7768 matches found
Debian: Security Advisory (DSA-3918-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
IPFire proxy.cgi Remote Code Execution Exploit
IPFire, a free linux based open source firewall distribution, version prior to 2.19 Update Core 110 contains a remote command execution vulnerability in the ids.cgi page in the OINKCODE field. This module requires Metasploit: http://metasploit.com/download Current source:...
[SECURITY] [DSA 3916-1] atril security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3916-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 21, 2017 https://www.debian.org/security/faq -...
Threat Outbreak Alert RuleID29919: Email Messages Distributing Malicious Software on July 21, 2017
Medium Alert ID: 54551 First Published: 2017 July 21 13:21 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29919 may contain the following files: Name | Siz...
Threat Outbreak Alert RuleID29916: Email Messages Distributing Malicious Software on July 21, 2017
Medium Alert ID: 54550 First Published: 2017 July 21 13:21 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29916 may contain the following files: Name | Siz...
Design/Logic Flaw
Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service memory consumption via the manifest endpoint...
CVE-2017-11468
Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service memory consumption via the manifest endpoint...
CVE-2017-11468
Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service memory consumption via the manifest endpoint...
CVE-2017-11468
CVE-2017-11468 affects Docker Registry (Docker Distribution) prior to 2.6.2. The issue arises from not restricting the amount of content accepted from a user via the manifest endpoint, enabling a remote attacker to cause memory exhaustion and a denial of service. MiracleLinux advisory corroborate...
CVE-2017-11468
Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service memory consumption via the manifest endpoint...
Terror EK actor experiments with URL shortener fraud
Terror EK is an exploit kit made from a mishmash of stolen code and with very limited distribution. In the past few months, we have seen a few minor updates to its code base which remains largely simplistic in comparison to professional-grade exploit kits of the past such as Angler EK, or...
Threat Outbreak Alert RuleID29818: Email Messages Distributing Malicious Software on July 17, 2017
Medium Alert ID: 54501 First Published: 2017 July 17 20:49 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29818 may contain the following files: Name | Siz...
AttifyOS: IoT Devices Testing Distribution!
PenTestIT RSS Feed Distributions such as Kali Linux make it easier for us to carry out our penetration tests, vulnerability assessments, digital forensics gigs and wireless assessments. However, there are very few tools on such distributions that help you test the security of Internet of Things I...
Debian DSA-3909-1 : samba - security update (Orpheus' Lyre)
Jeffrey Altman, Viktor Duchovni and Nico Williams identified a mutual authentication bypass vulnerability in samba, the SMB/CIFS file, print, and login server. Also known as Orpheus' Lyre, this vulnerability is located in Samba Kerberos Key Distribution Center KDC-REP component and could be used ...
Samba 4.4.x < 4.4.15 / 4.5.x < 4.5.12 / 4.6.x < 4.6.6 KDC-REP Service Name Validation (Orpheus' Lyre)
The version of Samba running on the remote host is 4.4.x prior to 4.4.15, 4.5.x prior to 4.5.12, or 4.6.x prior to 4.6.6. It is, therefore, affected by a logic flaw in the Heimdal implementation of Kerberos, specifically within the krb5extractticket function within lib/krb5/ticket.c, due to the...
[SECURITY] [DSA 3912-1] heimdal security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3912-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 16, 2017 https://www.debian.org/security/faq -...
The vulnerability of Xen hypervisors allows a malicious actor to gain privileged access to the host.
The vulnerability of Xen hypervisors is related to insufficient checking of memory distribution during P2M operations. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain privileged access to the host from the guest operating system...
Threat Outbreak Alert RuleID29796: Email Messages Distributing Malicious Software on July 13, 2017
Medium Alert ID: 54481 First Published: 2017 July 13 19:48 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29796 may contain the following files: Name | Siz...
Threat Outbreak Alert RuleID29821: Email Messages Distributing Malicious Software on July 13, 2017
Medium Alert ID: 54489 First Published: 2017 July 13 18:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29821 may contain the following files: Name | Siz...
Threat Outbreak Alert RuleID29542: Email Messages Distributing Malicious Software on July 13, 2017
Medium Alert ID: 54487 First Published: 2017 July 13 16:52 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29542 may contain the following files: Name | Siz...