Twenty Year Anniversary
Showing 101 - 125 of 33,448 RSS Feed

Operating System: Linux

Red Hat Security Advisory 2018-1459-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1459-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-1111
MD5 | ddc1b5df1f4da9a60134ffad646d7e6c
Red Hat Security Advisory 2018-1458-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1458-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-1111
MD5 | 7fc10696c6a62255020c6c9d5e1b0ac9
Red Hat Security Advisory 2018-1457-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1457-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-1111
MD5 | 9dae688aa93855c17d8ef7859a581624
Red Hat Security Advisory 2018-1454-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1454-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-1111
MD5 | 224ccb34059458ee3f0826d362d9813b
Red Hat Security Advisory 2018-1463-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1463-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP10. Issues addressed include insecure handling, randomization, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2018-1417, CVE-2018-2579, CVE-2018-2581, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2627, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2638, CVE-2018-2639, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678
MD5 | d564ca176d83bac59993b789f3f5d1dd
Red Hat Security Advisory 2018-1456-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1456-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-1111
MD5 | 0be4f67ecea476de21d517a83626a8bf
Red Hat Security Advisory 2018-1449-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1449-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-4978, CVE-2017-15095, CVE-2017-17485, CVE-2017-3163, CVE-2017-7525, CVE-2018-1304, CVE-2018-7489, CVE-2018-8088
MD5 | d5bb8747d4963a9701bc9fea6846f0d9
Red Hat Security Advisory 2018-1461-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1461-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a command injection vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-1111
MD5 | 2969289544e81cb39ebc61cf26e1d5ed
Red Hat Security Advisory 2018-1380-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1380-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include an ns-slapd crash vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-1089
MD5 | 2e17f9e06dc7fc0a626d23d73c8aafa4
Red Hat Security Advisory 2018-1460-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1460-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a command injection vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-1111
MD5 | 6199804f1c324aee922dc4bb8973ec2a
Red Hat Security Advisory 2018-1447-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1447-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-4978, CVE-2017-15095, CVE-2017-17485, CVE-2017-3163, CVE-2018-1304, CVE-2018-7489, CVE-2018-8088
MD5 | d37c865055b7dd8040b85ffd00a62245
Red Hat Security Advisory 2018-1451-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1451-01 - The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19. Issues addressed include code execution and traversal vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-4978, CVE-2017-15095, CVE-2017-17485, CVE-2017-3163, CVE-2018-1304, CVE-2018-7489, CVE-2018-8088
MD5 | b4e07cd6ac11bfc12b0a9880e1b8381d
Ubuntu Security Notice USN-3600-2
Posted May 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3600-2 - USN-3600-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting attacks. Various other issues were also addressed.

tags | advisory, remote, php, xss
systems | linux, ubuntu
advisories | CVE-2018-5712, CVE-2018-7584
MD5 | 79bbde3d1fefb3d77b138ef00b9b7370
Red Hat Security Advisory 2018-1416-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1416-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-7858
MD5 | 2ed1e99b749114d3666c1b9ad94f23a1
Red Hat Security Advisory 2018-1396-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1396-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a resource exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1064, CVE-2018-5748
MD5 | bec78f18dfcb85da0e29ad788906bc5d
Red Hat Security Advisory 2018-1453-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1453-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a command injection vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-1111
MD5 | e8675c749fd455a6e1d3a2717166b22e
Red Hat Security Advisory 2018-1450-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1450-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-4978, CVE-2017-15095, CVE-2017-17485, CVE-2017-3163, CVE-2017-7525, CVE-2018-1304, CVE-2018-7489, CVE-2018-8088
MD5 | ca717b364a62b6d3779e6d65af3a3bce
Red Hat Security Advisory 2018-1414-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1414-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.8.0 ESR. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, CVE-2018-5183
MD5 | b3aa86111adf63a7c2fae43dc3437fb8
Gentoo Linux Security Advisory 201805-05
Posted May 15, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201805-5 - A vulnerability has been found in mpv that may allow a remote attacker to execute arbitrary code. Versions less than 0.27.2 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2018-6360
MD5 | df63356afa2249fe791f1156a0444959
Debian Security Advisory 4200-1
Posted May 15, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4200-1 - Fabian Vogt discovered that incorrect permission handling in the PAM module of the KDE Wallet could allow an unprivileged local user to gain ownership of arbitrary files.

tags | advisory, arbitrary, local
systems | linux, debian
advisories | CVE-2018-10380
MD5 | 5da48d16fafc9c8d14d4113a50ee4dbe
Linux/x86 Reverse TCP Shell Shellcode
Posted May 15, 2018
Authored by Paolo Perego

96 bytes small Linux/x86 reverse TCP shell shellcode that connects to 127.0.0.1:4444.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 595d776824a93f7666b99a23897c290e
Ubuntu Security Notice USN-3646-1
Posted May 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3646-1 - It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain sensitive information from another user's PHP applications. It was discovered that the PHP iconv stream filter incorrect handled certain invalid multibyte sequences. A remote attacker could possibly use this issue to cause PHP to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, local, php
systems | linux, ubuntu
advisories | CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549
MD5 | 671fb2061c1fff15655f741886b1e10a
Libuser roothelper Privilege Escalation
Posted May 13, 2018
Authored by Brendan Coles, Qualys Security Advisory | Site metasploit.com

This Metasploit module attempts to gain root privileges on Red Hat based Linux systems, including RHEL, Fedora and CentOS, by exploiting a newline injection vulnerability in libuser and userhelper versions prior to 0.56.13-8 and version 0.60 before 0.60-7. This Metasploit module makes use of the roothelper.c exploit from Qualys to insert a new user with UID=0 in /etc/passwd. Note, the password for the current user is required by userhelper. Note, on some systems, such as Fedora 11, the user entry for the current user in /etc/passwd will become corrupted and exploitation will fail. This Metasploit module has been tested successfully on libuser packaged versions 0.56.13-4.el6 on CentOS 6.0 (x86_64); 0.56.13-5.el6 on CentOS 6.5 (x86_64); 0.60-5.el7 on CentOS 7.1-1503 (x86_64); 0.56.16-1.fc13 on Fedora 13 (i686); 0.59-1.fc19 on Fedora Desktop 19 (x86_64); 0.60-3.fc20 on Fedora Desktop 20 (x86_64); 0.60-6.fc21 on Fedora Desktop 21 (x86_64); 0.60-6.fc22 on Fedora Desktop 22 (x86_64); 0.56.13-5.el6 on Red Hat 6.6 (x86_64); and 0.60-5.el7 on Red Hat 7.0 (x86_64). RHEL 5 is vulnerable, however the installed version of glibc (2.5) is missing various functions required by roothelper.c.

tags | exploit, root
systems | linux, redhat, fedora, centos
advisories | CVE-2015-3245, CVE-2015-3246
MD5 | 29f14e9f5067bd0c43af11f1008beb02
Ubuntu Security Notice USN-3645-1
Posted May 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3645-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, bypass same-origin restrictions, conduct cross-site scripting attacks, install lightweight themes without user interaction, spoof the filename in the downloads panel, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, xss
systems | linux, ubuntu
advisories | CVE-2018-5150, CVE-2018-5151, CVE-2018-5152, CVE-2018-5153, CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5160, CVE-2018-5163, CVE-2018-5164, CVE-2018-5166, CVE-2018-5167, CVE-2018-5168, CVE-2018-5169, CVE-2018-5172, CVE-2018-5173, CVE-2018-5175, CVE-2018-5176, CVE-2018-5177, CVE-2018-5180, CVE-2018-5181, CVE-2018-5182
MD5 | ab18b8ec6d4a0b241a776a0d65c936dd
Ubuntu Security Notice USN-3644-1
Posted May 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3644-1 - It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi discovered that the Security component of OpenJDK did not restrict which classes could be used when deserializing keys from the JCEKS key stores. An attacker could use this to specially craft a JCEKS key store to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-2783, CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2800, CVE-2018-2814, CVE-2018-2815
MD5 | a3a7f94cde9ab4dab85a02d70c58b553
Page 5 of 1,338
Back34567Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    7 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    40 Files
  • 23
    May 23rd
    61 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close