systemd suffers from a lack of seat verification in the PAM module and in turn permits the spoofing of an active session to polkit.
da7d4cd8a891ee21f0b9d4c6fec61329Xiaomi Mi Browser version 10.5.6-g and Mint Browser version 1.5.3 suffer from a URL spoofing vulnerability.
c27c7a6cb871fcfb703ea8bcad586eecDebian Linux Security Advisory 4428-1 - Jann Horn discovered that the PAM module in systemd insecurely uses the environment and lacks seat verification permitting spoofing an active session to PolicyKit. A remote attacker with SSH access can take advantage of this issue to gain PolicyKit privileges that are normally only granted to clients in an active session on the local console.
581ff7de6fc4c8317db5062a9bb2215aUbuntu Security Notice 3938-1 - Jann Horn discovered that pam_systemd created logind sessions using some parameters from the environment. A local attacker could exploit this in order to spoof the active session and gain additional PolicyKit privileges.
1ea66e9f11b68b91474bff6257eec73dThe Windows registry editor allows specially crafted .reg filenames to spoof the default registry dialog warning box presented to an end user. This can potentially trick unsavvy users into choosing the wrong selection shown on the dialog box. Furthermore, we can deny the registry editor its ability to show the default secondary status dialog box (Win 10), thereby hiding the fact that our attack was successful.
105ff93a7fefdb9d6ae572f2070820c3UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
3ca9a099659fa13828bda8d6d798b856Ubuntu Security Notice 3885-2 - USN-3885-1 fixed vulnerabilities in OpenSSH. It was discovered that the fix for CVE-2019-6111 turned out to be incomplete. This update fixes the problem. Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output. Various other issues were also addressed.
f34497e7fb170dcf3d9ac60a51149cd4WordPress WooCommerce plugin with GloBee cryptocurrency payment gateway versions 1.1.1 and below suffer from payment bypass and unauthorized order status spoofing vulnerabilities.
a070536b50a013c2522b2ed38c52ccccDebian Linux Security Advisory 4392-1 - Multiple security issues have been found in the Thunderbird mail client, which could lead to the execution of arbitrary code, denial of service or spoofing of S/MIME signatures.
72eb49943de47e780e6bb6cc43b13415Red Hat Security Advisory 2019-0349-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.14, 1.1.11, 2.1.8, and 2.2.2. Issues addressed include a domain spoofing vulnerability.
46adaf791d0ae87c4dcb6dfb73383e97Ubuntu Security Notice 3885-1 - Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output.
558941eba51b7779c1347a96125fa2ccUbuntu Security Notice 3707-2 - USN-3707-1 and USN-3349-1 fixed several vulnerabilities in NTP. This update provides the corresponding update for Ubuntu 12.04 ESM. Miroslav Lichvar discovered that NTP incorrectly handled certain spoofed addresses when performing rate limiting. A remote attacker could possibly use this issue to perform a denial of service. Various other issues were also addressed.
2f54f1b535f2b9e7d16c597307f59f6dMany scp clients fail to verify if the objects returned by the scp server match those it asked for. This issue dates back to 1983 and rcp, on which scp is based. A separate flaw in the client allows the target directory attributes to be changed arbitrarily. Finally, two vulnerabilities in clients may allow server to spoof the client output.
d3b18a0146f2be70c357e933eb037d03Ubuntu Security Notice 3851-1 - It was discovered that Django incorrectly handled the default 404 page. A remote attacker could use this issue to spoof content using a malicious URL.
2d5950123f9a670fa08c8a5cb6410857Debian Linux Security Advisory 4363-1 - It was discovered that malformed URLs could spoof the content of the default 404 page of Django, a Python web development framework.
2b825f3bca76165c30b5aef53b5d1a60UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
c1ec221727b9cd2ac06a67b4c61830d0Ubuntu Security Notice 3801-2 - USN-3801-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Multiple security issues were discovered with WebExtensions in Firefox. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit these to bypass domain restrictions, gain additional privileges, or run content scripts in local pages without permission. Various other issues were also addressed.
811a5ef0a3ce8b51d96d4535e884c045Ubuntu Security Notice 3801-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Various other issues were also addressed.
952c961245ddeace11587b0845c529abThe management interfaces of Citrix NetScaler SD-WAN physical appliances and virtual appliances suffer from command injection, information exposure, incorrect access control, IP spoofing, remote SQL injection, and directory traversal vulnerabilities.
b27e1af5d9f4b9be4c08566bac90e203UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
04a0b3439384a0d51cce72ba4a2cae82Debian Linux Security Advisory 4297-1 - Two vulnerabilities have been discovered in the chromium web browser. Kevin Cheung discovered an error in the WebAssembly implementation and evil1m0 discovered a URL spoofing issue.
4f8d322b2d6ea29707a0439ed5b41706Apple Security Advisory 2018-9-17-4 - Safari 12 is now available and addresses browser history deletion and user interface spoofing vulnerabilities.
a568d7158566c7148b8c1fa79bd1a522Red Hat Security Advisory 2018-2331-01 - memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security fix: memcached: UDP server support allows spoofed traffic amplification DoS For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Issues addressed include a denial of service vulnerability.
238360ec1fbe236ebadd8dc1d45feff9FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
4a8ce84950cf1303fa4ad1ff8c5f424aThis Metasploit module exploits the DynoRoot vulnerability, a flaw in how the NetworkManager integration script included in the DHCP client in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier processes DHCP options. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
5260d2ef5bb8f8bbc5edbc0ec7cb7c67
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed