1293 matches found
UBUNTU-CVE-2017-18265
Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...
CVE-2017-18265
Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...
UPDATE: P4wnP1 v0.1.0-alpha1
PenTestIT RSS Feed P4wnP1 update time guys and this time it is the P4wnP1 v0.1.0-alpha1, the first pre-built image! It has almost been a year since I last posted about this Raspberry Pi based, customizable USB attack platform and yet, what an update! Read on! What is P4wnP1? P4wnP1 is a highly...
[SECURITY] [DSA 4184-1] sdl-image1.2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4184-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2018 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4178-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4173-1 : r-cran-readxl - security update
Marcin Noga discovered multiple vulnerabilities in readxl, a GNU R package to read Excel files via the integrated libxls library, which could result in the execution of arbitrary code if a malformed spreadsheet is processed. C Tenable Network Security, Inc. The descriptive text and package checks...
[SECURITY] [DSA 4173-1] r-cran-readxl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4173-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 16, 2018 https://www.debian.org/security/faq -...
Debian DSA-4171-1 : ruby-loofah - security update
The Shopify Application Security Team reported that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, allows non-whitelisted attributes to be present in sanitized output when input with specially crafted HTML fragments. This might allow to mount a...
Debian DSA-4170-1 : pjproject - security update
Multiple vulnerabilities have been discovered in the PJSIP/PJProject multimedia communication which may result in denial of service during the processing of SIP and SDP messages and ioqueue keys. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...
Debian DSA-4163-1 : beep - security update
It was discovered that a race condition in beep if configured as setuid via debconf allows local privilege escalation. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4163. The text itself is copyright C...
Debian DSA-4162-1 : irssi - security update
Multiple vulnerabilities have been discovered in Irssi, a terminal-based IRC client which can result in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4162. The text itself is copyright C...
Debian DSA-4160-1 : libevt - security update
It was discovered that insufficient input sanitising in libevt, a library to access the Windows Event Log EVT format, could result in denial of service if a malformed EVT file is processed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Debian DSA-4159-1 : remctl - security update
Santosh Ananthakrishnan discovered a use-after-free in remctl, a server for Kerberos-authenticated command execution. If the command is configured with the sudo option, this could potentially result in the execution of arbitrary code. The oldstable distribution jessie is not affected. C Tenable...
Debian: Security Advisory (DSA-4162-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-4153-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Distributed Network Vulnerability Scanner: Prowler
Prowler is a Network Vulnerability Scanner implemented on a Raspberry Pi Cluster, first developed during Singapore Infosec Community Hackathon – HackSmith v1.0. Capabilities Scan a network a particular subnet or a list of IP addresses for all IP addresses associated with active network devices...
Debian DSA-4146-1 : plexus-utils - security update
Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands. C Tenable Network Security, Inc. The descriptive text and package checks in this...
Debian DSA-4143-1 : firefox-esr - security update
Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds memory write when playing Vorbis media files could result in the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
[SECURITY] [DSA 4143-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4143-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4142-1] uwsgi security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4142-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 17, 2018 https://www.debian.org/security/faq -...