Ubuntu Security Notice 3839-1 - It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service.
9dd19ae9d5f0ec8149e54753e0e9a4c8Red Hat Security Advisory 2018-3795-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.101. Issues addressed include a code execution vulnerability.
6e3a3fac6366ffa19eedfa204a8f0343Slackware Security Advisory - New gnutls packages are available for Slackware 14.2 and -current to fix security issues.
01e9b9cd0c05ba097d1bf46dd2246d79Slackware Security Advisory - New nettle packages are available for Slackware 14.2 and -current to fix security issues.
3ed448cdcb42bd0e19b7fc164b1f282bUbuntu Security Notice 3838-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
879b86e3856df5f621b8482aaf06a069Red Hat Security Advisory 2018-3792-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include a denial of service vulnerability.
bd2becbb4d4eabd762e5d7a44ad33dfdUbuntu Security Notice 3811-3 - USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
99e9b14016913915026a9427dfc058dcRed Hat Security Advisory 2018-3779-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP35. Issues addressed include a denial of service vulnerability.
3ae8d6880d9cfc2a5f93fbc96612530eRed Hat Security Advisory 2018-3773-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.
51782eb421e92229ef9253f4a7fe3721Red Hat Security Advisory 2018-3771-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.
4bd45694c8a8b395b599b9ceadd19b98Red Hat Security Advisory 2018-3770-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.
9bc4b914b4ad03ea6b8a77f27a824435Red Hat Security Advisory 2018-3772-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.
24ee55b13e8e98e382761f9e6f5a057dRed Hat Security Advisory 2018-3768-01 - Red Hat Fuse enables integration experts, application developers, and business users to collaborate and independently develop connected solutions. Fuse is part of an agile integration solution. Its distributed approach allows teams to deploy integrated services where required. The API-centric, container-based architecture decouples services so they can be created, extended, and deployed independently. This release of Red Hat Fuse 7.2 serves as a replacement for Red Hat Fuse 7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, and traversal vulnerabilities.
6379aa8994b8c9b0a411a17b70ade8a9Ubuntu Security Notice 3837-1 - It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
d22352b2bc2d2c1ebea0af26203d65abUbuntu Security Notice 3836-2 - USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. Various other issues were also addressed.
40f74c61b11b342e43d24c42da24a458Slackware Security Advisory - New mozilla-nss packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
2a4a4004fac372faa324e2b8686af6eb119 bytes small Linux/x64 reverse (0.0.0.0:1907/TCP) shell shellcode.
a1db6d316aa892b3b81d8165639238c061 bytes small Linux/x86 /usr/bin/head -n99 cat etc/passwd shellcode.
2fbbef5bdb2a35867aacd529a1fda03cRed Hat Security Advisory 2018-3761-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include an incomplete fix for CVE-2018-16509.
fab247575af157a9aa42cb53ef3cd5b0Red Hat Security Advisory 2018-3760-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include a bypass vulnerability.
aae7b665d40c5fe9ba0152475b374da5Ubuntu Security Notice 3836-1 - Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
158521f793a16089323ee0be9c6ad5ceUbuntu Security Notice 3835-1 - Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. Jann Horn discovered that the mremap system call in the Linux kernel did not properly flush the TLB when completing, potentially leaving access to a physical page after it has been released to the page allocator. A local attacker could use this to cause a denial of service , expose sensitive information, or possibly execute arbitrary code. Various other issues were also addressed.
797f806913c130a0d4051adda370818dRed Hat Security Advisory 2018-3624-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.
d8cacd00608392517463a2b5796b01bcRed Hat Security Advisory 2018-3551-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.
544ce2dcaae8039f64c06b3be829c010Red Hat Security Advisory 2018-3598-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.
ff0c7b2aa1b6d5ae721b35a28f7fff39
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed