module uses administrative functionality available in FusionPBX to gain a shell. The Command section of the application permits users with exec_view permissions, or superadmin permissions, to execute arbitrary system commands, or arbitrary PHP code, as the web server user. This module has been tested successfully on FusionPBX version 4.4.1 on Ubuntu 19.04 (x64).

tags | exploit, web, arbitrary, shell, php
systems | linux, ubuntu
MD5 | f85a37b65def4dd691f01bcc8dc57001
FreeSWITCH Event Socket Command Execution
Posted Nov 14, 2019
Authored by Brendan Coles | Site metasploit.com

This Metasploit module uses the FreeSWITCH event socket interface to execute system commands using the system API command. The event socket service is enabled by default and listens on TCP port 8021 on the local network interface. This module has been tested successfully on FreeSWITCH versions: 1.6.10-17-726448d~44bit on FreeSWITCH-Deb8-TechPreview virtual machine; 1.8.4~64bit on Ubuntu 19.04 (x64); and 1.10.1~64bit on Windows 7 SP1 (EN) (x64).

tags | exploit, local, tcp
systems | linux, windows, ubuntu, 7
MD5 | fabd4afa284981bdc1c471d62f81d23a
Ubuntu shiftfs refcount Underflow / Type Confusion
Posted Nov 14, 2019
Authored by Jann Horn, Google Security Research

Ubuntu suffers from refcount underflow and type confusion vulnerabilities in shiftfs.

tags | exploit, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-15793
MD5 | 0997e77626bf20fe372537310c94c69f
Ubuntu Security Notice USN-4192-1
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4192-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-12974, CVE-2019-12978, CVE-2019-13295, CVE-2019-13304, CVE-2019-13308, CVE-2019-13391, CVE-2019-15140, CVE-2019-16711
MD5 | ecdb1a346e29876aa64e3ec34325e2a1
Red Hat Security Advisory 2019-3883-01
Posted Nov 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3883-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write issue was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
MD5 | 27d3a1e6a923397522bdbc68da9f6f9d
Ubuntu Security Notice USN-4191-1
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4191-1 - It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. Sergej Schumilo, Cornelius Aschermann and Simon Woerner discovered that the qxl paravirtual graphics driver implementation in QEMU contained a null pointer dereference. A local attacker in a guest could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-12068, CVE-2019-12155, CVE-2019-13164, CVE-2019-14378, CVE-2019-15890
MD5 | 8e7f58665c8a2c50a4d016d2bdb10d3a
Ubuntu Security Notice USN-4191-2
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4191-2 - USN-4191-2 fixed a vulnerability in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-12068, CVE-2019-12155, CVE-2019-13164, CVE-2019-14378, CVE-2019-15890
MD5 | 08f7e0e6b2e4c5fc716d75fd51174222
Ubuntu Security Notice USN-4186-3
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4186-3 - USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. This update addresses the issue. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-16746, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666, CVE-2019-2215
MD5 | 35657c491a35b8937950f7a7a72bcfec
Red Hat Security Advisory 2019-3878-01
Posted Nov 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3878-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write issue was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
MD5 | 718e1370bc4044cd4a17b3d033e41e52
Ubuntu Security Notice USN-4185-3
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4185-3 - USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables are disabled or not supported. This update addresses both issues. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666
MD5 | 48c055fdc23ec8eaea074849871aa586
Ubuntu Security Notice USN-4183-2
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4183-2 - USN-4183-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. This update addresses the issue. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15791, CVE-2019-15792, CVE-2019-15793, CVE-2019-16746, CVE-2019-17666
MD5 | 63968a584ee33d219857ed9bdd445938
Ubuntu Security Notice USN-4184-2
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4184-2 - USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables are disabled or not supported. This update addresses both issues. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-15791, CVE-2019-15792, CVE-2019-15793, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666
MD5 | 729df00f6313e1ee60a63c8d339f79f4
Red Hat Security Advisory 2019-3877-01
Posted Nov 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3877-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write issue was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
MD5 | f21f10f2c3738e1898e5be0695eed6d3
Red Hat Security Advisory 2019-3872-01
Posted Nov 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3872-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write issue was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
MD5 | c8e77457b393b8584c9d98eb58dbc0b9
Red Hat Security Advisory 2019-3770-01
Posted Nov 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3770-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the oauth-server container image for Red Hat OpenShift Container Platform 4.2.4. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2019-3889
MD5 | 03372543ae393c4bce603b4572384765
Red Hat Security Advisory 2019-3771-01
Posted Nov 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3771-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the golang-github-prometheus-prometheus container image for Red Hat OpenShift Container Platform 4.2.4. A cross site scripting issue was addressed.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2019-10215
MD5 | 0caefec9ef6b92b644544d0c746a7448
Red Hat Security Advisory 2019-3873-01
Posted Nov 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3873-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write issue was addressed.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2019-0155
MD5 | 4599f88f933a2f38eded08c713292d2d
Page 1 of 1,457
Back12345Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    10 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close