Ubuntu Security Notice 3902-1 - It was discovered that the PHP XML-RPC module incorrectly handled decoding XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. It was discovered that the PHP PHAR module incorrectly handled certain filenames. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. It was discovered that PHP incorrectly parsed certain DNS responses. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.
9715d43e4e828f788c824aa665b39b95Debian Linux Security Advisory 4402-1 - It was discovered that insufficient restrictions in the connection handling of Mumble, a low latency encrypted VoIP client, could result in denial of service.
f1fce2881c6f151f5471305cc4dae616FileZilla version 3.40.0 suffers from multiple denial of service vulnerabilities.
e863765acf28067796ac5a55a400c105Debian Linux Security Advisory 4399-1 - Joey Hess discovered that the aggregate plugin of the Ikiwiki wiki compiler was susceptible to server-side request forgery, resulting in information disclosure or denial of service.
ddd88cecf467bffd0d7c9d1ed2dd16b4Debian Linux Security Advisory 4397-1 - Garming Sam reported an out-of-bounds read in the ldb_wildcard_compare() function of ldb, a LDAP-like embedded database, resulting in denial of service.
7e49bbc87f63e971fdd23fddb6bc4d3aUbuntu Security Notice 3900-1 - It was discovered that GD incorrectly handled memory when processing certain images. A remote attacker could use this issue with a specially crafted image file to cause GD to crash, resulting in a denial of service, or possibly execute arbitrary code.
5465e69907c9e79e55b5186813ab2317FTP Server version 1.32 suffers from a denial of service vulnerability.
d0a8b57dca44040dff790f2342f44f26TransMac version 12.3 suffers from a denial of service vulnerability.
5b4bfe5cb1802d3f606cf1e9ad9fc769Ubuntu Security Notice 3898-2 - USN-3898-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Hanno BAPck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Various other issues were also addressed.
96d4a6ebad4a475d23f48aacf78cb18fUbuntu Security Notice 3898-1 - Hanno BAPck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service.
1f538d3fc5907fe7db2f992a501e9f5aUbuntu Security Notice 3895-1 - It was discovered that LDB incorrectly handled certain search expressions. A remote attacker could possibly use this issue to cause the Samba LDAP process to crash, resulting in a denial of service.
0fe2b12280334803d3598621a5f4f799Ubuntu Security Notice 3896-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same origin protections, or execute arbitrary code.
6e08cc9799b6051189410337e2aa406fUbuntu Security Notice 3897-1 - A use-after-free was discovered in libical. If a user were tricked in to opening a specially crafted ICS calendar file, an attacker could potentially exploit this to cause a denial of service. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
99633af618d616f368ddcfe60c6a90b1Ubuntu Security Notice 3866-3 - USN-3866-2 fixed a regression in Ghostscript. The Ghostscript update introduced a new regression that resulted in certain pages being printed with a blue background. This update fixes the problem. Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service. Various other issues were also addressed.
bcedf1d55d9ba455b92845d70d575012The SVG nanosvg library suffers from a denial of service vulnerability due to a memory corruption bug.
a92b210d4f5bd9069939f2dfef6879aaUbuntu Security Notice 3893-2 - USN-3893-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Bind incorrectly handled certain trust anchors when used with the "managed-keys" feature. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Various other issues were also addressed.
da49e2f4aa1d8c9b96a2d3e19c680e31Red Hat Security Advisory 2019-0366-01 - This release adds the new Apache HTTP Server 2.4.29 Service Pack 1 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.29, and includes bug fixes and enhancements. Issues addressed include bypass, denial of service, null pointer, out of bounds write, traversal, and use-after-free vulnerabilities.
677751d5be68a0a89b505b85b6621cfdUbuntu Security Notice 3893-1 - Toshifumi Sakaguchi discovered that Bind incorrectly handled memory. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. It was discovered that Bind incorrectly handled certain trust anchors when used with the "managed-keys" feature. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Various other issues were also addressed.
23196d546e73474d148ec76ffbb82008Ubuntu Security Notice 3866-2 - USN-3866-1 fixed vulnerabilities in Ghostscript. The new Ghostscript version introduced a regression when printing certain page sizes. This update fixes the problem. Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service. Various other issues were also addressed.
77dd6ff7d1ee5ef8a4e5f5a8cfca6724ScreenStream version 3.0.15 suffers from a denial of service vulnerability.
f04703213b7aec2dfd03ff775170af4fAirDrop version 2.0 suffers from a denial of service vulnerability.
827873256c71e3fda41f235475089748FTPShell Server version 6.83 suffers from a denial of service vulnerability.
04f2a824ae2e7f27347115dc21d1e6caNetSetMan version 4.7.1 suffers from a denial of service vulnerability.
6899715431a891113bb95cb51b7b1c98BulletProof FTP Server version 2019.0.0.50 suffers from a denial of service vulnerability.
f59e79a0cbc7708106add78b5ac916bfValentina Studio version 9.0.4 suffers from a denial of service vulnerability.
144e00bb30c6286ce8a81eab9167e450
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed