SUSE CVE-2009-1358

apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories...

Security Bulletin: The Ubuntu ca-certificates have been updated in Watson Machine Learning Community Edition containers due to expiration.

Summary Ubuntu ca-certficates expire occasionally and need to be updated. The Ubuntu based containers for Watson Machine Learning Community Edition have been updated to recent ca-certificates. Vulnerability Details Third Party Entry: 192370 DESCRIPTION: ca-certificates package for Ubuntu spoofing...

APT Package Manager Persistence

This module will run a payload when the package manager is used. No handler is ran automatically so you must configure an appropriate exploit/multi/handler to connect. This module creates a pre-invoke hook for APT in apt.conf.d. The hook name syntax is numeric followed by text. This module requir...

Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems

Just in time… Some cybersecurity experts this week arguing over Twitter in favor of not using HTTPS and suggesting software developers to only rely on signature-based package verification, just because APT on Linux also does the same. Ironically, a security researcher just today revealed details ...

[SECURITY] [DLA 1637-1] apt security update

Package : apt Version : 1.0.9.8.5 CVE ID : CVE-2019-3462 Debian Bug : Max Justicz discovered a vulnerability in APT, the high level package manager. The code handling HTTP redirects in the HTTP transport method doesnt properly sanitize fields transmitted over the wire. This vulnerability could be...

Debian Security Advisory DSA 3901-1 (libgcrypt20 - security update)

Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal and Yuval Yarom discovered that Libgcrypt is prone to a local side-channel attack allowing full key recovery for RSA-1024. See https://eprint.iacr.org/2017/627 for...

Debian Security Advisory DSA 3869-1 (tnef - security update)

It was discovered that tnef, a tool used to unpack MIME attachments of type OpenVAS Vulnerability Test $Id: deb3869.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3869-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2017 Greenbo...

Debian Security Advisory DSA 3831-1 (firefox-esr - security update)

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service. OpenVAS Vulnerability Test $Id:...

Debian Security Advisory DSA 3805-1 (firefox-esr - security update)

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, ASLR bypass, information disclosure or denial of service. OpenVAS Vulnerability Test $Id:...

Debian Security Advisory DSA 3752-1 (pcsc-lite - security update)

Peter Wu discovered that a use-after-free in the pscd PC/SC daemon of PCSC-Lite might result in denial of service or potentially privilege escalation. OpenVAS Vulnerability Test $Id: deb3752.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3752-1 using nvtgen 1.0 Script...

Debian Security Advisory DSA 3747-1 (exim4 - security update)

Bjoern Jacke discovered that Exim, Debian OpenVAS Vulnerability Test $Id: deb3747.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3747-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks GmbH...

Debian Security Advisory DSA 3741-1 (tor - security update)

It was discovered that Tor, a connection-based low-latency anonymous communication system, may read one byte past a buffer when parsing hidden service descriptors. This issue may enable a hostile hidden service to crash Tor clients depending on hardening options and malloc implementation. OpenVAS...

Debian Security Advisory DSA 3738-1 (tomcat7 - security update)

Multiple security vulnerabilities were discovered in the Tomcat servlet and JSP engine, as well as in its Debian-specific maintainer scripts. Those flaws allowed for privilege escalation, information disclosure, and remote code execution. As part of this update, several regressions stemming from...

Debian Security Advisory DSA 3739-1 (tomcat8 - security update)

Multiple security vulnerabilities were discovered in the Tomcat servlet and JSP engine, as well as in its Debian-specific maintainer scripts. Those flaws allowed for privilege escalation, information disclosure, and remote code execution. As part of this update, several regressions stemming from...

Debian Security Advisory DSA 3445-1 (pygments - security update)

Javantea discovered that pygments, a generic syntax highlighter, is prone to a shell injection vulnerability allowing a remote attacker to execute arbitrary code via shell metacharacters in a font name. OpenVAS Vulnerability Test $Id: deb3445.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generat...

Debian Security Advisory DSA 3243-1 (libxml-libxml-perl - security update)

Tilmann Haak from xing.com discovered that XML::LibXML, a Perl interface to the libxml2 library, did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending ...

Debian Security Advisory DSA 3214-1 (mailman - security update)

A path traversal vulnerability was discovered in Mailman, the mailing list manager. Installations using a transport script such as postfix-to-mailman.py to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully exploit this, an attacker need...

Debian Security Advisory DSA 3143-1 (virtualbox - security update)

Two vulnerabilities have been discovered in VirtualBox, a x86 virtualisation solution, which might result in denial of service. OpenVAS Vulnerability Test $Id: deb3143.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3143-1 using nvtgen 1.0 Script version: 1.0 Author:...

Debian Security Advisory DSA 3070-1 (kfreebsd-9 - security update)

Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or information disclosure. CVE-2014-3711 Denial of service through memory leak in sandboxed namei lookups. CVE-2014-3952 Kernel memory disclosure in sockbuf control messages. CVE-2014-3953 Kern...

Debian Security Advisory DSA 3062-1 (wget - security update)

HD Moore of Rapid7 discovered a symlink attack in Wget, a command-line utility to retrieve files via HTTP, HTTPS, and FTP. The vulnerability allows to create arbitrary files on the user OpenVAS Vulnerability Test $Id: deb3062.nasl 6637 2017-07-10 09:58:13Z teissa $ Auto-generated from advisory DS...