Exploit the possiblities
Showing 26 - 50 of 6,276 RSS Feed

Operating System: RedHat

Red Hat Security Advisory 2018-0242-01
Posted Jan 31, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0242-01 - Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Security Fix: An erlang TLS server configured with cipher suites using RSA key exchange, may be vulnerable to an Adaptive Chosen Ciphertext attack against RSA. This may result in plain-text recovery of encrypted messages and/or a man-in-the-middle attack, despite the attacker not having gained access to the serveras private key itself.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-1000385
MD5 | 511849f3080588a3367f99f428adf620
Red Hat Security Advisory 2018-0241-01
Posted Jan 31, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0241-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Security Fix: By rebuilding an instance using a new image, an authenticated user may be able to circumvent the Filter Scheduler, bypassing imposed filters.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-16239
MD5 | b46916f647649c3af4bff5a7353014c4
Red Hat Security Advisory 2018-0239-01
Posted Jan 31, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0239-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 6.2 was retired as of January 29, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.2 AMC after January 29, 2018.

tags | advisory
systems | linux, redhat
MD5 | cd15d1e1d74265849f13d36541fe9098
Red Hat Security Advisory 2018-0163-01
Posted Jan 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0163-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

tags | advisory, remote, denial of service, overflow, protocol
systems | linux, redhat
advisories | CVE-2017-15134
MD5 | 8418d8af2e9ff0e3d913df790db33c1c
Red Hat Security Advisory 2018-0152-01
Posted Jan 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0152-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the ->update key type method must be aware that the error code may be there.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2015-8539, CVE-2017-15649, CVE-2017-7472
MD5 | 7ea7c52ac4b3e69c0c6b30b1a1ecc618
Red Hat Security Advisory 2018-0169-01
Posted Jan 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0169-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function. The IPv6 fragmentation implementation in the Linux kernel does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted socket and send system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2017-11176, CVE-2017-7542, CVE-2017-9074
MD5 | 9bb71d7fb0b138765d55e9fb093e9a9a
Red Hat Security Advisory 2018-0151-01
Posted Jan 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0151-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2015-8539, CVE-2017-12192, CVE-2017-12193, CVE-2017-15649, CVE-2017-7472
MD5 | 63358454c05371266a1bc969d13515ca
Red Hat Security Advisory 2018-0180-01
Posted Jan 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0180-01 - The kernel-alt packages provide the Linux kernel version 4.x. Security Fix: A flaw was found in the patches used to fix the 'dirtycow' vulnerability. An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2017-1000405
MD5 | 183909bb5d69472d7a91079d8bd18614
Red Hat Security Advisory 2018-0223-01
Posted Jan 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0223-01 - Nautilus is the file manager and graphical shell for the GNOME desktop. Security Fix: An untrusted .desktop file with executable permission set could choose its displayed name and icon, and execute commands without warning when opened by the user. An attacker could use this flaw to trick a user into opening a .desktop file disguised as a document, such as a PDF, and execute arbitrary commands. Note: This update will change the behavior of Nautilus. Nautilus will now prompt the user for confirmation when executing an untrusted .desktop file for the first time, and then add it to the trusted file list. Desktop files stored in the system directory, as specified by the XDG_DATA_DIRS environment variable, are always considered trusted and executed without prompt.

tags | advisory, arbitrary, shell
systems | linux, redhat
advisories | CVE-2017-14604
MD5 | f0e110126554a5d70a7a6de9496a29e7
Red Hat Security Advisory 2018-0182-01
Posted Jan 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0182-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty.

tags | advisory, kernel
systems | linux, redhat
MD5 | d7b164fce4c5ff5146ed62ff8950ca59
Red Hat Security Advisory 2018-0181-01
Posted Jan 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0181-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the ->update key type method must be aware that the error code may be there.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2015-8539, CVE-2017-15649, CVE-2017-7472
MD5 | ceddb62691f1c5db1132685413f4438b
Red Hat Security Advisory 2018-0158-01
Posted Jan 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0158-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix: It was found that the DHCP daemon did not properly clean up closed OMAPI connections in certain cases. A remote attacker able to connect to the OMAPI port could use this flaw to exhaust file descriptors in the DHCP daemon, leading to a denial of service in the OMAPI functionality.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3144
MD5 | 7bc58175b0d2395984687e07e005b5e5
Red Hat Security Advisory 2018-0122-01
Posted Jan 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0122-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.6.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2018-5089, CVE-2018-5091, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5117
MD5 | 5035d13797b2d7eed962a6629407db7d
Red Hat Security Advisory 2018-0116-01
Posted Jan 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0116-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2017-17485
MD5 | 2c86e4b49aa7cc78ff937df403b88f5f
Red Hat Security Advisory 2018-0115-01
Posted Jan 23, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0115-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 181. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2018-2579, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678
MD5 | d9a48d32f8927751a9b417478d907c20
Red Hat Security Advisory 2018-0108-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0108-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
MD5 | 7e67c203cf6902f99b670fcdc6aab157
Red Hat Security Advisory 2018-0104-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0104-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
MD5 | 44d80b85853eaaf52a7278d956489fc0
Red Hat Security Advisory 2018-0109-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0109-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
MD5 | d3480406bf0e1471c52f660c73d3a882
Red Hat Security Advisory 2018-0110-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0110-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
MD5 | af9365013b457b0f33c9009531594af1
Red Hat Security Advisory 2018-0111-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0111-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
MD5 | c4005d7c6a0c8c98f564d9caf34160a9
Red Hat Security Advisory 2018-0112-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0112-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
MD5 | a797edb525ac72fadb3363f42c2172ec
Red Hat Security Advisory 2018-0103-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0103-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
MD5 | 495f82e396a6c8eb7173cb9829185682
Red Hat Security Advisory 2018-0105-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0105-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
MD5 | 743b5c0ecbadd413ac79dad208f6f9d8
Red Hat Security Advisory 2018-0107-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0107-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
MD5 | 03e1e46e536d66d4e34b07faa5a53410
Red Hat Security Advisory 2018-0106-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0106-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
MD5 | c0e658af210d7d0a57921331db00dadf
Page 2 of 251
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    11 Files
  • 21
    Feb 21st
    3 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close