exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-01-22

Ubuntu Security Notice USN-3537-1
Posted Jan 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3537-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.59 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.21. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-2562, CVE-2018-2565, CVE-2018-2573, CVE-2018-2576, CVE-2018-2583, CVE-2018-2586, CVE-2018-2590, CVE-2018-2600, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2646, CVE-2018-2647, CVE-2018-2665, CVE-2018-2667, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703
SHA-256 | f06c3188f3f4cb50d15c064298500314a1a0cae930a692b0592e1800d4052cc2
Ubuntu Security Notice USN-3531-2
Posted Jan 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3531-2 - USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides the microcode updates required for the corresponding Linux kernel updates. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715
SHA-256 | fba819b5f92640ef5b053c71d4d7ca5a931da55a8cf0cabbb754854f18734e14
Red Hat Security Advisory 2018-0108-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0108-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
SHA-256 | 771a9efa8fa8f3141dbc34c6b791e537854d0adeb4826112ae3345e34a05918a
Red Hat Security Advisory 2018-0104-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0104-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
SHA-256 | 23e4eb85adf22ae638f041d69f34b8ae5d01c7943467ebc94c5cf0c8afdcd354
Red Hat Security Advisory 2018-0109-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0109-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
SHA-256 | 4f40722f3569a88276d4c88cecc1c778fbbaf7c5421fac22717c2388f9659e7e
Red Hat Security Advisory 2018-0110-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0110-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
SHA-256 | 661103e6b7ba601d02e9dfc69a7b8784e8215a3ef6ec95afc05371b955f18e91
Red Hat Security Advisory 2018-0111-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0111-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
SHA-256 | d437624fa7ccdb619f968f9303672a69db835a3db4ce6ef500034e74bc653adf
Red Hat Security Advisory 2018-0112-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0112-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
SHA-256 | b0e11e3ce3062c5d96bd32dc4c8ce3eff84aecc527d6989d43c67301ef4e8d04
Red Hat Security Advisory 2018-0103-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0103-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
SHA-256 | c16f0fde94f2617365307ee6256aa71fba0a999718a6a4c5ae723fe6a33dfe0b
Red Hat Security Advisory 2018-0105-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0105-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
SHA-256 | 123ed77d7ae54b4df02e144eb969fe51e544c1dbd19c304eedf4f6a358e6c61b
Red Hat Security Advisory 2018-0107-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0107-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
SHA-256 | 18b3e3b017b4fbd82b463c819fd12cb2f5ddd3e5a8e28cbde288c57bacad4b3d
Red Hat Security Advisory 2018-0106-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0106-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
SHA-256 | 92d26d61560735d40dea0ffaef3c0427fb9b2c16b380360d1cbc9f508056e414
Red Hat Security Advisory 2018-0102-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0102-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3145
SHA-256 | 42467302e983da033be8f6a3260ca149adaf6a9d3514fe080d1a6022c64446b9
Red Hat Security Advisory 2018-0101-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0101-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3145
SHA-256 | 41a4a97a732661a75d9fdaf74edd3dd40714d6b040171fe8fc8abd3e9769405a
Debian Security Advisory 4093-1
Posted Jan 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4093-1 - Josef Gajdusek discovered that OpenOCD, a JTAG debugger for ARM and MIPS, was vulnerable to Cross Protocol Scripting attacks. An attacker could craft a HTML page that, when visited by a victim running OpenOCD, could execute arbitrary commands on the victims host.

tags | advisory, arbitrary, protocol
systems | linux, debian
advisories | CVE-2018-5704
SHA-256 | 777db35532db3a19ea95735a3d759ff726c656fed384a35e50a1dc283d2e50bd
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close