Red Hat Security Advisory 2018-2733-01 - The rubygem provided by rubygem-smart_proxy_dynflow is a plugin into Foreman's Smart Proxy for running Dynflow actions on the Smart Proxy. Issues addressed include a bypass vulnerability.
dc969721365125f8cc4368ed1b63a5a8Red Hat Security Advisory 2018-2731-01 - The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. The spice-gtk packages provide a GIMP Toolkit widget for Simple Protocol for Independent Computing Environments clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. Issues addressed include buffer overflow and denial of service vulnerabilities.
8d40cb7f1ced83a4f4b7bd544cba91fdRed Hat Security Advisory 2018-2732-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. The spice-gtk packages provide a GIMP Toolkit widget for Simple Protocol for Independent Computing Environments clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. Issues addressed include buffer overflow and denial of service vulnerabilities.
863d33eb921de55d54e521471f3d6064Ubuntu Security Notice 3770-2 - USN-3770-1 fixed a vulnerability in Little CMS. This update provides the corresponding update for Ubuntu 12.04 ESM. Pedro Ribeiro discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
325321d49491ad9b4d32bd15c2e01c94Red Hat Security Advisory 2018-2729-01 - Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service cloud running on commonly available physical hardware. Issues addressed include an insecure download vulnerability.
04f466800f64d37b9be1ae64b9719964Ubuntu Security Notice 3770-1 - Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Quang Nguyen discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
c76a071756a5e9c15fff292477ecef48Ubuntu Security Notice 3769-1 - It was discovered that Bind incorrectly handled the deny-answer-aliases feature. If this feature is enabled, a remote attacker could use this issue to cause Bind to crash, resulting in a denial of service.
264b44ce038373718e871ebf65478acc27 bytes small Linux/x86 egghunter (0x50905090) + sigaction() shellcode.
98c3b4f85def0478d23b5494b10248c2Ubuntu Security Notice 3766-2 - USN-3766-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.
a6da1b13303103e6972312ac2ca98410Ubuntu Security Notice 3767-2 - USN-3767-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
90c9bc38504d7257dd3e7d6c1aca7d16Ubuntu Security Notice 3768-1 - Tavis Ormandy discovered multiple security issues in Ghostscript. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service.
d71aa36db910f03a65299778962f6b01Ubuntu Security Notice 3767-1 - It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information.
af34edfe66cf46cf1905ec01f33cfcf5Debian Linux Security Advisory 4297-1 - Two vulnerabilities have been discovered in the chromium web browser. Kevin Cheung discovered an error in the WebAssembly implementation and evil1m0 discovered a URL spoofing issue.
4f8d322b2d6ea29707a0439ed5b41706Red Hat Security Advisory 2018-2721-01 - Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service cloud running on commonly available physical hardware. Issues addressed include an insecure download vulnerability.
7df2d41c8aa1c15c17827a684786bddbUbuntu Security Notice 3722-6 - USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an issue which caused dpkg-reconfigure to enter an infinite loop. This update fixes the problem. It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.
ec7521f93e9159072a1a7b2ea975f236Ubuntu Security Notice 3766-1 - It was discovered that PHP incorrectly handled restarting certain child processes when php-fpm is used. A remote attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 18.04 LTS. It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.
13f0348bda82b5ca1eba85e0d5b724d6Ubuntu Security Notice 3722-5 - USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an issue which caused dpkg-reconfigure to enter an infinite loop. This update fixes the problem. It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing certain PDF files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.
d68dff56e88be3c2285c478118e4ff054 bytes small Linux/ARM jump back shellcode + execve("/bin/sh", NULL, NULL) shellcode.
45872f193eae1e28e15f9a455e099d4bRed Hat Security Advisory 2018-2715-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include a denial of service vulnerability.
9c40cf3c9da54fd858853ff23c861a07Red Hat Security Advisory 2018-2714-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Issues addressed include a denial of service vulnerability.
0064efdffce0aa05178f808921827ea5Red Hat Security Advisory 2018-2710-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include a denial of service vulnerability.
118fe4e8851e210870df175d0c9d9aedRed Hat Security Advisory 2018-2713-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Issues addressed include denial of service and traversal vulnerabilities.
3797b81d564b8029513cab464185b869Red Hat Security Advisory 2018-2712-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP30. Issues addressed include denial of service and traversal vulnerabilities.
f77d31f8e66a2618c51fef80f516e567Debian Linux Security Advisory 4296-1 - Two vulnerabilities were discovered in mbedtls, a lightweight crypto and SSL/TLS library which could result in plain text recovery via side-channel attacks.
59293157a0f21f3228071e876b5a0988Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
5f3e62dec417873d80984702db0e07ef
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed