Ubuntu Security Notice 3358-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
e382e603da4aed5892b8ad16c64fa4a4Red Hat Security Advisory 2017-1793-01 - Graphite2 is a project within SIL's Non-Roman Script Initiative and Language Software Development groups to provide rendering capabilities for complex non-Roman writing systems. Graphite can be used to create "smart fonts" capable of displaying writing systems with various complex behaviors. With respect to the Text Encoding Model, Graphite handles the "Rendering" aspect of writing system implementation. The following packages have been upgraded to a newer upstream version: graphite2. Multiple security issues have been addressed.
4822b464ddf29f50a5fb05360d0cbf68Apple Security Advisory 2017-07-19-2 - macOS 10.12.6 is now available and addresses code execution, memory corruption, and various other vulnerabilities.
ab1fccb72cc38d3e81f21dd4540e1ae3Apple Security Advisory 2017-07-19-1 - iOS 10.3.3 is now available and addresses code execution, memory corruption, and various other vulnerabilities.
8c0895fdc3becd88ea61b4c102a0c59bApple Security Advisory 2017-07-19-3 - watchOS 3.2.2 is now available and addresses buffer overflow, memory corruption, and various other vulnerabilities.
ec5cc4db1b6bbf46b6628e302c5f538aRed Hat Security Advisory 2017-1789-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.
90fc7883aa9067bf9f49ed06e8ab701cUbuntu Security Notice 3357-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.57 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 17.04 have been updated to MySQL 5.7.19. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
0aae1db12539600bd75b491e73b14d01Red Hat Security Advisory 2017-1790-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 141. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
37519fdd6b3d13b38bbfcdb906a26668Red Hat Security Advisory 2017-1791-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 151. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
4682419af3fce97dc8cb9fee340bdd86Red Hat Security Advisory 2017-1792-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 161. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
631eef9814b47bcc6675d40fa8cc567dJoomla JoomRecipe component version 1.0.4 suffers from a remote SQL injection vulnerability in search_author.
8e221f04a1069e35f5027530227e087b104 bytes small Linux x86_64 reverse shell shellcode that binds to 192.168.1.8:4444.
dea72eb758bb16a4a24244f3de24f780Sonicwall Secure Remote Access (SRA) version 8.1.0.2-14sv suffers from a remote command injection vulnerability.
3e9b87e20111ec904389983baa4b9646Red Hat Security Advisory 2017-1787-01 - collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files. Because the daemon does not start up each time it updates files, it has a low system footprint. The following packages have been upgraded to a later upstream version: collectd. Security Fix: collectd contains an infinite loop due to how the parse_packet() and parse_part_sign_sha256() functions interact. If an instance of collectd is configured with "SecurityLevel None" and empty "AuthFile" options, an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of service.
4d3bb0a8e2364a7904cc7d4aef7bacc6Ubuntu Security Notice 3356-2 - USN-3356-1 fix a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that Expat incorrectly handled certain external A entities. A remote attacker could possibly use this issue to cause A Expat to hang, resulting in a denial of service. Various other issues were also addressed.
defc3a37143ef73163722d9af3b69529Ubuntu Security Notice 3356-1 - It was discovered that Expat incorrectly handled certain external entities. A remote attacker could possibly use this issue to cause Expat to hang, resulting in a denial of service.
c3ce5df50a741dfe4e6b0991d01ed1f5Ubuntu Security Notice 3355-1 - Frediano Ziglio discovered that Spice incorrectly handled certain invalid monitor configurations. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.
b2fe1779bf56d12df6827bde9585ed5fUbuntu Security Notice 3212-3 - USN-3212-1 and USN-3212-2 fixed a vulnerability in LibTIFF. This update provides a subset of corresponding update for Ubuntu 12.04 ESM. A It was discovered that LibTIFF incorrectly handled certain malformed A images. If a user or automated system were tricked into opening a A specially crafted image, a remote attacker could crash the A application, leading to a denial of service, or possibly execute A arbitrary code with user privileges. Various other issues were also addressed.
67e2591ccaa87a47c374822f1bc3b660Ubuntu Security Notice 3307-2 - USN-3307-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for ubuntu 12.04 ESM. A Karsten Heymann discovered that OpenLDAP incorrectly handled certain A search requests. A remote attacker could use this issue to cause slapd A to crash, resulting in a denial of service. Various other issues were also addressed.
65a74670ba8afce1cf5caf902adf4fd4WordPress Task Manager Pro version 1.31 suffers from multiple cross site scripting vulnerabilities.
277685ee784f659f986136cf25ef9665Citrix CloudBridge suffers from a CAKEPHP pre-authentication remote root cookie command injection vulnerability.
c2ccb69375ec5cc51c43f5d8342cbe14Sonicwall version 8.1.0.2-14sv importlogo/sitecustomization remote command execution exploit.
f4bad59c7c3ffd31bf7c765213c2fc43Citrix SD-WAN version 9.1.2.26.561201 logout cookie pre-authentication remote command injection exploit.
ef406c56f17330fc66b94fbd4fbe376aSonicwall SRA version 8.1.0.2-14sv gencsr.cgi remote command injection exploit.
1b8a31b46825c7465b2937b76b39b411Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
bb81d0ecf3a8ed46bedfaeae6fd318a8
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed