Debian Linux Security Advisory 4375-1 - Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code.
8b8adcd24817c0030b39a7417c0c0149Debian Linux Security Advisory 4376-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation.
4f6aa00ae290ef84a9bacd66a05ee470Debian Linux Security Advisory 4377-1 - The ESnet security team discovered a vulnerability in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the scp support could result in the bypass of this restriction, allowing the execution of arbitrary shell commands.
0f3abdb1f9aef1a11fc5a00e69af7d17Ubuntu Security Notice 3871-1 - Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
b01424a9823358e3f9c7c3303574d6b6Ubuntu Security Notice 3870-1 - Christophe Fergeau discovered that Spice incorrectly handled memory. A remote attacker could use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.
15ab4e725f9b2a15d5ffae3b7b902407Debian Linux Security Advisory 4372-1 - Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the -dSAFER sandbox being enabled).
3327d9657dff6df36e220be7da51df47Green CMS version 2.x suffers from arbitrary file and directory download vulnerabilities.
4b9723b2419952406455afdf54beb329Ubuntu Security Notice 3868-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restrictions, or execute arbitrary code.
156bb1a970deaa330fff2d0b171db985This Metasploit module attempts to gain root privileges on Linux systems using setuid executables compiled with AddressSanitizer (ASan). ASan configuration related environment variables are permitted when executing setuid executables built with libasan. The log_path option can be set using the ASAN_OPTIONS environment variable, allowing clobbering of arbitrary files, with the privileges of the setuid user. This module uploads a shared object and sprays symlinks to overwrite /etc/ld.so.preload in order to create a setuid root shell.
768b7239ece537e4a3e22a2f3279b203Ubuntu Security Notice 3866-1 - Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.
2e5dbb4b6ecaaeecf3f96464df517e02Microsoft Windows VCF or Contact file URL manipulation arbitrary code execution proof of concept exploit. Tested on Windows 7 SP1, 8.1, 10 v.1809 with full patches up to January 2019. Both x86 and x64 architectures were tested.
094fed868f7fb979125879d67bb9e5a4Ubuntu Security Notice 3864-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
a90cb1bdc719fb0d13cc25d006f35308Debian Linux Security Advisory 4370-1 - Two vulnerabilities were found in Drupal, a fully-featured content management framework, which could result in arbitrary code execution.
7f949cabd1a21a240c288ead2cd5909fThis Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.900 and below. Any user authorized to the "Java file manager" and "Upload and Download" fields, to execute arbitrary commands with root privileges. In addition, "Running Processes" field must be authorized to discover the directory to be uploaded. A vulnerable file can be printed on the original files of the Webmin application. The vulnerable file we are uploading should be integrated with the application. Therefore, a ".cgi" file with the vulnerability belong to webmin application should be used. The module has been tested successfully with Webmin version 1.900 over Debian 4.9.18.
9e47bc329db56a10368c5886b4673495Ubuntu Security Notice 3862-1 - It was discovered that Irssi incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code.
1835fc3a411b15251070ed9e7392758bThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw is due to the processing of ".contact" files <c:Url> node param which takes an expected website value, however if an attacker references an executable file it will run that instead without warning instead of performing expected web navigation. This is dangerous and would be unexpected to an end user.
400f7619bf34f3975072761dde4b36b7Roxy Fileman version 1.4.5 suffers from an arbitrary file download vulnerability.
5889efb4572742bf954e5cd0be9fefc7This Metasploit module attempts to gain root privileges by exploiting a Python code injection vulnerability in blueman versions prior to 2.0.3. The org.blueman.Mechanism.EnableNetwork D-Bus interface exposes the set_dhcp_handler function which uses user input in a call to eval, without sanitization, resulting in arbitrary code execution as root. This module has been tested successfully with blueman version 1.23 on Debian 8 Jessie (x64).
733a4a54285c7ff07e42208a0ada25beUbuntu Security Notice 3860-1 - It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.
0d22dd812ca9b3495b60878b292fe08aDebian Linux Security Advisory 4368-1 - Guido Vranken discovered that an incorrect bounds check in ZeroMQ, a lightweight messaging kernel, could result in the execution of arbitrary code.
d0ebb6a44e5eb5ba095db014dad1e17cMicrosoft Windows suffers from a DSSVC DSOpenSharedFile arbitrary file delete privilege escalation vulnerability.
b222cf88f9572d3d9f640ba2ca02e3d4Microsoft Windows suffers from a DSSVC DSOpenSharedFile arbitrary file open privilege escalation vulnerability.
bb2e921fb41ce1f0d91dd85e884db5f2Ubuntu Security Notice 3857-1 - Fariskhi Vidyan discovered that PEAR Archive_Tar incorrectly handled certain archive paths. A remote attacker could possibly use this issue to execute arbitrary code.
0216917c7cb3ac850f31adf9b107774bModern POS version 1.3 suffers from an arbitrary file download vulnerability.
7085ef3d85a1f069a3907658b09fb008Debian Linux Security Advisory 4367-1 - The Qualys Research Labs discovered multiple vulnerabilities in systemd-journald. Two memory corruption flaws, via attacker-controlled alloca()s (CVE-2018-16864, CVE-2018-16865) and an out-of-bounds read flaw leading to an information leak (CVE-2018-16866), could allow an attacker to cause a denial of service or the execution of arbitrary code.
52119bef744619b328f6429303d66914
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed