what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files Date: 2017-01-11

Ubuntu Security Notice USN-3168-2
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3168-2 - USN-3168-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9756, CVE-2016-9793, CVE-2016-9794, CVE-2016-9806
SHA-256 | 9012cf3de066704f3448524d520c803cb2d915bc3249eb551d28620e06df1168
Ubuntu Security Notice USN-3167-1
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3167-1 - Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9756, CVE-2016-9794
SHA-256 | 922ea0d9162703a020810b8d5d1a488748c45604a87976262aa7430a6ec25b49
Red Hat Security Advisory 2017-0057-01
Posted Jan 11, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0057-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 24.0.0.194. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935, CVE-2017-2936, CVE-2017-2937, CVE-2017-2938
SHA-256 | b59e5c9b740f43004b209aae61f98433e3eaaa0ea3be5b2d1729d0cf4892c31d
Ubuntu Security Notice USN-3171-1
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3171-1 - Josef Gajdusek discovered that the LibVNCServer client library incorrectly handled certain FrameBufferUpdate messages. If a user were tricked into connecting to a malicious server, an attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9941, CVE-2016-9942
SHA-256 | 8b1ac71d61ad7fcfdc77e67ed5cbdb743bca75ab32f33e96d0bf0214b29cb7d5
Debian Security Advisory 3757-1
Posted Jan 11, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3757-1 - Multiple security issues have been found in Icedove, Debian's version of to the execution of arbitrary code, data leakage or bypass of the content security policy.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-9893, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899, CVE-2016-9900, CVE-2016-9904, CVE-2016-9905
SHA-256 | 0a02d9d8783bc95b8d2aa6e9b7e1928fedda468aa86f0fc8a031b59bc1658458
Red Hat Security Advisory 2017-0059-01
Posted Jan 11, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0059-01 - Red Hat Mobile Application Platform 4.2 is delivered as a set of Docker-formatted container images.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-8704, CVE-2016-8705
SHA-256 | bb684df8490f47dc33961edff6ba9ca17ae8b59c8a033e3ed2fa6bee68e303a6
Gentoo Linux Security Advisory 201701-32
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-32 - Multiple vulnerabilities have been found in phpMyAdmin, the worst of which could lead to arbitrary code execution. Versions less than 4.6.5.1 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2016-4412, CVE-2016-5097, CVE-2016-5098, CVE-2016-5099, CVE-2016-5701, CVE-2016-5702, CVE-2016-5703, CVE-2016-5704, CVE-2016-5705, CVE-2016-5706, CVE-2016-5730, CVE-2016-5731, CVE-2016-5732, CVE-2016-5733, CVE-2016-5734, CVE-2016-5739, CVE-2016-6606, CVE-2016-6607, CVE-2016-6608, CVE-2016-6609, CVE-2016-6610, CVE-2016-6611, CVE-2016-6612, CVE-2016-6613, CVE-2016-6614, CVE-2016-6615, CVE-2016-6616, CVE-2016-6617
SHA-256 | a3b7f6542c7661b4aaff9bd605cec15ffc932e03279fbf8e645a0b1dbc7d1f03
Gentoo Linux Security Advisory 201701-31
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-31 - Flex might generate code with a buffer overflow making applications using such scanners vulnerable to the execution of arbitrary code. Versions less than 2.6.1 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2016-6354
SHA-256 | ff160f2e3a912905e967468a8d00f3612073fe60bb3582e0ccb73710ff1d9566
Gentoo Linux Security Advisory 201701-29
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-29 - A vulnerability has been found in Vim and gVim concerning how certain modeline options are treated. Versions less than 8.0.0106 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-1248
SHA-256 | d8d6b74e6f707f724af9b04c7f14183c8bfe3e04379bb2adeb665e9b6a44719f
Gentoo Linux Security Advisory 201701-30
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-30 - A vulnerability in vzctl might allow attackers to gain control over ploop containers. Versions less than 4.9.4 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2015-6927
SHA-256 | c349c59a0e9b4638c8507738a088629ad19e5b142e9df3e1f9f2ed74cde161e9
Gentoo Linux Security Advisory 201701-28
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-28 - A heap-based buffer overflow in c-ares might allow remote attackers to cause a Denial of Service condition. Versions less than 1.12.0 are affected.

tags | advisory, remote, denial of service, overflow
systems | linux, gentoo
advisories | CVE-2016-5180
SHA-256 | e22bebe9e1d6baa04d82a2600394e4cbe1397e8dac861aa025be79441cf640be
FreeBSD Security Advisory - FreeBSD-SA-17:01.openssh
Posted Jan 11, 2017
Site security.freebsd.org

FreeBSD Security Advisory - The ssh-agent(1) agent supports loading a PKCS#11 module from outside a trusted whitelist. An attacker can request loading of a PKCS#11 module across forwarded agent-socket. When privilege separation is disabled, forwarded Unix domain sockets would be created by sshd(8) with the privileges of 'root' instead of the authenticated user. A remote attacker who have control of a forwarded agent-socket on a remote system and have the ability to write files on the system running ssh-agent(1) agent can run arbitrary code under the same user credential. Because the attacker must already have some control on both systems, it is relatively hard to exploit this vulnerability in a practical attack. When privilege separation is disabled (on FreeBSD, privilege separation is enabled by default and has to be explicitly disabled), an authenticated attacker can potentially gain root privileges on systems running OpenSSH server.

tags | advisory, remote, arbitrary, root
systems | unix, freebsd, bsd
advisories | CVE-2016-10009, CVE-2016-10010
SHA-256 | 4133c1c854c216326a44e20a387db0ea0e155db8534256aeaf099421a5c4ce6e
Gentoo Linux Security Advisory 201701-27
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-27 - Multiple vulnerabilities have been found in 7-Zip, the worst of which may allow execution of arbitrary code. Versions less than 16.02-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2334, CVE-2016-2335
SHA-256 | 78ddf9d28596f55aaf2f202d7385a1c93c89fb20c0fafd3eb31fb65c6e346649
Gentoo Linux Security Advisory 201701-26
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-26 - A vulnerability in BIND might allow remote attackers to cause a Denial of Service condition. Versions less than 9.10.4_p4 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2016-8864
SHA-256 | da713ca7bdfc8cf78c55794d73936703d200afa355b05196fb4ac36f78b2278e
Gentoo Linux Security Advisory 201701-25
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-25 - Multiple vulnerabilities have been found in phpBB, the worst of which may allow remote attackers to inject arbitrary web script or HTML. Versions less than 3.1.10 are affected.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-1431, CVE-2015-1432
SHA-256 | bc60ad35a1039339ab8e490256a863e03eb2eb9cc5d6fef54602dea3ff1ac197
Gentoo Linux Security Advisory 201701-24
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-24 - Multiple vulnerabilities have been found in PgBouncer, the worst of which may allow an attacker to bypass authentication. Versions less than 1.7.2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2015-4054, CVE-2015-6817
SHA-256 | 205a3f3a6f941e5b160820c28e292f73cc049bea65f44670d9915cec0db72bd2
Gentoo Linux Security Advisory 201701-23
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-23 - Multiple vulnerabilities have been found in Botan, the worst of which might allow remote attackers to obtain ECDSA secret keys. Versions less than 1.10.13 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2849, CVE-2016-2850
SHA-256 | 0685afa3348f1d804a7ff3c64ec1228bf79083a2e51a8100aae7b344d491b5b3
Gentoo Linux Security Advisory 201701-22
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-22 - Gentoo's NGINX ebuilds are vulnerable to privilege escalation due to the way log files are handled. Versions less than 1.10.2-r3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-1247
SHA-256 | d5737c96d2fd4eb019f4603f8785e51a870d534eae95402c0859a4059ad57ad8
Gentoo Linux Security Advisory 201701-21
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-21 - Multiple vulnerabilities have been found in Expat, the worst of which may allow execution of arbitrary code. Versions less than 2.2.0-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6702, CVE-2013-0340, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300
SHA-256 | 73f628f33cf75bb2a7b04cf0934d009261b4c570e6e337d0bca9e29b8d571fd1
Gentoo Linux Security Advisory 201701-20
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-20 - A vulnerability has been found in D-Bus possibly resulting in a local Denial of Service. Versions less than 1.10.12 are affected.

tags | advisory, denial of service, local
systems | linux, gentoo
SHA-256 | 0fa9402072fc2359792b48f00cbed0d8b6c9138549e2b174f6a6bede984b9d63
Gentoo Linux Security Advisory 201701-19
Posted Jan 11, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-19 - A vulnerability in NTFS-3G allows local users to gain root privileges. Versions less than 2016.2.22 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2015-3202
SHA-256 | f3c6aa3fc3e690bfaa44082fdac97fdadda40fdd845217538ea91e0ec446021a
Ubuntu Security Notice USN-3170-2
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3170-2 - Andrey Konovalov discovered that the ipv6 icmp implementation in the Linux kernel did not properly check data structures on send. A remote attacker could use this to cause a denial of service. Andrey Konovalov discovered that signed integer overflows existed in the setsockopt system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9793, CVE-2016-9919
SHA-256 | 5786a48bfee937cace3b7751bb9c0eb7fbf315f58862c75f47d84d7b98c0176a
Ubuntu Security Notice USN-3170-1
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3170-1 - Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Andrey Konovalov discovered that signed integer overflows existed in the setsockopt system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9756, CVE-2016-9793
SHA-256 | 8b5deb1e0f7e97d4868b245412489de596a91259b71ec62afa0324b5a3cfb218
Ubuntu Security Notice USN-3169-4
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3169-4 - Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Andrey Konovalov discovered that signed integer overflows existed in the setsockopt system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9793, CVE-2016-9794
SHA-256 | 2a5b1accc9fa7ee63cafa4ed9b4df84e0ac64f121f269ac3933f510b64ce879b
Ubuntu Security Notice USN-3169-2
Posted Jan 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3169-2 - USN-3169-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9756, CVE-2016-9793, CVE-2016-9794
SHA-256 | eec4c4078812efef1c4d5f58451bc04fdbbba03ff36f6b8f1101a3d55a08e61d
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close