1822 matches found
[ASA-201801-10] intel-ucode: access restriction bypass
Arch Linux Security Advisory ASA-201801-10 ========================================== Severity: High Date : 2018-01-10 CVE-ID : CVE-2017-5715 Package : intel-ucode Type : access restriction bypass Remote : No Link : https://security.archlinux.org/AVG-582 Summary ======= The package intel-ucode...
DSA-4082-1 linux - security update
Bulletin has no description...
Linux/x86 chmod 777 /etc/sudoers Shellcode (36 bytes)
/ Description ; Title : chmod 777 /etc/sudoers - Shellcode ; Author : Hashim Jawad ; Website : ihack4falafel.com ; Twitter : @ihack4falafel ; SLAE ID : SLAE-1115 ; Purpose : chmod /etc/sudoers permissions ; OS : Linux ; Arch : x86 ; Size : 36 bytes chmod.nasm global start section .text start: ;...
Scientific Linux Security Update : microcode_ctl on SL7.x x86_64 (20180103) (Spectre)
Security Fixes : - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be...
DLA-1200-1 linux - security update
Bulletin has no description...
[ASA-201712-4] vlc: arbitrary code execution
Arch Linux Security Advisory ASA-201712-4 ========================================= Severity: Critical Date : 2017-12-07 CVE-ID : CVE-2017-10699 CVE-2017-9300 Package : vlc Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-533 Summary ======= The package vlc...
[ASA-201711-17] postgresql: multiple issues
Arch Linux Security Advisory ASA-201711-17 ========================================== Severity: Medium Date : 2017-11-10 CVE-ID : CVE-2017-15098 CVE-2017-15099 Package : postgresql Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-485 Summary ======= The package...
[ASA-201711-5] zathura-pdf-mupdf: arbitrary code execution
Arch Linux Security Advisory ASA-201711-5 ========================================= Severity: High Date : 2017-11-01 CVE-ID : CVE-2017-14685 CVE-2017-14686 CVE-2017-14687 CVE-2017-15587 Package : zathura-pdf-mupdf Type : arbitrary code execution Remote : No Link :...
GLSA-201710-30 : X.Org Server: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201710-30 X.Org Server: Multiple vulnerabilities Multiple vulnerabilities have been discovered in X.Org Server. Please review the referenced CVE identifiers for details. Impact : A local attacker could cause a global buffer overfl...
llvm/clang-fuzzer: Stack-buffer-overflow in clang::Lexer::LexAngledStringLiteral
Project: https://github.com/llvm/llvm-project.git Detailed report: https://oss-fuzz.com/testcase?key=5625920451772416 Project: llvm Fuzzer: libFuzzerllvmclang-fuzzer Fuzz target binary: clang-fuzzer Job Type: libfuzzerasanllvm Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash...
[ASA-201710-14] wireshark-cli: denial of service
Arch Linux Security Advisory ASA-201710-14 ========================================== Severity: Medium Date : 2017-10-12 CVE-ID : CVE-2017-15189 CVE-2017-15190 CVE-2017-15191 CVE-2017-15192 CVE-2017-15193 Package : wireshark-cli Type : denial of service Remote : Yes Link :...
[ASA-201710-12] salt: multiple issues
Arch Linux Security Advisory ASA-201710-12 ========================================== Severity: Medium Date : 2017-10-09 CVE-ID : CVE-2017-14695 CVE-2017-14696 Package : salt Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-438 Summary ======= The package salt before...
Oracle Linux 6 : samba4 (ELSA-2017-2791)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2791 advisory. 4.2.10-11 - resolves: 1491212 - CVE-2017-12150 CVE-2017-12163 Tenable has extracted the preceding description block directly from the Oracle Linux...
UPDATE: Kali Linux 2017.2 Release
PenTestIT RSS Feed About five months ago, I wrote about Kali Linux 2017.1. We now have an update - Kali Linux 2017.2, which is a roll-up of all updates since the last release. In addition to all of the standard security and package updates that are submitted via Debian Testing, this release also...
CVE-2015-5186
Audit before 2.4.4 in Linux does not sanitize escape characters in filenames...
[ASA-201708-10] libytnef: arbitrary code execution
Arch Linux Security Advisory ASA-201708-10 ========================================== Severity: High Date : 2017-08-14 CVE-ID : CVE-2017-9058 Package : libytnef Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-275 Summary ======= The package libytnef before...
CVE-2006-3635
The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service stack consumption and system crash via a crafted application that leverages the mishandling of invalid Register Stack Engine RSE state...
[ASA-201707-8] tor: session hijacking
Arch Linux Security Advisory ASA-201707-8 ========================================= Severity: Medium Date : 2017-07-11 CVE-ID : CVE-2017-0377 Package : tor Type : session hijacking Remote : Yes Link : https://security.archlinux.org/AVG-336 Summary ======= The package tor before version 0.3.0.9-1 ...
[ASA-201706-19] firefox: multiple issues
Arch Linux Security Advisory ASA-201706-19 ========================================== Severity: Critical Date : 2017-06-16 CVE-ID : CVE-2017-5470 CVE-2017-5471 CVE-2017-5472 CVE-2017-7749 CVE-2017-7750 CVE-2017-7751 CVE-2017-7752 CVE-2017-7754 CVE-2017-7756 CVE-2017-7757 CVE-2017-7758 CVE-2017-77...
Linux is secure…right?
“There are no threats for Linux servers. Aren’t they built to be secure?” “Linux servers are secure and hardened, why do we need additional security controls on those?” “I do understand there are threats out there but I am not aware of any major attacks on Linux servers” If you find yourself...