Ubuntu Security Notice 3816-1 - Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. Jann Horn discovered a race condition in chown_one. A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.
0d1d149d094bc787a61b8d9a8420e7bbUbuntu Security Notice 3815-2 - USN-3815-1 fixed a vulnerability in gettext. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that gettext incorrectly handled certain messages. An attacker could possibly use this issue to execute arbitrary code.
51e487332db90c74eb92afb810976bcaUbuntu Security Notice 3815-1 - It was discovered that gettext incorrectly handled certain messages. An attacker could possibly use this issue to execute arbitrary code.
55c08c31b7c8375fb97d655a18afabb1Debian Linux Security Advisory 4337-1 - safety errors may lead to the execution of arbitrary code or denial of service.
84df8a853d0cd691f2c1c1877e3e51a8Debian Linux Security Advisory 4336-1 - Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service, disclosure of existence and size of arbitrary files, or the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being enabled).
5272b35e98151ec03cae17c1cae7ca73Gentoo Linux Security Advisory 201811-9 - A vulnerability in Icecast might allow remote attackers to execute arbitrary code. Versions less than 2.4.4 are affected.
f6c49ac0f6a5d7138247ff4d411fc2bfGentoo Linux Security Advisory 201811-6 - Multiple vulnerabilities have been found in libde265, the worst of which allows remote attackers to execute arbitrary code. Versions less than 1.0.3 are affected.
42a1b84bbaf2f48f50665de5ebeadd39Gentoo Linux Security Advisory 201811-5 - Multiple vulnerabilities have been found in PHProjekt due to embedded Zend Framework, the worst of which could allow attackers to remotely execute arbitrary commands. Versions less than or equal to 6.1.2 are affected.
023272c53ce86549bc9dc3246a333af5Gentoo Linux Security Advisory 201811-4 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 60.3.0 are affected.
3fbaf140c918fdebb25d085bb15384f8Ubuntu Security Notice 3813-1 - It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that pyOpenSSL incorrectly handled memory when performing operations on a PKCS #12 store. A remote attacker could possibly use this issue to cause pyOpenSSL to consume resources, resulting in a denial of service. Various other issues were also addressed.
17ee1c5903a74363c12d44b59d9fe872LibreHealth version 2.0.0 suffers from arbitrary file read, file delete, and local file inclusion vulnerabilities.
c623d621a1af63ea7a2cc412995fc1a4Ubuntu Security Notice 3811-1 - It was discovered that SpamAssassin incorrectly handled certain unclosed tags in emails. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that SpamAssassin incorrectly handled meta rule syntax. A local attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
7fcbfde9589d7977e424e44fe80a9ea7Ubuntu Security Notice 3808-1 - It was discovered that Ruby incorrectly handled certain X.509 certificates. An attacker could possibly use this issue to bypass the certificate check. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
40861160d83fcf2ea2b6534d3fc4fe66sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
5fdd5bb9be166686620512abe0f11658Ubuntu Security Notice 3807-1 - Felix Wilhelm discovered that the NetworkManager internal DHCPv6 client incorrectly handled certain DHCPv6 messages. In non-default configurations where the internal DHCP client is enabled, an attacker on the same network could use this issue to cause NetworkManager to crash, resulting in a denial of service, or possibly execute arbitrary code.
7090d9f77e278da5d5637637cbc3037cThis Metasploit module exploits an arbitrary file upload in the sample PHP upload handler for blueimp's jQuery File Upload widget in versions 9.22.0 and below. Due to a default configuration in Apache 2.3.9+, the widget's .htaccess file may be disabled, enabling exploitation of this vulnerability. This vulnerability has been exploited in the wild since at least 2015 and was publicly disclosed to the vendor in 2018. It has been present since the .htaccess change in Apache 2.3.9. This Metasploit module provides a generic exploit against the jQuery widget.
dc66674939d313842bacc7cddcbdd16cUbuntu Security Notice 3806-1 - Felix Wilhelm discovered that the systemd-networkd DHCPv6 client incorrectly handled certain DHCPv6 messages. In configurations where systemd-networkd is being used, an attacker on the same network could use this issue to cause systemd-networkd to crash, resulting in a denial of service, or possibly execute arbitrary code.
35680bf8b4d43558d98d86f89f440cf6Debian Linux Security Advisory 4334-1 - Multiple vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-book viewer which could result in denial of service or the execution of arbitrary code if malformed documents are opened.
0d4bb0b6144acb743c6577accc5c3e20Debian Linux Security Advisory 4333-1 - Nick Rolfe discovered multiple buffer overflows in the Icecast multimedia streaming server which could result in the execution of arbitrary code.
a1bafaabade89c2cdb1b4dbed96a1cc8CSV (XLS) Injection (Excel Macro Injection or Formula Injection) exists in the AIM CrossChex version 4.3 when importing or exporting users using xls Excel file. This can be exploited to execute arbitrary commands on the affected system via SE attacks when an attacker inserts formula payload in the Name field when adding a user or using the custom fields Gender, Position, Phone, Birthday, Employ Date and Address. Upon importing, the application will launch Excel program and execute the malicious macro formula.
f17d0ab71ad68426099534dd08d3f455An attacker can exploit the embedded version of Git used in Sourcetree if they can commit to a Git repository linked in Sourcetree. This allows them to execute arbitrary code on systems running a vulnerable version of Sourcetree for macOS. Versions of Sourcetree for macOS starting with version 1.02b before version 3.0.0 are affected by this vulnerability. Versions of Sourcetree for Windows starting with version 0.5.1.0 before version 3.0.0 are affected by this vulnerability.
3149f5b5c6b108a0813b481370d341e4Ubuntu Security Notice 3805-1 - Harry Sintonen discovered that curl incorrectly handled SASL authentication. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Brian Carpenter discovered that curl incorrectly handled memory when closing certain handles. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
62d9032b56d438de573bf274b8252a5cRed Hat Security Advisory 2018-3406-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability.
63cb15b1b8c7c0d8a5f07a72241a9099Gentoo Linux Security Advisory 201810-10 - Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. Versions less than 239-r2 are affected.
ccdf59040b5185849799e4e2123418d8Gentoo Linux Security Advisory 201810-7 - Multiple vulnerabilities have been found in Mutt and NeoMutt, the worst of which allows for arbitrary code execution. Versions less than 1.10-1 are affected.
627400e40f04ad1ca91e69f03aaf4fc9
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed