what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2019-06-19

Ubuntu Security Notice USN-4022-1
Posted Jun 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4022-1 - It was discovered that gunicorn improperly handled certain input. An attacker could potentially use this issue execute a cross-site scripting attack.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2018-1000164
SHA-256 | ee98b227f2df8ccd05edca88b0bb8f93741475919fc6cd7d650f8cd0043d7ae6
Red Hat Security Advisory 2019-1553-01
Posted Jun 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1553-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 75.0.3770.90. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-5842
SHA-256 | 735dd0ddeb6ee78dd9557081cf3b98460f13496ab14fd1ffd505fa57adba4604
Ubuntu Security Notice USN-4024-1
Posted Jun 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4024-1 - As a security improvement, this update adjusts the AppArmor profile for the Evince thumbnailer to reduce access to the system and adjusts the AppArmor profile for Evince and Evince previewer to limit access to the DBus system bus. Additionally adjust the evince abstraction to disallow writes on parent directories of sensitive files.

tags | advisory
systems | linux, ubuntu
SHA-256 | f766362aa54f3d1c0ce4a4a3f87e2c3632f7d8648b152e1d5c472afc38a04b56
Ubuntu Security Notice USN-4019-2
Posted Jun 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4019-2 - USN-4019-1 fixed several vulnerabilities in sqlite3. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that SQLite incorrectly handled certain SQL files. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-6153, CVE-2017-10989, CVE-2017-13685, CVE-2017-2518, CVE-2018-20346, CVE-2019-8457
SHA-256 | 0fb2555a0293e0c48829e69997d9ca6b55ae4060571a6ed37fc4806cc44c593f
Ubuntu Security Notice USN-4020-1
Posted Jun 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4020-1 - A type confusion bug was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this by causing a denial of service, or executing arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11707
SHA-256 | fb8b2a25173508d0607dd8e1ffe802213ef2cd244f2130f58b92a4854975a0e9
Ubuntu Security Notice USN-4021-1
Posted Jun 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4021-1 - Daniel P. Berrangé discovered that libvirt incorrectly handled socket permissions. A local attacker could possibly use this issue to access libvirt. It was discovered that libvirt incorrectly performed certain permission checks. A remote attacker could possibly use this issue to access the guest agent and cause a denial of service. This issue only affected Ubuntu 19.04. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-10132, CVE-2019-3886
SHA-256 | 934a653d6bbd7f060c475372db010848a881479984bb2a29d5ef50a9f397a99e
Ubuntu Security Notice USN-4019-1
Posted Jun 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4019-1 - It was discovered that SQLite incorrectly handled certain SQL files. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. This issue only affected Ubuntu 16.04 LTS. It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-6153, CVE-2017-10989, CVE-2017-13685, CVE-2017-2519, CVE-2018-20505, CVE-2018-20506, CVE-2019-8457, CVE-2019-9936, CVE-2019-9937
SHA-256 | 00d5f61256de6e5b5ed3b5ca561a97145327b1db2ac2247d8ccb15833492608e
Cisco Prime Infrastructure Health Monitor TarArchive Directory Traversal
Posted Jun 19, 2019
Authored by mr_me, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in Cisco Prime Infrastructure. The issue is that the TarArchive Java class the HA Health Monitor component uses does not check for any directory traversals while unpacking a Tar file, which can be abused by a remote user to leverage the UploadServlet class to upload a JSP payload to the Apache Tomcat's web apps directory, and gain arbitrary remote code execution. Note that authentication is not required to exploit this vulnerability.

tags | exploit, java, remote, web, arbitrary, code execution
systems | cisco
advisories | CVE-2019-1821
SHA-256 | a4ea9f1287ac1dba88becbc65cca9516c214cbb28ac296ea4aab456d25255b07
Cisco Prime Infrastructure Runrshell Privilege Escalation
Posted Jun 19, 2019
Authored by sinn3r, Pedro Ribeiro | Site metasploit.com

This Metasploit modules exploits a vulnerability in Cisco Prime Infrastructure's runrshell binary. The runrshell binary is meant to execute a shell script as root, but can be abused to inject extra commands in the argument, allowing you to execute anything as root.

tags | exploit, shell, root
systems | cisco
SHA-256 | 2c36a878b4e9bd45ad81ca8fb24a7604744f9f005ad314f116c110e64106d9a4
Kernel Live Patch Security Notice LSN-0052-1
Posted Jun 19, 2019
Authored by Benjamin M. Romer

Jonathan Looney discovered that an integer overflow existed in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service (system crash). Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, overflow, kernel, tcp
systems | linux
advisories | CVE-2019-11477, CVE-2019-11478
SHA-256 | 180fed7fbe08b89246da448a793e20ef76b9d263407b8a46ed5a13a5f4acca3b
Ubuntu Security Notice USN-4018-1
Posted Jun 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4018-1 - It was discovered that Samba incorrectly handled certain RPC messages. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. It was discovered that Samba incorrectly handled LDAP pages searches. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-12435, CVE-2019-12436
SHA-256 | 140091ed3156f9e07af5aea2f57bb868e9cb17b65537670d4de30e15e8ea8192
Red Hat Security Advisory 2019-1545-01
Posted Jun 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1545-01 - This release of Red Hat Fuse 7.3.1 serves as a replacement for Red Hat Fuse 7.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-2510, CVE-2017-15691, CVE-2017-5645, CVE-2018-11798, CVE-2018-3258
SHA-256 | ab4cb414516f95e468f2713be03c38910af951da3e52c9375a4e50d3739697bf
Red Hat Security Advisory 2019-1543-01
Posted Jun 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1543-01 - This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. Issues addressed include denial of service, null pointer, and out of bounds write vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0495, CVE-2018-0732, CVE-2018-1000005, CVE-2018-1000007, CVE-2018-1000120, CVE-2018-1000122, CVE-2018-14404, CVE-2019-0211
SHA-256 | 87a60175fe0e0dde7ae7865168e89fd3521aa1306210d2d9c8b32e05f763b1a9
Red Hat Security Advisory 2019-1518-01
Posted Jun 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1518-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Multiple security issues have been addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2602, CVE-2019-2684
SHA-256 | 3826c7d75e06b5f503a5c38b6462567f49a793a59a9eb369b79ccad0d90f13e5
Red Hat Security Advisory 2019-1519-01
Posted Jun 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1519-01 - The go-toolset:rhel8 module provides Go Toolset, a compiler toolset for building applications using the Go language and compiler suite. A CRLF injection vulnerability has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9741
SHA-256 | baeb2ae96e275359cf87f4e1f00f189e9a9821f318e38e9e4ea466cf557bc97f
Red Hat Security Advisory 2019-1529-01
Posted Jun 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1529-01 - The Public Key Infrastructure Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System. An open redirection vulnerability among other things have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-11784, CVE-2018-8014, CVE-2018-8034, CVE-2018-8037
SHA-256 | 4a2fffd2cbeda76ca67676d661da96c81b540f4422fc1210b58c73920e0eb664
Red Hat Security Advisory 2019-1517-01
Posted Jun 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1517-01 - GVFS is the GNOME Desktop Virtual File System layer that allows users to easily access local and remote data using File Transfer Protocol, Secure Shell File Transfer Protocol, Web Distributed Authoring and Versioning, Common Internet File System, Server Message Block, and other protocols. GVFS integrates with the GNOME I/O abstraction layer. A file access vulnerability has been addressed.

tags | advisory, remote, web, shell, local, protocol
systems | linux, redhat
advisories | CVE-2019-3827
SHA-256 | 3e0b4c8a42c248b9e729c519c690cda50d93de7cf41f316cdf81bd4f5be82172
Red Hat Security Advisory 2019-1527-01
Posted Jun 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1527-01 - The Windows Azure Linux Agent supports provisioning and running Linux virtual machines in the Microsoft Windows Azure cloud. A weak permissions issue was addressed.

tags | advisory
systems | linux, redhat, windows
advisories | CVE-2019-0804
SHA-256 | f82da59b6aaa050543af521d1ee21dc78e845c4c0a7df69cdd296b429bebb234
Debian Security Advisory 4465-1
Posted Jun 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4465-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2019-10126, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-11486, CVE-2019-11599, CVE-2019-11815, CVE-2019-11833, CVE-2019-11884, CVE-2019-3846, CVE-2019-5489, CVE-2019-9500, CVE-2019-9503
SHA-256 | 6462989fedaf07301b47a2563bc368b80ca7dfd5c7c7901bf9c00004dffd9a54
Red Hat Security Advisory 2019-1502-01
Posted Jun 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1502-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. An input validation was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-6454
SHA-256 | ac1ef86c4c35feb452f3e81ce1147e1c43d4e4a0b0476aac1b5c82d37f9a6d4b
BlogEngine.NET 3.3.6 / 3.3.7 Theme Cookie Directory Traversal / Remote Code Execution
Posted Jun 19, 2019
Authored by Aaron Bishop

BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from theme Cookie directory traversal and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
advisories | CVE-2019-10720
SHA-256 | 6ddbf2e35dcad7a8a7865c141fac337889ced5f852566982530475e1477f1862
BlogEngine.NET 3.3.6 / 3.3.7 dirPath Directory Traversal / Remote Code Execution
Posted Jun 19, 2019
Authored by Aaron Bishop

BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from dirPath directory traversal and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
advisories | CVE-2019-10719
SHA-256 | 96fbb39239f6872a454f71d93276f23a8480b6faf27b47ebcec346971bcb727a
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close