-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 17:59 pm
Debian Linux Security Advisory 4447-1 - This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 17:41 pm
Debian Linux Security Advisory 4446-1 - It was discovered that the Lemonldap::NG web SSO system performed insufficient validation of session tokens if the "tokenUseGlobalStorage" option is enabled, which could grant users with access to the main session database access to[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 17:38 pm
Debian Linux Security Advisory 4444-1 - Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures (buffers). This flaw could allow an attacker controlling an unprivileged process[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 17:29 pm
Debian Linux Security Advisory 4445-1 - It was discovered that incomplete validation in a Phar processing library embedded in Drupal, a fully-featured content management framework, could result in information disclosure.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 16:59 pm
Debian Linux Security Advisory 4443-1 - Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberos extension used in Samba's Active Directory support was susceptible to man-in-the-middle attacks caused by incomplete checksum validation.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 16:52 pm
Debian Linux Security Advisory 4442-2 - The update for ghostscript released as DSA 4442-1 uncovered an issue in cups-filters which was using the undocumented Ghostscript internal "pdfdict" now hidden in the ghostscript update. Updated cups-filters packages are now available to[…]
Read more...
-
Advisories - Linux Security
May 15, 2019 | 07:23 am
This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities.
Read more...
-
Advisories - Linux Security
May 14, 2019 | 19:20 pm
It was discovered that the Lemonldap::NG web SSO system performed insuffient validation of session tokens if the "tokenUseGlobalStorage" option is enabled, which could grant users with access to the main session database access to an anonymous session.
Read more...
-
Advisories - Linux Security
May 14, 2019 | 19:17 pm
Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures (buffers). This flaw could allow an attacker controlling an unprivileged process to
Read more...
-
Advisories - Linux Security
May 14, 2019 | 19:15 pm
It was discovered that incomplete validation in a Phar processing library embedded in Drupal, a fully-featured content management framework, could result in information disclosure.
Read more...
-
Advisories - Linux Security
May 14, 2019 | 08:30 am
Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberos extension used in Samba's Active Directory support was susceptible to man-in-the-middle attacks caused by incomplete checksum validation.
Read more...
-
Advisories - Linux Security
May 13, 2019 | 19:42 pm
The update for ghostscript released as DSA 4442-1 uncovered an issue in cups-filters which was using the undocumented Ghostscript internal "pdfdict" now hidden in the ghostscript update. Updated cups-filters packages are now available to correct this issue.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 13, 2019 | 17:11 pm
Debian Linux Security Advisory 4442-1 - A vulnerability was discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the - -dSAFER[…]
Read more...
-
Advisories - Linux Security
May 12, 2019 | 18:15 pm
A vulnerability was discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the - -dSAFER sandbox being enabled).
Read more...
-
Operating System: Debian ≈ Packet Storm
May 10, 2019 | 17:03 pm
Debian Linux Security Advisory 4441-1 - Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure, open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution.
Read more...
-
Advisories - Linux Security
May 10, 2019 | 04:26 am
Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure, open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 10, 2019 | 01:44 am
Debian Linux Security Advisory 4440-1 - Multiple vulnerabilities were found in the BIND DNS server.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 10, 2019 | 01:02 am
Debian Linux Security Advisory 4439-1 - Dean Rasheed discovered that row security policies in the PostgreSQL database system could be bypassed.
Read more...
-
Advisories - Linux Security
May 9, 2019 | 18:23 pm
Multiple vulnerabilities were found in the BIND DNS server: CVE-2018-5743
Read more...
-
Operating System: Debian ≈ Packet Storm
May 8, 2019 | 19:45 pm
Debian Linux Security Advisory 4438-1 - Denis Andzakovic discovered two vulnerabilities in atftp, the advanced TFTP server which could result in denial of service by sending malformed packets.
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 30, 2019 | 01:55 am
Debian Linux Security Advisory 4437-1 - It was discovered that a buffer overflow in the RTSP parser of the GStreamer media framework may result in the execution of arbitrary code if a malformed RSTP stream is opened.
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 29, 2019 | 19:22 pm
Debian Linux Security Advisory 4435-1 - A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed.
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 29, 2019 | 17:55 pm
Debian Linux Security Advisory 4436-1 - problems and missing or incomplete input sanitizing may result in denial of service, memory disclosure or the execution of arbitrary code if malformed TIFF or Postscript files are processed.
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 22, 2019 | 16:21 pm
Debian Linux Security Advisory 4434-1 - A cross-site scripting vulnerability has been found in Drupal, a fully-featured content management framework.
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 17, 2019 | 19:26 pm
Debian Linux Security Advisory 4433-1 - Several vulnerabilities have been discovered in the Rubygems included in the interpreter for the Ruby language, which may result in denial of service or the execution of arbitrary code.
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 17, 2019 | 19:25 pm
Debian Linux Security Advisory 4432-1 - Cedric Buissart discovered two vulnerabilities in Ghostscript, the GPL PostScript/PDF interpreter, which could result in bypass of file system restrictions of the dSAFER sandbox.
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 15, 2019 | 18:33 pm
Debian Linux Security Advisory 4431-1 - Chris Coulson discovered several vulnerabilities in libssh2, a SSH2 client-side library, which could result in denial of service, information leaks or the execution of arbitrary code.
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 11, 2019 | 16:10 pm
Debian Linux Security Advisory 4430-1 - Mathy Vanhoef (NYUAD) and Eyal Ronen (Tel Aviv University & KU Leuven) found multiple vulnerabilities in the WPA implementation found in wpa_supplication (station) and hostapd (access point). These vulnerability are also collectively known as[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 10, 2019 | 17:16 pm
Debian Linux Security Advisory 4429-1 - It was discovered that SPIP, a website engine for publishing, did not properly sanitize its user input. This would allow an authenticated user to perform arbitrary command execution.
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 9, 2019 | 19:53 pm
Debian Linux Security Advisory 4428-1 - Jann Horn discovered that the PAM module in systemd insecurely uses the environment and lacks seat verification permitting spoofing an active session to PolicyKit. A remote attacker with SSH access can take advantage of[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 8, 2019 | 20:06 pm
Debian Linux Security Advisory 4426-1 - Cedric Krier discovered that missing access validation in Tryton could result in information disclosure .
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 8, 2019 | 20:05 pm
Debian Linux Security Advisory 4425-1 - Kusano Kazuhiko discovered a buffer overflow vulnerability in the handling of Internationalized Resource Identifiers (IRI) in wget, a network utility to retrieve files from the web, which could result in the execution of arbitrary[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Apr 6, 2019 | 00:47 am
Debian Linux Security Advisory 4424-1 - Adam Dobrawy, Frederico Silva and Gregory Brzeski from HyperOne.com discovered that pdns, an authoritative DNS server, did not properly validate user-supplied data when building a HTTP request from a DNS query in the HTTP[…]
Read more...
Jedesmal, wenn mit eingeschaltetem AdBlocker eine Webseite besucht wird, stirbt in einem Labor ein unschuldiges, niedliches Kaninchen einen grausamen Tod! Zusätzlich werden einige Funktionen dieser Webseite durch den AdBlocker blockiert. Bitte deaktivieren Sie Ihren AdBlocker für diese Webseite und retten Sie unschuldige Kaninchen!