Red Hat Security Advisory 2018-1191-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.
3cd3bc9fcfa92b962f6a92478cf0edfdRed Hat Security Advisory 2018-1188-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.
f9764bd5c107b479ad068a874853b922Ubuntu Security Notice 3628-2 - USN-3628-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys. Various other issues were also addressed.
d51441eb31e08b9b0e00243556d85ee3Ubuntu Security Notice 3628-1 - Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys.
ec6bd6ddad8ba2e58ccda93ef6aa7898Ubuntu Security Notice 3627-1 - Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server mod_authnz_ldap module incorrectly handled missing charset encoding headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Elar Lang discovered that the Apache HTTP Server incorrectly handled certain characters specified in <FilesMatch>. A remote attacker could possibly use this issue to upload certain files, contrary to expectations. Various other issues were also addressed.
e5a14b1abfb9798d648d23b33ff3cbf992 bytes small Linux x86 tcp/1337 bindshell shellcode.
ff78686f2571f1c5269ce33e66a58c85Slackware Security Advisory - New gd packages are available for Slackware 14.2 and -current to fix security issues.
f906e2806ad6a3fec00ca1a8785fcc70Red Hat Security Advisory 2018-1136-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include a privilege escalation vulnerability.
4df7a95d1309059367a016d9bdb4bd08Red Hat Security Advisory 2018-1137-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include a privilege escalation vulnerability.
189b4c3c0ac4e28623b21e91da859e99Ubuntu Security Notice 3625-2 - USN-3625-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. Various other issues were also addressed.
d4a5fd0410568b65575aca4ff4090d65Gentoo Linux Security Advisory 201804-15 - A vulnerability has been found in Evince which may allow for arbitrary command execution. Versions less than 3.24.2-r1 are affected.
f4849138686e80d18054720e09bd265fGentoo Linux Security Advisory 201804-14 - A vulnerability has been found in GDK-PixBuf that may allow a remote attacker to execute arbitrary code. Versions less than 2.36.11 are affected.
12b164a736c8175bbc176525b0cc91deGentoo Linux Security Advisory 201804-13 - Multiple vulnerabilities have been found in ncurses, the worst of which allows remote attackers to execute arbitrary code. Versions less than 6.1:0 are affected.
097b2e0569db9b85784f2eaea36519c1Ubuntu Security Notice 3611-2 - USN-3611-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that OpenSSL incorrectly parsed the IPAddressFamily extension in X.509 certificates, resulting in an erroneous display of the certificate in text format. Various other issues were also addressed.
5a55dc784c346e2d2354003510ee74ebRed Hat Security Advisory 2018-1130-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
7b02f5bfa1da938b42ff2a68dff05bd1Red Hat Security Advisory 2018-1169-01 - The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Issues addressed include an integer overflow vulnerability.
526f77be2de1cc0a0cc6e1e9db6e4adeRed Hat Security Advisory 2018-1129-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a speculative execution vulnerability.
9a6aa1fde038cd512fad8ce0a39090bcRed Hat Security Advisory 2018-1170-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
4edffb5a052fe2901cccfe63aaa4b587This whitepaper provides diamorphine linux kernel rootkit analysis. Written in Korean.
f542b2e90a44111c569a1dbf65f9d93aDebian Linux Security Advisory 4174-1 - The Citrix Security Response Team discovered that corosync, a cluster engine implementation, allowed an unauthenticated user to cause a denial-of-service by application crash.
5f23ac7a5ba39628411e6ab62fdeb422Debian Linux Security Advisory 4173-1 - Marcin Noga discovered multiple vulnerabilities in readxl, a GNU R package to read Excel files (via the integrated libxls library), which could result in the execution of arbitrary code if a malformed spreadsheet is processed.
8c5188ff11b94b3d16cadc20ec52e684Ubuntu Security Notice 3626-1 - It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to connect to an unintended socket. Various other issues were also addressed.
0e89405616a10a87ef0f84791a52f199Ubuntu Security Notice 3625-1 - It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. It was discovered that Perl incorrectly loaded libraries from the current working directory. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
73d95215fd2d3d7d29dd0162fd926131Ubuntu Security Notice 3624-2 - USN-3624-1 fixed a vulnerability in Patch. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
971e4a2d00b4d3b923c13b578f6c3ce6Gentoo Linux Security Advisory 201804-12 - A vulnerability in Go allows remote attackers to execute arbitrary commands. Versions less than 1.10.1 are affected.
0edf2beb818b1ab668513ccadfce1960
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed