-
Advisories - Linux Security
Jun 22, 2019 | 14:55 pm
Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the
Read more...
-
Advisories - Linux Security
Jun 21, 2019 | 06:26 am
A path traversal vulnerability due to an unsanitized POST parameter was discovered in php-horde-form, a package providing form rendering, validation, and other functionality for the Horde Application Framework. An attacker can take advantage of this flaw for remote code execution.
Read more...
-
Advisories - Linux Security
Jun 20, 2019 | 04:41 am
DSA 4447-1 shipped updated CPU microcode for most types of Intel CPUs as mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities. This update provides additional support for some Sandybridge server
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 19, 2019 | 19:12 pm
Debian Linux Security Advisory 4465-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Read more...
-
Advisories - Linux Security
Jun 18, 2019 | 19:27 pm
User "Arminius" discovered a vulnerability in Vim, an enhanced version of the standard UNIX editor Vi (Vi IMproved). The "Common vulnerabilities and exposures project" identifies the following problem:
Read more...
-
Advisories - Linux Security
Jun 18, 2019 | 19:21 pm
Samuel Gross discovered a type confusion bug in the JavaScript engine of the Mozilla Firefox web browser, which could result in the execution of arbitrary code when browsing a malicious website.
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 17, 2019 | 19:15 pm
Debian Linux Security Advisory 4464-1 - Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 17, 2019 | 19:00 pm
Debian Linux Security Advisory 4463-1 - Two vulnerabilities were discovered in the ZNC IRC bouncer which could result in remote code execution (CVE-2019-12816) or denial of service via invalid encoding (CVE-2019-9917).
Read more...
-
Advisories - Linux Security
Jun 15, 2019 | 19:05 pm
Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.For the stable distribution (stretch), these problems have been fixed in
Read more...
-
Advisories - Linux Security
Jun 14, 2019 | 18:11 pm
Two vulnerabilities were discovered in the ZNC IRC bouncer which could result in remote code execution (CVE-2019-12816) or denial of service via invalid encoding (CVE-2019-9917).
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 14, 2019 | 00:22 am
Debian Linux Security Advisory 4462-1 - Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage[…]
Read more...
-
Advisories - Linux Security
Jun 13, 2019 | 18:29 pm
Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage of this flaw
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 12, 2019 | 20:59 pm
Debian Linux Security Advisory 4461-1 - Harrison Neil discovered that the getACL() command in Zookeeper, a service for maintaining configuration information, did not validate permissions, which could result in information disclosure.
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 12, 2019 | 20:48 pm
Debian Linux Security Advisory 4460-1 - Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work, which may result in authentication bypass, denial of service, cross-site scripting, information disclosure and bypass of anti-spam measures.
Read more...
-
Advisories - Linux Security
Jun 11, 2019 | 20:39 pm
Harrison Neil discovered that the getACL() command in Zookeeper, a service for maintaining configuration information, did not validate permissions, which could result in information disclosure.
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 11, 2019 | 18:02 pm
Debian Linux Security Advisory 4459-1 - Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed.
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 8, 2019 | 20:32 pm
Debian Linux Security Advisory 4458-1 - A flaw was discovered in the CalDAV feature in httpd of the Cyrus IMAP server, leading to denial of service or potentially the execution of arbitrary code via a crafted HTTP PUT operation for[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 8, 2019 | 01:22 am
Debian Linux Security Advisory 4457-1 - Hanno Böck discovered that Evolution was vulnerable to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted HTML email. This issue was mitigated by moving the security bar with encryption and signature[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 7, 2019 | 01:33 am
Debian Linux Security Advisory 4454-2 - Vincent Tondellier reported that the qemu update issued as DSA 4454-1 did not correctly backport the support to define the md-clear bit to allow mitigation of the MDS vulnerabilities. Updated qemu packages are now[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 5, 2019 | 17:55 pm
Debian Linux Security Advisory 4456-1 - The Qualys Research Labs reported a flaw in Exim, a mail transport agent. Improper validation of the recipient address in the deliver_message() function may result in the execution of arbitrary commands.
Read more...
-
Operating System: Debian ≈ Packet Storm
Jun 3, 2019 | 20:32 pm
Debian Linux Security Advisory 4455-1 - Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 31, 2019 | 17:23 pm
Debian Linux Security Advisory 4454-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or information disclosure.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 30, 2019 | 15:33 pm
Debian Linux Security Advisory 4453-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service or sandbox bypass.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 25, 2019 | 01:22 am
Debian Linux Security Advisory 4451-1 - Thunderbird vulnerabilities may lead to the execution of arbitrary code or denial of service.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 24, 2019 | 21:33 pm
Debian Linux Security Advisory 4450-1 - A vulnerability was found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point).
Read more...
-
Operating System: Debian ≈ Packet Storm
May 24, 2019 | 20:02 pm
Debian Linux Security Advisory 4452-1 - Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 23, 2019 | 18:31 pm
Debian Linux Security Advisory 4449-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 23, 2019 | 01:44 am
Debian Linux Security Advisory 4448-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 17:59 pm
Debian Linux Security Advisory 4447-1 - This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 17:41 pm
Debian Linux Security Advisory 4446-1 - It was discovered that the Lemonldap::NG web SSO system performed insufficient validation of session tokens if the "tokenUseGlobalStorage" option is enabled, which could grant users with access to the main session database access to[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 17:38 pm
Debian Linux Security Advisory 4444-1 - Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures (buffers). This flaw could allow an attacker controlling an unprivileged process[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 17:29 pm
Debian Linux Security Advisory 4445-1 - It was discovered that incomplete validation in a Phar processing library embedded in Drupal, a fully-featured content management framework, could result in information disclosure.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 16:59 pm
Debian Linux Security Advisory 4443-1 - Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberos extension used in Samba's Active Directory support was susceptible to man-in-the-middle attacks caused by incomplete checksum validation.
Read more...
-
Operating System: Debian ≈ Packet Storm
May 15, 2019 | 16:52 pm
Debian Linux Security Advisory 4442-2 - The update for ghostscript released as DSA 4442-1 uncovered an issue in cups-filters which was using the undocumented Ghostscript internal "pdfdict" now hidden in the ghostscript update. Updated cups-filters packages are now available to[…]
Read more...
Jedesmal, wenn mit eingeschaltetem AdBlocker eine Webseite besucht wird, stirbt in einem Labor ein unschuldiges, niedliches Kaninchen einen grausamen Tod! Zusätzlich werden einige Funktionen dieser Webseite durch den AdBlocker blockiert. Bitte deaktivieren Sie Ihren AdBlocker für diese Webseite und retten Sie unschuldige Kaninchen!