Asterisk Project Security Advisory - There is a buffer overflow vulnerability in dns_srv and dns_naptr functions of Asterisk that allows an attacker to crash Asterisk via a specially crafted DNS SRV or NAPTR response. The attacker's request causes Asterisk to segfault and crash.
6aca45f3b7b194469327386eabbfe453Ubuntu Security Notice 3821-1 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
a90659bad625eafc560423ef26975554Red Hat Security Advisory 2018-3591-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an integer overflow vulnerability.
4cf33ed3b32c329de89d3cc482fad8e0Red Hat Security Advisory 2018-3558-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, null pointer, out of bounds write, and use-after-free vulnerabilities.
516f51a00fc5765270c849817fc3f4b4XAMPP Control Panel version 3.2.2 SEH unicode buffer overflow exploit.
fc81a31ec51873be9f0185f023efc416Debian Linux Security Advisory 4338-1 - Integer overflows in the processing of packets in network cards emulated by QEMU, a fast processor emulator, could result in denial of service.
15d509051fcf2fb66ea41acb025d14f0Red Hat Security Advisory 2018-3531-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.3.0. Issues addressed include an integer overflow vulnerability.
843de559af4fe7852cc002b06f9d059cRed Hat Security Advisory 2018-3532-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.3.0. Issues addressed include an integer overflow.
d22c03b447c8e30dc1b1e1f825b1a72aGentoo Linux Security Advisory 201811-2 - A buffer overflow in Python might allow remote attackers to cause a Denial of Service condition. Versions less than 2.7.15 are affected.
ec4ccf8226c5aad66199371cedbc492fRed Hat Security Advisory 2018-3522-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Issues addressed include a buffer overflow vulnerability.
24eb3ab5c01cfe4fdd69858d462761c2Red Hat Security Advisory 2018-3514-01 - Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Issues addressed include a stack overflow vulnerability.
c95e08fde277c8157ae54b83d2871475Red Hat Security Advisory 2018-3506-01 - Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Issues addressed include a stack overflow vulnerability.
290222918e1fb09ebb500ea31531084dlibIEC61850 suffers from a buffer overflow vulnerability.
9876a14a850e92552a086d08a1031ee8sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
5fdd5bb9be166686620512abe0f11658This Metasploit module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg.
ed1eb77912bc6cc0c8fcd9813c7bc2b6Red Hat Security Advisory 2018-3470-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, denial of service, deserialization, and format string vulnerabilities.
63c838780096bd8787d4d61edcc97a96PCManFTPD 2.0.7 server APPE command buffer overflow exploit.
87e02e4c60d4fa6a60c8975a6278da60Debian Linux Security Advisory 4333-1 - Nick Rolfe discovered multiple buffer overflows in the Icecast multimedia streaming server which could result in the execution of arbitrary code.
a1bafaabade89c2cdb1b4dbed96a1cc8Apple Security Advisory 2018-10-30-14 - macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan address buffer overflow, code execution, denial of service, information leakage, and null pointer vulnerabilities.
f1dbc0bc60d79fd4e3c5f0b9d2264c9eApple Security Advisory 2018-10-30-9 - macOS Mojave 10.14 addresses buffer overflow, code execution, denial of service, and information leakage vulnerabilities.
11701ebf662e62c543b6d5d6904f76fcRed Hat Security Advisory 2018-3432-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include buffer overflow, denial of service, and format string vulnerabilities.
c26c5422d2a077ec53af7da3c4c1c242Red Hat Security Advisory 2018-3431-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include buffer overflow, denial of service, and format string vulnerabilities.
2e648a6e645cd8f8e689c5508333c425Apple Security Advisory 2018-10-30-2 - macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address buffer overflow, code execution, denial of service, and information leakage vulnerabilities.
8c8e8b2371c732c8c18cc33fbce89068Red Hat Security Advisory 2018-2948-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, bypass, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
2a082c96c14fb8589f9da34adecaa49dRed Hat Security Advisory 2018-3092-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.
861efb4c657d18858252abdea48e8bce
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed