what you don't know can hurt you
Showing 1 - 25 of 66,288 RSS Feed

Advisory Files

Ubuntu Security Notice USN-3364-3
Posted Jul 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3364-3 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2015-8944, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9150, CVE-2017-9605
MD5 | 6d424501523a4eae735e5215177c70f3
Ubuntu Security Notice USN-3365-1
Posted Jul 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3365-1 - It was discovered that Ruby DL::dlopen incorrectly handled opening libraries. An attacker could possibly use this issue to open libraries with tainted names. This issue only applied to Ubuntu 14.04 LTS. Tony Arcieri, Jeffrey Walton, and Steffan Ullrich discovered that the Ruby OpenSSL extension incorrectly handled hostname wildcard matching. This issue only applied to Ubuntu 14.04 LTS. Christian Hofstaedtler discovered that Ruby Fiddle::Handle incorrectly handled certain crafted strings. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2009-5147, CVE-2015-1855, CVE-2015-7551, CVE-2015-9096, CVE-2016-2337, CVE-2016-2339, CVE-2016-7798
MD5 | a6af5cc73212f069a7f0d48255978f2f
Red Hat Security Advisory 2017-1802-01
Posted Jul 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1802-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2017-5645, CVE-2017-5647, CVE-2017-5648, CVE-2017-5664
MD5 | 444f476818676f8d12410602ad0650ba
Red Hat Security Advisory 2017-1801-01
Posted Jul 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1801-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2017-5645, CVE-2017-5647, CVE-2017-5648, CVE-2017-5664
MD5 | 9ece8055e3774e6fdff9012183929f89
Slackware Security Advisory - tcpdump Updates
Posted Jul 25, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-11108
MD5 | f6a2dc6698f2576bcc7f6252bb1f58fb
Kernel Live Patch Security Notice LSN-0026-1
Posted Jul 25, 2017
Authored by Benjamin M. Romer

It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). Jann Horn discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel could overflow reference counters on systems with more than 32GB of physical ram and with RLIMIT_MEMLOCK set to infinite. A local unprivileged attacker could use to create a use-after- free situation, causing a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux
advisories | CVE-2016-4558, CVE-2017-1000365, CVE-2017-7374, CVE-2017-7482, CVE-2017-9150
MD5 | cf9eb0b35f581391cfa449654007aaad
WebKit JSC ObjectPatternNode::appendEntry Use-After-Free
Posted Jul 25, 2017
Authored by Google Security Research, lokihardt

WebKit JSC suffers from an ObjectPatternNode::appendEntry stack use-after-free.

tags | advisory
MD5 | 312ee9e952cc9b3ae2170307e103b4cc
Debian Security Advisory 3917-1
Posted Jul 24, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3917-1 - A heap-based buffer underflow flaw was discovered in catdoc, a text extractor for MS-Office files, which may lead to denial of service (application crash) or have unspecified other impact, if a specially crafted file is processed.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2017-11110
MD5 | f6daccf3faca48cbfae94615ba30b127
Slackware Security Advisory - seamonkey Updates
Posted Jul 24, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | d6dec7b36504ddf972f32cd455361c62
HP Security Bulletin HPESBHF03745 3
Posted Jul 24, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03745 3 - Potential security vulnerabilities have been identified in HPE Intelligent Management Center (iMC) PLAT. The vulnerabilities could be exploited remotely to allow execution of code. Revision 3 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2017-5816, CVE-2017-5817, CVE-2017-5818, CVE-2017-5819, CVE-2017-8956
MD5 | 87731dec93666597b2762715ea0d2749
Ubuntu Security Notice USN-3364-2
Posted Jul 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3364-2 - USN-3364-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2015-8944, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9150, CVE-2017-9605
MD5 | 8cc7102ebe0dfa9c4cdc3ad1e61b6e7d
Ubuntu Security Notice USN-3364-1
Posted Jul 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3364-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2015-8944, CVE-2017-1000380, CVE-2017-7346, CVE-2017-9150, CVE-2017-9605
MD5 | 9b8186309d84493ebc44898641dc9bf4
Ubuntu Security Notice USN-3357-2
Posted Jul 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3357-2 - USN-3357-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.57 in Ubuntu 12.04 ESM. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-3302, CVE-2017-3305, CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3453, CVE-2017-3456, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3600, CVE-2017-3635, CVE-2017-3636, CVE-2017-3641, CVE-2017-3648, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653
MD5 | 67caabdeb3e88fe62de471798b1f39ae
Red Hat Security Advisory 2017-1798-01
Posted Jul 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1798-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-7895
MD5 | e1a3b9c84ab42db61a77c3fa2e63860c
Ubuntu Security Notice USN-3353-4
Posted Jul 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3353-4 - USN-3353-1 fixed a vulnerability in Heimdal. This update provides the corresponding update for Samba. Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Samba clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network services or perform other attacks. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-11103
MD5 | dd356174d4dc120cafdbb3f3788aed1d
Ubuntu Security Notice USN-3362-1
Posted Jul 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3362-1 - It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X events. An attacker able to connect to an X server, either locally or remotely, could use this issue to crash the server, or possibly execute arbitrary code as an administrator. It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X events. An attacker able to connect to an X server, either locally or remotely, could use this issue to possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-10971, CVE-2017-10972, CVE-2017-2624
MD5 | 7b95145d755150a51d5a9a47506ac73a
Ubuntu Security Notice USN-3363-1
Posted Jul 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3363-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-10928, CVE-2017-11141, CVE-2017-11170, CVE-2017-11188, CVE-2017-11352, CVE-2017-11360, CVE-2017-11447, CVE-2017-11448, CVE-2017-11449, CVE-2017-11450, CVE-2017-11478, CVE-2017-9261, CVE-2017-9262, CVE-2017-9405, CVE-2017-9407, CVE-2017-9409, CVE-2017-9439, CVE-2017-9440, CVE-2017-9501
MD5 | a22aa533fe3ee586db4071c5de9042c8
Ubuntu Security Notice USN-3353-3
Posted Jul 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3353-3 - USN-3353-1 fixed a vulnerability in Heimdal. This update provides the corresponding update for Ubuntu 12.04 ESM.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-11103
MD5 | 9f922f5f78d08f4481fbacb90821d3af
Compulab Intense PC / MintBox 2 Signature Verification
Posted Jul 23, 2017
Authored by Hal Martin | Site watchmysys.com

Compulab Intense PC and MintBox 2 fail to perform signature validation and do not validate firmware updates before flashing.

tags | advisory
advisories | CVE-2017-9457
MD5 | 7c391f4f20ce5e2d76d4da46a4607d05
Gentoo Linux Security Advisory 201707-15
Posted Jul 21, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-15 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 26.0.0.137 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-3075, CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3080, CVE-2017-3081, CVE-2017-3082, CVE-2017-3083, CVE-2017-3084, CVE-2017-3099, CVE-2017-3100
MD5 | 45afa64a6b1c6faf4e76710b92a00baa
Oracle Integration Gateway Directory Traversal
Posted Jul 21, 2017
Authored by Roman Shalymov

Oracle Integration Gateway (PSIGW) suffers from a directory traversal vulnerability.

tags | advisory
advisories | CVE-2017-10061
MD5 | 157f2e94c68b0332b6f1abb341ac5a1d
Oracle Integration Gateway File Upload
Posted Jul 21, 2017
Authored by Roman Shalymov

Oracle Integration Gateway (PSIGW) suffers from a file upload vulnerability.

tags | advisory, file upload
advisories | CVE-2017-10061
MD5 | 05111597345e47ce58d04e720fa33522
Ubuntu Security Notice USN-3361-1
Posted Jul 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3361-1 - USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from Ubuntu 16.10. Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-1350, CVE-2016-10208, CVE-2016-8405, CVE-2016-8636, CVE-2016-9083, CVE-2016-9084, CVE-2016-9191, CVE-2016-9604, CVE-2016-9755, CVE-2017-2583, CVE-2017-2584, CVE-2017-2596, CVE-2017-2618, CVE-2017-2671, CVE-2017-5546, CVE-2017-5549, CVE-2017-5550, CVE-2017-5551, CVE-2017-5576, CVE-2017-5669, CVE-2017-5897, CVE-2017-5970, CVE-2017-6001, CVE-2017-6214, CVE-2017-6345, CVE-2017-6346, CVE-2017-6347, CVE-2017-6348
MD5 | 2a81ab5a406b26495cf15b17d009be23
Ubuntu Security Notice USN-3360-1
Posted Jul 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3360-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. It was discovered that a use-after-free vulnerability existed in the performance events and counters subsystem of the Linux kernel for ARM64. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9900, CVE-2015-8944, CVE-2015-8955, CVE-2015-8962, CVE-2015-8963, CVE-2015-8964, CVE-2015-8966, CVE-2015-8967, CVE-2016-10088, CVE-2017-1000380, CVE-2017-7346, CVE-2017-7895, CVE-2017-8924, CVE-2017-8925, CVE-2017-9605
MD5 | 4b837ac472f4020e28f8436305442660
Apple Security Advisory 2017-07-19-7
Posted Jul 21, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-07-19-7 - iCloud for Windows 6.2.2 is now available and addresses information disclosure, code execution, and various other vulnerabilities.

tags | advisory, vulnerability, code execution, info disclosure
systems | windows, apple
advisories | CVE-2017-7010, CVE-2017-7012, CVE-2017-7013, CVE-2017-7018, CVE-2017-7019, CVE-2017-7020, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7040, CVE-2017-7041, CVE-2017-7042, CVE-2017-7043, CVE-2017-7046, CVE-2017-7048, CVE-2017-7049, CVE-2017-7052, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064
MD5 | 4f380c77e8e99020d7e7e86a74e6ebae
Page 1 of 2,652
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close