exploit the possibilities
Showing 51 - 75 of 34,754 RSS Feed

Operating System: Linux

Slackware Security Advisory - curl Updates
Posted Feb 7, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-16890, CVE-2019-3822, CVE-2019-3823
MD5 | 94a3f99ebf000e845519b576af5096b3
Debian Security Advisory 4386-1
Posted Feb 7, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4386-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-16890, CVE-2019-3822, CVE-2019-3823
MD5 | 0b5291ca75b37da8828dd930b9951035
Ubuntu Security Notice USN-3883-1
Posted Feb 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3883-1 - It was discovered that LibreOffice incorrectly handled certain document files. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. It was discovered that LibreOffice incorrectly handled embedded SMB connections in document files. If a user were tricked in to opening a specially crafted document, a remote attacker could possibly exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10119, CVE-2018-10583, CVE-2018-16858
MD5 | 3a1aa43861dde35ad0fb4173c374375b
Ubuntu Security Notice USN-3882-1
Posted Feb 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3882-1 - Wenxiang Qian discovered that curl incorrectly handled certain NTLM authentication messages. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. Wenxiang Qian discovered that curl incorrectly handled certain NTLMv2 authentication messages. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-16890, CVE-2019-3822, CVE-2019-3823
MD5 | 0f925b1c5398dda61353888f8f8f00b0
Debian Security Advisory 4385-1
Posted Feb 6, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4385-1 - halfdog discovered an authentication bypass vulnerability in the Dovecot email server. Under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. If there is no additional password verification, this allows the attacker to login as anyone else in the system. Only installations using.

tags | advisory, bypass
systems | linux, debian
advisories | CVE-2019-3814
MD5 | 59f2eb21224b4ade9f55a314275c3509
Ubuntu Security Notice USN-3881-2
Posted Feb 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3881-2 - USN-3881-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Dovecot incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-3814
MD5 | 9d23ce1274d573e9d037153a6f17b56b
Linux/x86 Random Insertion Encoder / Decoder Shellcode Generator
Posted Feb 6, 2019
Authored by Aditya Chaudhary

Linux/x86 random insertion encoder and decoder shellcode generator.

tags | x86, shellcode
systems | linux
MD5 | 427e3657cccf1dbed731545609284bc7
Ubuntu Security Notice USN-3881-1
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3881-1 - It was discovered that Dovecot incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-3814
MD5 | a7b034214697ad1cd15b379ec5191896
Red Hat Security Advisory 2019-0275-01
Posted Feb 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0275-01 - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Issues addressed include a crash condition.

tags | advisory, web, tcp
systems | linux, redhat
advisories | CVE-2018-20615
MD5 | b1f23ecb1e474d5a9bce8d47f5d0672a
Debian Security Advisory 4384-1
Posted Feb 5, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4384-1 - Multiple vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2019-6977, CVE-2019-6978
MD5 | 2d023cb3c984583f2c891fe07f43d4ac
Ubuntu Security Notice USN-3880-2
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3880-2 - USN-3880-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the CIFS client implementation in the Linux kernel did not properly handle setup negotiation during session recovery, leading to a NULL pointer exception. An attacker could use this to create a malicious CIFS server that caused a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-1066, CVE-2018-17972, CVE-2018-18281, CVE-2018-9568
MD5 | 487a306925c7e670db035236bdf205f4
Ubuntu Security Notice USN-3880-1
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3880-1 - It was discovered that the CIFS client implementation in the Linux kernel did not properly handle setup negotiation during session recovery, leading to a NULL pointer exception. An attacker could use this to create a malicious CIFS server that caused a denial of service. Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-1066, CVE-2018-17972, CVE-2018-18281, CVE-2018-9568
MD5 | 2df3c39651f380c1654b491a60d6c979
Ubuntu Security Notice USN-3871-3
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3871-3 - Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2018-10876, CVE-2018-10877, CVE-2018-10880, CVE-2018-10883, CVE-2018-14625, CVE-2018-16882, CVE-2018-17972, CVE-2018-18281, CVE-2018-19407, CVE-2018-9516
MD5 | a61ce6346050754f5ddbc713c1f79084
Ubuntu Security Notice USN-3879-1
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3879-1 - Wen Xu discovered that the ext4 file system implementation in the Linux kernel could possibly perform an out of bounds write when updating the journal for an inline file. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. Vasily Averin and Pavel Tikhomirov discovered that the cleancache subsystem of the Linux kernel did not properly initialize new files in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-10883, CVE-2018-16862, CVE-2018-19407, CVE-2018-19824, CVE-2018-20169
MD5 | de715ed77a7448afa809105bbb07f753
Ubuntu Security Notice USN-3878-1
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3878-1 - It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information. Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use. A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-14625, CVE-2018-16882, CVE-2018-19407, CVE-2018-19854
MD5 | 9e099e4ba51ada496ad8b339ee89b49c
Ubuntu Security Notice USN-3879-2
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3879-2 - USN-3879-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 file system implementation in the Linux kernel could possibly perform an out of bounds write when updating the journal for an inline file. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-10883, CVE-2018-16862, CVE-2018-19407, CVE-2018-19824, CVE-2018-20169
MD5 | 7d67540e48e386ac0d76ffd1bd9f7fbe
Ubuntu Security Notice USN-3871-4
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3871-4 - USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-10876, CVE-2018-10877, CVE-2018-10880, CVE-2018-10883, CVE-2018-14625, CVE-2018-16882, CVE-2018-17972, CVE-2018-18281, CVE-2018-19407, CVE-2018-9516
MD5 | 36d11c033b19812d05a44d2b48c6688b
Red Hat Security Advisory 2019-0271-01
Posted Feb 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0271-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a stack overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-16864, CVE-2018-16865
MD5 | 96952e7cdd8c6e92bb91ee62f435fec3
Red Hat Security Advisory 2019-0269-01
Posted Feb 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0269-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.5.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-5824, CVE-2018-18500, CVE-2018-18501, CVE-2018-18505
MD5 | fb0591a288299e5fe49a0f2cb20bd792
Red Hat Security Advisory 2019-0270-01
Posted Feb 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0270-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.5.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-5824, CVE-2018-18500, CVE-2018-18501, CVE-2018-18505
MD5 | 52955d8be1e3d2573ca2ef7347d4c5d6
Red Hat Security Advisory 2019-0265-01
Posted Feb 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0265-01 - Red Hat Gluster Storage Web Administration includes a fully automated setup based on Ansible and provides deep metrics and insights into active Gluster storage pools by using the Grafana platform. Red Hat Gluster Storage WebAdministration provides a dashboard view which allows an administrator to get a view of overall gluster health in terms of hosts, volumes, bricks, and other components of GlusterFS. Issues addressed include open redirection and other vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2018-14574, CVE-2018-7536, CVE-2018-7537
MD5 | 4365e7d5957ed74698d42c4ed284dda8
Debian Security Advisory 4383-1
Posted Feb 5, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4383-1 - Pavel Cheremushkin discovered several vulnerabilities in libvncserver, a library to implement VNC server/client functionalities, which might result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2018-15126, CVE-2018-15127, CVE-2018-20019, CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024, CVE-2018-6307
MD5 | 9d556a5a042cb152144c37fd812f564d
Debian Security Advisory 4381-1
Posted Feb 4, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4381-1 - Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document.

tags | advisory, python
systems | linux, debian
advisories | CVE-2018-16858
MD5 | cd27f5c0884a811bf6e1677e8b6deb15
Debian Security Advisory 4382-1
Posted Feb 4, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4382-1 - Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the rsync support could result in the bypass of this restriction, allowing the execution of arbitrary shell commands.

tags | advisory, arbitrary, shell, vulnerability
systems | linux, debian
advisories | CVE-2019-3463, CVE-2019-3464
MD5 | c712f853c846c1437ca257c7fcd7a563
Slackware Security Advisory - mariadb Updates
Posted Feb 4, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mariadb packages are available for Slackware 14.1 and 14.2 to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-2529, CVE-2019-2537
MD5 | 8494b6e5870b54c828b503fd02261fe5
Page 3 of 1,391
Back12345Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    32 Files
  • 20
    Feb 20th
    15 Files
  • 21
    Feb 21st
    17 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close