1293 matches found
[SECURITY] [DSA 4449-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4449-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 22, 2019 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4444-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4447-1 : intel-microcode - security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities. To fully resolve these vulnerabilities it is also necessary to update the Linux kernel packages as released in DSA 4444. C Tenable Network...
Debian DSA-4444-1 : linux - security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures buffers. This flaw could allow an attacker controlling an unprivileged process to read sensitive...
[SECURITY] [DSA 4444-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4444-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 14, 2019 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4442-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4442-1 : ghostscript - security update
A vulnerability was discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed despite the -dSAFER sandbox being enabled. C Tenable Network Security, Inc. The descriptive text...
GitLab: Privilege escalation due to insecure use of logrotate
Summary Gitlab sets the ownership of the logdirectory to the system-user "git", which might let local users obtain root access because of unsafe interaction with logrotate. Steps to reproduce Please note that the exploit is just a proof-of-concept. In order to win the race reliably the following...
MiniFtp - parseconf_load_setting Buffer Overflow
MiniFtp - parseconfloadsetting Buffer Overflow Exploit Title: MiniFtp parseconfloadsetting local-bufferoverflow 318 bytes Google Dork: None Date: 11.04.2019 Exploit Author: strider Vendor Homepage: https://github.com/skyqinsc/MiniFtp Software Link: https://github.com/skyqinsc/MiniFtp Tested on:...
Debian DSA-4438-1 : atftp - security update
Denis Andzakovic discovered two vulnerabilities in atftp, the advanced TFTP server which could result in denial of service by sending malformed packets. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4438. T...
[SECURITY] [DSA 4438-1] atftp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4438-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 07, 2019 https://www.debian.org/security/faq -...
Debian DSA-4437-1 : gst-plugins-base1.0 - security update
It was discovered that a buffer overflow in the RTSP parser of the GStreamer media framework may result in the execution of arbitrary code if a malformed RTSP stream is opened. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
Debian DSA-4436-1 : imagemagick - security update
This update fixes two vulnerabilities in Imagemagick: Memory handling problems and missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed TIFF or Postscript files are processed. C Tenable Network Security, Inc. The...
[SECURITY] [DSA 4434-1] drupal7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4434-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 20, 2019 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4433-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux/x86 - Cat File Encode to base64 and post via curl to Webserver Shellcode (125 bytes)
Exploit Title: Linux/x86 cat file encode to base64 and post via curl to webserver 125 bytes Exploit Author: strider Vendor Homepage: None Software Link: None Tested on: Debian 9 Stretch i386/ Kali Linux i386 CVE : None Shellcode Length: 125...
[SECURITY] [DSA 4431-1] libssh2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4431-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2019 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4421-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4423-1 : putty - security update
Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could potentially be re-used. C Tenable Network Security, Inc. The descriptive text and package chec...
[SECURITY] [DSA 4422-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4422-1 [email protected] https://www.debian.org/security/ Stefan Fritsch April 03, 2019 https://www.debian.org/security/faq -...