Red Hat Security Advisory 2018-2317-01 - XML-RPC is a way to make remote procedure calls over the Internet. It converts procedure calls into XML documents, sends them to a remote server using the HTTP protocol, and gets back the response as XML. Issues addressed include a deserialization vulnerability.
4b182f0ee4e38a0238be71d2bff436cea5bd439f2b2fceef5bde62164c2549c6Red Hat Security Advisory 2018-2328-01 - The rhvm-setup-plugins package adds functionality exclusive only to Red Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase and other support material. Issues addressed include a bypass vulnerability.
d572720438148dfc223df3559e05041f899254a9a093c2595d1a017982fc07dbRed Hat Security Advisory 2018-2308-01 - OpenSLP is an open source implementation of the Service Location Protocol which is an Internet Engineering Task Force standards track protocol and provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. Issues addressed include code execution and denial of service vulnerabilities.
4ab618c2c9809e5bb70481cfd19dc218ba1a79a76af901186b3bda6ca2fa22e7Red Hat Security Advisory 2018-2309-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
49f3158e3f3a45451a84470ad40d3bf12b06c0d67f3ee8f29f5323dfc48011e9Slackware Security Advisory - New lftp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
4d1a0e9f0ae15d343c808a0968276adeae6a3ce95b1692fd5138dd9f3780f520Debian Linux Security Advisory 4260-1 - Several vulnerabilities were discovered in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious CAB, CHM or KWAJ files and use these flaws to cause a denial of service via application crash, or potentially execute arbitrary code.
fb45218ef1155d04ed9a264c53d103866cae9bc213e876ce2476c61662dceeebPHP Template Store Script version 3.0.6 suffers from persistent cross site scripting vulnerabilities.
3fec07198efb133ce02178277d2388d4fcc69247cd4103ca88951b52da6cb629Basic B2B Script version 2.0.0 suffers from a cross site scripting vulnerability.
82963141067ccf759698fa5160d044f146ad8c1b4046d70adf30f9bfbed2b755Plex Media Server version 1.13.2.5154 suffers from an XML external entity injection vulnerability in SSDP processing.
fd05bc119cc94dd07f1758633b919f61a810dd3733ec673cd4b05bbf8c8ddbd5Vuze Bittorrent Client version 5.7.6.0 suffers from an XML external entity injection vulnerability in SSDP processing.
686d443dca7f3303ff849b5fac86fadc56950d932e1bf58ccef6da24a4dbd00b86 bytes small Linux/x86 reverse TCP (::FFFF:192.168.1.5:4444/TCP) shell (/bin/sh) + null-free + IPv6 shellcode.
15ab4474b871b518c689ef1d6c479b982db96c487ff80df8ce900dd4ae21def7Entrepreneur Job Portal Script version 3.0.1 suffers from a cross site scripting vulnerability.
7ac4e82addf542f4c913fa809fa48aff3f7c29f6bf60c8115c06cc65c952c02b128 bytes small Linux/ARM TCP/4444 IPv6 bindshell shellcode.
7927090e117cf8e860f22e684f92d2f13a4b69067e6e7fede43f2a3efebdd711Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.
ed23c7188b6fc6f111052f1bb4cc56a2f26cfd37470ee3b466b77a26efccaa38Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.
d70fc50fa2dd1f2a5647aa16b6d73826be6b373026e278839ae4ba8d4f787147This Metasploit module attempts to gain root privileges on Linux systems by abusing UDP Fragmentation Offload (UFO). This exploit targets only systems using Ubuntu (Trusty / Xenial) kernels 4.4.0-21 <= 4.4.0-89 and 4.8.0-34 <= 4.8.0-58, including Linux distros based on Ubuntu, such as Linux Mint. The target system must have unprivileged user namespaces enabled and SMAP disabled. Bypasses for SMEP and KASLR are included. Failed exploitation may crash the kernel. This Metasploit module has been tested successfully on various Ubuntu and Linux Mint systems, including: Ubuntu 14.04.5 4.4.0-31-generic x64 Desktop; Ubuntu 16.04 4.8.0-53-generic; Linux Mint 17.3 4.4.0-89-generic; Linux Mint 18 4.8.0-58-generic
f3e398dc7268af675856d83dae02dec9fd8bde412098486a7565fb7cdd8541e2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed