CentOS Update for polkit CESA-2019:0230 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Goca Scanner - FOCA fork written in Go

Goca is a FOCA fork written in Go, which is a tool used mainly to find metadata and hidden information in the documents its scans. These documents may be on web pages, and can be downloaded and analyzed with Goca. It is capable of analyzing a wide variety of documents, with the most common being...

Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3903-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3903-2 advisory. USN-3903-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement H...

Ubuntu: Security Advisory (USN-3903-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3903-2 linux-hwe, linux-azure vulnerabilities

USN-3903-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds...

USN-3903-1: Linux kernel vulnerabilities

Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service host system crash or possibly execute arbitrary code in the host kernel. CVE-2018-16880 Jann Horn...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3901-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3901-1 advisory. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could us...

USN-3901-2: Linux kernel (HWE) vulnerabilities

USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not...

USN-3901-2 linux-hwe, linux-aws-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities

USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not...

USN-3901-1 linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle, linux-raspi2 vulnerabilities

Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. CVE-2018-18397 It was discovered that the crypto subsystem of the Linux kernel leaked uninitialized memory to...

Hackers Favorite CoinHive Cryptocurrency Mining Service Shutting Down

Coinhive, a notorious in-browser cryptocurrency mining service popular among cybercriminals, has announced that it will discontinue its services on March 8, 2019. Regular readers of The Hacker News already know how Coinhive's service helped cyber criminals earn hundreds of thousands of dollars by...

RHEL 6 : polkit (RHSA-2019:0420)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0420 advisory. The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privilege...

Scientific Linux Security Update : polkit on SL6.x i386/x86_64 (20190226)

Security Fixes : - polkit: Temporary auth hijacking via PID reuse and non-atomic fork CVE-2019-6133 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid122468; scriptversion"1.6";...

Important: Red Hat Security Advisory: polkit security update

An update for polkit is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

polkit security update

0.96-11.el610.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz1667310...

AirDrop 2.0 - Denial of Service Exploit

include include include include include include include include include include include // // Author: Marcelo Vázquez aka s4vitar // AirDrop 2.0 Remote Denial of Service DoS // // Exploit Title: AirDrop 2.0 Remote Denial of Service DoS // Date: 2019-02-21 // Exploit Author: Marcelo Vázquez aka...

GHSA-W364-8VFV-GVF5 Downloads Resources over HTTP in phantomjs-cheniu

Affected versions of phantomjs-cheniu insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on t...

polkit security update

0.112-18.0.1 - Increase timeout to avoid defunct processes bug26930744 0.112-18.el76.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz1667311...

Important: Red Hat Security Advisory: polkit security update

An update for polkit is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Security Bulletin: IBM API Connect is affected by multiple GSKit and OpenSSL vulnerabilities

Summary IBM API Connect has addressed multiple vulnerabilities in GSKit and OpenSSL. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error when parsing DSA private keys. An attacker could exploit this vulnerability to...