Red Hat Security Advisory 2018-0163-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
a6e11ed9d4913e9150c8da2d50076159e1f98a5154ca0784bfc126071a919818
Red Hat Security Advisory 2018-0152-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the ->update key type method must be aware that the error code may be there.
542736e72201d4bc7e182580bb87093a38137b908e16f04ca6ce6bcd452b2b14
Red Hat Security Advisory 2018-0169-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function. The IPv6 fragmentation implementation in the Linux kernel does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted socket and send system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.
de0f21229493fa8c3509fee125cf89eb50cdc8abe4cae7e257c91283219f65ba
Red Hat Security Advisory 2018-0151-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.
951c945f80af6950640a6bef9c9251681ffd34b852d4e73d0955c9dff67c1f96
Red Hat Security Advisory 2018-0180-01 - The kernel-alt packages provide the Linux kernel version 4.x. Security Fix: A flaw was found in the patches used to fix the 'dirtycow' vulnerability. An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages.
233810c06b93bbf7b503f9a1b89faa8ba799aa55bc7d57943caa0557836575e2
Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
01398895828d54da7553fa2d879d56070ae60279ad62771f069aa0f67f9f9f3b
Debian Linux Security Advisory 4096-1 - Several security issues have been found in the Mozilla Firefox web overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or URL spoofing.
c1f63e6de45047f581a479e0209cd70acde8c042c8d2b68b51d7e37c3e98e57e
Debian Linux Security Advisory 4095-1 - It was discovered that gcab, a Microsoft Cabinet file manipulation tool, is prone to a stack-based buffer overflow vulnerability when extracting .cab files. An attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running gcab, if a specially crafted .cab file is processed.
dfa532932e13a776dca5af3f55fc32e49f8dea989a0190702c95a8b7cfce1984
Ubuntu Security Notice 3547-1 - It was discovered that Libtasn1 incorrectly handled certain files. If a user were tricked into opening a crafted file, an attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that Libtasn1 incorrectly handled certain inputs. An attacker could possibly use this to cause Libtasn1 to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. Various other issues were also addressed.
b8b55d5fe0460d704eec560259d856c521a8613ce7b5db969f1dd85029f8c45c
Red Hat Security Advisory 2018-0223-01 - Nautilus is the file manager and graphical shell for the GNOME desktop. Security Fix: An untrusted .desktop file with executable permission set could choose its displayed name and icon, and execute commands without warning when opened by the user. An attacker could use this flaw to trick a user into opening a .desktop file disguised as a document, such as a PDF, and execute arbitrary commands. Note: This update will change the behavior of Nautilus. Nautilus will now prompt the user for confirmation when executing an untrusted .desktop file for the first time, and then add it to the trusted file list. Desktop files stored in the system directory, as specified by the XDG_DATA_DIRS environment variable, are always considered trusted and executed without prompt.
711d572be4e6502a88c9e3ecdba7b30faf259488211721ff7c708ff3a15c3f0a
Ubuntu Security Notice 3537-2 - USN-3537-1 fixed vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.59 in Ubuntu 12.04 ESM LTS. Various other issues were also addressed.
2452db9243a4c637495a9110873de8884ebf886389b90a95485fffe52c8930de
Red Hat Security Advisory 2018-0182-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty.
689f1e405ccd177dc6b2d2bf407f6a84cf455f81eaf2e76af71775fb4805a36e
Red Hat Security Advisory 2018-0181-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the ->update key type method must be aware that the error code may be there.
62bb574d93f6cb7c0c62bc711bda68bededd1ebc9208a76862e6ca07a8f6a316
Red Hat Security Advisory 2018-0158-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix: It was found that the DHCP daemon did not properly clean up closed OMAPI connections in certain cases. A remote attacker able to connect to the OMAPI port could use this flaw to exhaust file descriptors in the DHCP daemon, leading to a denial of service in the OMAPI functionality.
5bb44fc9821156a3e833354f9d40b72238ea8bdc191f608c85305e66ec1e2895
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. This framework comes into play when the attacker is able to make traffic redirection, and such thing can be done in several ways such as: DNS tampering, DNS Cache Poisoning, ARP spoofing Wi-Fi Access Point impersonation, DHCP hijacking with your favorite tools. This way you can easy take control of a fully patched machine during a penetration test in a clean and easy way. The main idea behind the is to show the amount of trivial errors in the update process of mainstream applications.
65840e21a7f5c2c62e2af87b28b2a713d89ede977aa9c5a82fb264b03fb06357
Apple Security Advisory 2018-1-23-7 - iCloud for Windows 7.3 is now available and addresses code execution vulnerabilities.
fa17e2b28db7a391f0c17716f5d2c00ab18f9e5891f4b26af8cf204f6e3cc38d
Apple Security Advisory 2018-1-23-6 - iTunes 12.7.3 for Windows is now available and addresses code execution vulnerabilities.
b4badee013f6d3705c07f9aa5e6008edb4feaf3aa436e7a32916b4766b1b5b8b
Apple Security Advisory 2018-1-23-5 - Safari 11.0.3 is now available and addresses code execution vulnerabilities.
b007cdeae5c8e33c8e0a20ed78b4117d7be220909f05c24c154ac614d64b1ca8
Apple Security Advisory 2018-1-23-4 - tvOS 11.2.5 is now available and addresses code execution vulnerabilities.
15c3ac6fa0691346ea6a4d7aec830ed4b4c5b4b3e82014e0e3b7c2f6ab24e3de
Apple Security Advisory 2018-1-23-3 - watchOS 4.2.2 is now available and addresses code execution and denial of service vulnerabilities.
23c55e61247045eb3349f8564f5bc621d323993a7f0d10d626d9a0eec61f5d6c
Ubuntu Security Notice 3544-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP credentials for another origin, spoof the addressbar contents, or execute arbitrary code. Various other issues were also addressed.
1bfc8251fd8bca1c6b0192223c509c085c58a80369729d817f85dbbbe0cc9c96
Ubuntu Security Notice 3546-1 - Richard Hughes discovered that gcab incorrectly handled certain malformed cabinet files. If a user or automated system were tricked into opening a specially crafted cabinet file, a remote attacker could use this issue to cause gcab to crash, resulting in a denial of service, or possibly execute arbitrary code.
90e1f46c4504300c777f3906f50d5fed96efa57806ead16f085f722fcc29d945