US-CERT Warns of ASLR Implementation Flaw In Windows

The U.S. Computer Emergency Readiness Team is warning of a vulnerability in Microsoft’s implementation of Address Space Layout Randomization that affects Windows 8, Windows 8.1 and Windows 10. The vulnerability could allow a remote attacker to take control of an affected system. Microsoft said it...

expat: hash table collisions CPU usage DoS

A denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially crafted XML file that triggers multiple hash function collisions. To mitigate this...

The vulnerability of the `load_elf_binary` function in the Linux operating system’s kernel allows a hacker to execute arbitrary code.

The vulnerability of the loadelfbinary function in the Linux operating system’s kernel arises from the improper allocation of the address range for the binary file PIE. This occurs when the CONFIGARCHBINFMTELFRANDOMIZEPIE configuration option is enabled, and the usual strategy for allocating...

GHSA-4C4W-3Q45-HP9J Aescrypt does not sufficiently use random values

The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms via a chosen plaintext attack...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2017-30125)

Microsoft Windows Server 2012 R2 and others are operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. An information disclosure vulnerability exists in the kernel in Microsoft Windows. A local attacker can exploit this vulnerability to retrieve...

DEBIAN-CVE-2017-1000253

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 backported to Linux 3.10.7...

UBUNTU-CVE-2017-14954

The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call...

Tails 3.2 - Live System to Preserve Your Privacy and Anonymity

Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used fr...

Microsoft Windows kernel information disclosure vulnerability (CNVD-2017-32963)

Microsoft Windows Server 2008 SP2 is a series of operating systems released by Microsoft. kernel component is one of the kernel components. An information disclosure vulnerability exists in the kernel component of Microsoft Windows, which arises from a program's failure to properly initialize...

KB4038783: Windows 10 Version 1511 September 2017 Cumulative Update

The remote Windows host is missing security update 4038783. It is, therefore, affected by multiple vulnerabilities : - A race condition that could lead to a remote code execution vulnerability exists in NetBT Session Services when NetBT fails to maintain certain sequencing requirements...

Windows Server 2012 September 2017 Security Updates

The remote Windows host is missing security update 4038786 or cumulative update 4038799. It is, therefore, affected by multiple vulnerabilities : - A race condition that could lead to a remote code execution vulnerability exists in NetBT Session Services when NetBT fails to maintain certain...

DEBIAN-CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

Linux Kernel 'drivers/acpi/acpica/nseval.c' Local Information Disclosure Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local information disclosure vulnerability exists in the 'acpinsevaluate' function in the drivers/acpi/acpica/nseval.c file in Linux kernel versions 4.12.9 and earlier, whic...

UBUNTU-CVE-2017-13694

The acpipscompletefinalop function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and nodeext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism ...

UBUNTU-CVE-2017-13693

The acpidscreateoperands function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kerne...

DEBIAN-CVE-2017-13693

The acpidscreateoperands function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kerne...

PT-2017-13022

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.12.10 Linux kernel versions prior to 4.9 for KASLR protection mechanism bypass Description The issue allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechani...

UBUNTU-CVE-2017-13695

The acpinsevaluate function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kernel throu...

Man-in-the-middle Router

Turn any linux computer into a public Wi-Fi network that silently mitms all http traffic. Runs inside a Docker container using hostapd , dnsmasq , and mitmproxy to create a open honeypot wireless network named “Public”. For added fun, change the network name to “xfinitywifi” to autoconnect anyone...

Microsoft Edge Information Disclosure Vulnerability

An information disclosure vulnerability for Microsoft Edge exists as a result of how strings are validated in specific scenarios, which can allow an attacker to read sensitive data from memory and thereby potentially bypass Address Space Layout Randomization ASLR. By itself, this vulnerability do...