Twenty Year Anniversary
Showing 51 - 75 of 33,209 RSS Feed

Operating System: Linux

Diamorphine LKM Analysis
Posted Apr 18, 2018
Authored by x90c

This whitepaper provides diamorphine linux kernel rootkit analysis. Written in Korean.

tags | paper, kernel
systems | linux
MD5 | f542b2e90a44111c569a1dbf65f9d93a
Debian Security Advisory 4174-1
Posted Apr 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4174-1 - The Citrix Security Response Team discovered that corosync, a cluster engine implementation, allowed an unauthenticated user to cause a denial-of-service by application crash.

tags | advisory
systems | linux, debian
advisories | CVE-2018-1084
MD5 | 5f23ac7a5ba39628411e6ab62fdeb422
Debian Security Advisory 4173-1
Posted Apr 16, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4173-1 - Marcin Noga discovered multiple vulnerabilities in readxl, a GNU R package to read Excel files (via the integrated libxls library), which could result in the execution of arbitrary code if a malformed spreadsheet is processed.

tags | advisory, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-12110, CVE-2017-12111, CVE-2017-2896, CVE-2017-2897, CVE-2017-2919
MD5 | 8c5188ff11b94b3d16cadc20ec52e684
Ubuntu Security Notice USN-3626-1
Posted Apr 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3626-1 - It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to connect to an unintended socket. Various other issues were also addressed.

tags | advisory, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2018-6914, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
MD5 | 0e89405616a10a87ef0f84791a52f199
Ubuntu Security Notice USN-3625-1.tt
Posted Apr 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3625-1 - It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. It was discovered that Perl incorrectly loaded libraries from the current working directory. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, perl
systems | linux, ubuntu
advisories | CVE-2015-8853, CVE-2016-6185, CVE-2017-6512, CVE-2018-6797, CVE-2018-6798, CVE-2018-6913
MD5 | 73d95215fd2d3d7d29dd0162fd926131
Ubuntu Security Notice USN-3624-2
Posted Apr 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3624-2 - USN-3624-1 fixed a vulnerability in Patch. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10713, CVE-2018-1000156
MD5 | 971e4a2d00b4d3b923c13b578f6c3ce6
Gentoo Linux Security Advisory 201804-12
Posted Apr 16, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-12 - A vulnerability in Go allows remote attackers to execute arbitrary commands. Versions less than 1.10.1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2018-7187
MD5 | 0edf2beb818b1ab668513ccadfce1960
Dell EMC ViPR Controller Information Exposure
Posted Apr 13, 2018
Site emc.com

Dell EMC ViPR Controller, versions after 3.0.0.38, contain an information exposure vulnerability in the VRRP. VRRP defaults to an insecure configuration in Linux's keepalived component which sends the cluster password in plaintext through multicast. A malicious user, having access to the vCloud subnet where ViPR is deployed, could potentially sniff the password and use it to take over the cluster's virtual IP and cause a denial of service on that ViPR Controller system.

tags | advisory, denial of service
systems | linux
advisories | CVE-2018-1240
MD5 | 992df8898aa5f64ef943c973fdbfb630
Red Hat Security Advisory 2018-1119-01
Posted Apr 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1119-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 29.0.0.140. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937
MD5 | 97c46db1b7ffc040e97c629c2eacc01c
Ubuntu Security Notice USN-3621-2
Posted Apr 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3621-2 - USN-3621-1 fixed vulnerabilities in Ruby. The update caused an issue due to an incomplete patch for CVE-2018-1000074. This update reverts the problematic patch pending further investigation. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information. Various other issues were also addressed.

tags | advisory, vulnerability, ruby
systems | linux, ubuntu
advisories | CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076
MD5 | 57f2b3916aee211add479cb8a0f21e74
Red Hat Security Advisory 2018-1124-01
Posted Apr 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1124-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability.

tags | advisory, remote, arbitrary, protocol, python, bypass
systems | linux, redhat
advisories | CVE-2018-7750
MD5 | 6c29bd8920e932bf2417c581e66348d1
Red Hat Security Advisory 2018-1125-01
Posted Apr 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1125-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability.

tags | advisory, remote, arbitrary, protocol, python, bypass
systems | linux, redhat
advisories | CVE-2018-7750
MD5 | 54614beb604eb237c15e09e7ad7f4c48
Debian Security Advisory 4079-2
Posted Apr 12, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4079-2 - It was discovered that the poppler upload for the oldstable distribution (jessie), released as DSA-4079-1, did not correctly address CVE-2017-9776 and additionally caused regressions when rendering PDFs embedding JBIG2 streams. Updated packages are now available to correct this issue.

tags | advisory
systems | linux, debian
advisories | CVE-2017-9776
MD5 | 1cf02964f52e8fda0936f7708f41fea5
Gentoo Linux Security Advisory 201804-11
Posted Apr 11, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-11 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 29.0.0.140 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937
MD5 | cf461d763ae7e6fa274acb76f6287399
Red Hat Security Advisory 2018-1113-01
Posted Apr 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1113-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include denial of service and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2017-13672, CVE-2017-13673, CVE-2017-13711, CVE-2017-15119, CVE-2017-15124
MD5 | c300608a8729d3c8130912610b679dc1
Red Hat Security Advisory 2018-1112-01
Posted Apr 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1112-01 - Sensu is a monitoring framework that aims to be simple, malleable, and scalable. Issues addressed include information disclosure.

tags | advisory, info disclosure
systems | linux, redhat
advisories | CVE-2018-1000060
MD5 | 7ac2421fb7cc0e67349758e616c2c340
Debian Security Advisory 4169-1
Posted Apr 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4169-1 - Cedric Buissart from Red Hat discovered an information disclosure bug in pcs, a pacemaker command line interface and GUI. The REST interface normally doesn't allow passing --debug parameter to prevent information leak, but the check wasn't sufficient.

tags | advisory, info disclosure
systems | linux, redhat, debian
advisories | CVE-2018-1086
MD5 | 51bfa5aecaaa4de3522694251000932d
Red Hat Security Advisory 2018-1104-01
Posted Apr 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1104-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. The following packages have been upgraded to a later upstream version: qemu-kvm-rhev. Issues addressed include buffer overflow, denial of service, randomization, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2017-13672, CVE-2017-13673, CVE-2017-13711, CVE-2017-15118, CVE-2017-15119, CVE-2017-15124, CVE-2017-15268, CVE-2018-5683
MD5 | cb83aadca0e0b644bf1b0357f3ac4a0b
Ubuntu Security Notice USN-3624-1
Posted Apr 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3624-1 - It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. It was discovered that Patch incorrectly handled certain input validation. An attacker could possibly use this to execute arbitrary code. It was discovered that Patch incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-10713, CVE-2018-1000156, CVE-2018-6951
MD5 | 9e70bb7ed2470ea8719d2c9b41d1409e
Red Hat Security Advisory 2018-1098-01
Posted Apr 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1098-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.7.3 ESR. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-5148
MD5 | e15ae7f725c8ea07edef059ce76f700f
Red Hat Security Advisory 2018-1099-01
Posted Apr 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1099-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.7.3 ESR. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-5148
MD5 | efd7f9efd1d24c1fb7653eab5d1c9cba
Red Hat Security Advisory 2018-1072-01
Posted Apr 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1072-01 - The kubernetes packages provide utilities for container cluster management. Kubernetes and its dependencies will no longer be updated through the Extras channel. Instead, the Red Hat customers are advised to use Red Hat's supported Kubernetes-based products such as Red Hat OpenShift Container Platform. Components impacted by this change include the following deprecated Kubernetes RPM packages, images, and associated documentation: RPM Packages: Issues addressed include Kubernetes support being moved.

tags | advisory
systems | linux, redhat
MD5 | 0fda47f69cf25783819656290ee5d05f
Red Hat Security Advisory 2018-1075-01
Posted Apr 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1075-01 - Ansible and its dependencies will no longer be updated through the Extras channel. Instead, the Red Hat Ansible Engine product has been made available to Red Hat Enterprise Linux subscriptions and will provide access to the official Ansible Engine channel. Customers who have previously installed Ansible and its dependencies from the Extras channel are advised to enable and update from the Ansible Engine channel, or uninstall the packages as future errata will not be provided from the Extras channel. Ansible was previously provided in Extras as a runtime dependency of, and limited in support to, the Red Hat Enterprise Linux System Roles. Ansible Engine is available today for AMD64 and Intel 64 architectures, with IBM POWER, little endian availability coming soon. Issues addressed include Ansible deprecation.

tags | advisory
systems | linux, redhat
MD5 | 0cdc4d7762475491885d00a16cf76de5
Red Hat Security Advisory 2018-1062-01
Posted Apr 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1062-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, bypass, denial of service, randomization, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2016-3672, CVE-2016-7913, CVE-2016-8633, CVE-2017-1000252, CVE-2017-1000407, CVE-2017-1000410, CVE-2017-12154, CVE-2017-12190, CVE-2017-13166, CVE-2017-14140, CVE-2017-15116, CVE-2017-15121, CVE-2017-15126, CVE-2017-15127, CVE-2017-15129, CVE-2017-15265, CVE-2017-17448, CVE-2017-17449, CVE-2017-17558, CVE-2017-18017, CVE-2017-18203, CVE-2017-7294, CVE-2017-8824, CVE-2017-9725, CVE-2018-1000004, CVE-2018-5750
MD5 | 6603183d966425b80f2cb500418638f5
Red Hat Security Advisory 2018-1058-01
Posted Apr 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1058-01 - The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Issues addressed include an out of bounds write.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-5146
MD5 | 5569df2cf6bfce4eaa3ec59a2152358a
Page 3 of 1,329
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    2 Files
  • 23
    Apr 23rd
    17 Files
  • 24
    Apr 24th
    24 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close