FreeBSD Security Advisory - An error in the parsing of incoming responses allows some records with an incorrect class to be be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. An attacker who can cause a server to request a record with a malformed class attribute can use this bug to trigger a REQUIRE assertion in db.c, causing named to exit and denying service to clients. The risk to recursive servers is high. Authoritative servers are at limited risk if they perform authentication when making recursive queries to resolve addresses for servers listed in NS RRSETs.
3f66432f8713d26de09e56124d8b800cfcef8c7957a74030786c6c424fe61925This is a short article on how to escalate privileges from man/man to root/root via the "catman" cron job.
175278cb086bb0f7bb489a8359cc3e5d03b693facbe6d7c758563828b7199624This is a short article how to use the setgid directory /var/cache/man to escalate privileges from man/man to man/root on Ubuntu Vivid.
3814fe1e9b83323aa0084f50fe299d22950a17ddb5de4ff5dab6bed52b7cc86cCall For Papers for Positive Hack Days VI which will take place May 17th through the 18th, 2016 in Moscow, Russia.
3df571b850a7a4b44a22e54aa2b9910d22144046d235bf905354a855f5a0c0abSlackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
954fcd7265ef6b16e0e2b91fc3328efa7624c4c4eb6ff428f6cd80aaed80cb56Slackware Security Advisory - New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
101dd060194f8523c428e21d309fc31e7c0fb49dd54eb5a40f6a4f94fa8aea46Debian Linux Security Advisory 3420-1 - It was discovered that the BIND DNS server does not properly handle the parsing of incoming responses, allowing some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. A remote attacker can exploit this flaw to cause a denial of service against servers performing recursive queries.
d95fc93697042d34212e4968f3aecb3897ebd34cc4fccbca08169849034f6ceaRed Hat Security Advisory 2015-2658-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server to crash.
8e1e474f25a1c109649e7429771e70b380223b178678edde08358aa2678611f5Debian Linux Security Advisory 3422-1 - Multiple security issues have been found in Iceweasel, Debian's version integer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, bypass of the same-origin policy or denial of service.
8f6d6c0836ae72eec29c173df053ce4e8e0b88d6a72a7225e8f0f53732d53e2cRed Hat Security Advisory 2015-2661-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and prevent further, legitimate connections to the Tomcat server.
cf1a4249c4f08aac42a4d15cf5cb14bcad7304449de1390dcbf1127a209baab1Red Hat Security Advisory 2015-2660-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and prevent further, legitimate connections to the Tomcat server.
66e05ca1b341f7d3c1b9cca1e65d11a6cababeedfb7b575eef78359569661f63Red Hat Security Advisory 2015-2657-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Firefox handled content using the 'data:' and 'view-source:' URIs. An attacker could use this flaw to bypass the same-origin policy and read data from cross-site URLs and local files.
c837c782c576690057963a4b084807c52b5d209aea24f7f2bca7c40e3a79a6d5Red Hat Security Advisory 2015-2655-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server to crash.
2c733d6c3c282bdb076f79e1e038ea6cc3256b0e18b184395081ed3f8e598016Red Hat Security Advisory 2015-2656-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server to crash.
0b389833211090542c5f4dcf17854a0dbcd84652638b19e3e66d439700dbdc44Red Hat Security Advisory 2015-2659-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and prevent further, legitimate connections to the Tomcat server.
4c1a70a35cd943eaffc8cf30bea91ac0cda719d92d0f834d27138d3c8ca550efHPE Security Bulletin HPSBUX03529 SSRT102967 1 - Potential security vulnerabilities have been identified in the HP-UX BIND service running named. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
900b6d0f23492bb81c5701d07166014454a7d4d8edd5443ced5edb02fd85edb2Ubuntu Security Notice 2838-2 - Adam Chester discovered that the foomatic-filters foomatic-rip filter incorrectly stripped shell escape characters. A remote attacker could possibly use this issue to execute arbitrary code as the lp user.
56d923dc67ea7b0970ba7700c4ef4792ff1937bcf61c1a5b9a7601482e34850eUbuntu Security Notice 2838-1 - Adam Chester discovered that the cups-filters foomatic-rip filter incorrectly stripped shell escape characters. A remote attacker could possibly use this issue to execute arbitrary code as the lp user.
b560d88e34610144153770fd0cccff1691bb1acc7f29695111c1cec3d2a1f8d2Ubuntu Security Notice 2839-1 - As a security improvement against the POODLE attack, this update disables SSLv3 support in the CUPS web interface. For legacy environments where SSLv3 support is still required, it can be re-enabled by adding "SSLOptions AllowSSL3" to /etc/cups/cupsd.conf.
1962e88312753ed6934b53c14aafc752a3a3f45e659ee785fb483543e0eabbeeRed Hat Security Advisory 2015-2620-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. A privilege escalation flaw was discovered in CloudForms, where in certain situations, CloudForms could read encrypted data from the database and then write decrypted data back into the database. If the database was then exported or log files generated, a local attacker might be able to gain access to sensitive information.
6d869afc5259f941b1ac9ef7657e785b32117dca505d7c4447589b75510bf9d5Slackware Security Advisory - New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
45bb3f03083cb964bed263c45381e6d8ca8c6ec617a2e8a70c6797a36ef40a21PHPads version 2.0 suffers from a file disclosure vulnerability.
66da5278e1474a1bed5a60a4ad00615e9a556c067fc66caa83c3044dd1e7544fThe FireEye MPS (Malware Protection System) is vulnerable to a remote code execution vulnerability, simply from monitoring hostile traffic. FireEye is designed to operate as a passive network tap, so that it can see all the files and emails that enter a monitored network. This vulnerability allows an attacker to compromise the FireEye device, get a root shell and start monitoring all traffic on the victim network (emails, attachments, downloads, web browsing, etc). This is about the worst possible vulnerability that you can imagine for a FireEye user, it literally does not get worse than this.
5b71a70797f1a740a3f3bf38f4315c8da4214ac349a05291753b4222407a507fAn ASAN build of Wireshark suffers from a stack-based buffer overflow in Dissect_tds7_colmetadata_token.
a513ef102a6d09a4c0860fe8eb07b545bf2e2a8590cbd326c943e0fb7f61a54cAn ASAN build of Wireshark suffers from an assertion failure crash in Wmem_alloc.
d76d5af25e60f85c530d3808dd9199b9ec3a18995112137b8a00d6e869656eac
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed