se Ubuntu Security Notice USN-4312-1 By packetstormsecurity.com Published On :: Mon, 30 Mar 2020 15:49:27 GMT Ubuntu Security Notice 4312-1 - Matthias Gerstner discovered that Timeshift did not securely create temporary files. An attacker could exploit a race condition in Timeshift and potentially execute arbitrary commands as root. Full Article
se Red Hat Security Advisory 2020-1308-01 By packetstormsecurity.com Published On :: Fri, 03 Apr 2020 02:50:51 GMT Red Hat Security Advisory 2020-1308-01 - The org.ovirt.engine-root is a core component of oVirt. Full Article
se Linux 5.3 Insecure Root Path Handling By packetstormsecurity.com Published On :: Fri, 10 Apr 2020 22:01:02 GMT Linux versions 5.3 and above appear to have an issue where io_uring suffers from insecure handling of the root directory for path lookups. Full Article
se Linux/x86 Add Root User Shellcode By packetstormsecurity.com Published On :: Fri, 24 Apr 2020 17:22:22 GMT 107 bytes small Linux/x86 shellcode that adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified. Full Article
se Linux/x86 Dynamic MMX+FPU Encoded Add Root User Shellcode By packetstormsecurity.com Published On :: Fri, 24 Apr 2020 18:22:22 GMT 155 bytes small Linux/x86 shellcode that has a MMX stub decoder that dynamically decodes the payload in memory. The FPU GetPC technique is used to determine the offset from EIP dynamically in running memory. Once decoded. this shellcode adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified. Full Article
se Red Hat Security Advisory 2020-1804-01 By packetstormsecurity.com Published On :: Tue, 28 Apr 2020 20:33:55 GMT Red Hat Security Advisory 2020-1804-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Full Article
se TP-LINK Cloud Cameras NCXXX SetEncryptKey Command Injection By packetstormsecurity.com Published On :: Fri, 01 May 2020 23:55:55 GMT TP-LINK Cloud Cameras including products NC260 and NC450 suffer from a command injection vulnerability. The issue is located in the httpSetEncryptKeyRpm method (handler for /setEncryptKey.fcgi) of the ipcamera binary, where the user-controlled EncryptKey parameter is used directly as part of a command line to be executed as root without any input sanitization. Full Article
se Crown Prince Of Saudi Arabia Accused Of Hacking Jeff Bezos' Phone By packetstormsecurity.com Published On :: Wed, 22 Jan 2020 15:57:44 GMT Full Article headline hacker government usa phone amazon flaw cyberwar facebook saudi arabia
se netABuse Insufficient Windows Authentication Logic Scanner By packetstormsecurity.com Published On :: Thu, 09 Apr 2020 14:57:25 GMT netABuse is a scanner that identifies systems susceptible to a Microsoft Windows insufficient authentication logic flaw. Full Article
se Red Hat Security Advisory 2020-0860-01 By packetstormsecurity.com Published On :: Tue, 17 Mar 2020 13:23:22 GMT Red Hat Security Advisory 2020-0860-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 8 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability. Full Article
se Red Hat Security Advisory 2020-0861-01 By packetstormsecurity.com Published On :: Tue, 17 Mar 2020 13:23:37 GMT Red Hat Security Advisory 2020-0861-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 8 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability. Full Article
se Red Hat Security Advisory 2020-0855-01 By packetstormsecurity.com Published On :: Tue, 17 Mar 2020 22:02:22 GMT Red Hat Security Advisory 2020-0855-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A file read / inclusion vulnerability was addressed. Full Article
se Red Hat Security Advisory 2020-0912-01 By packetstormsecurity.com Published On :: Mon, 23 Mar 2020 16:01:07 GMT Red Hat Security Advisory 2020-0912-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A file read / inclusion vulnerability was addressed. Full Article
se Red Hat Security Advisory 2020-0961-01 By packetstormsecurity.com Published On :: Tue, 24 Mar 2020 15:09:31 GMT Red Hat Security Advisory 2020-0961-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. A file read / inclusion vulnerability was addressed among other issues. Full Article
se Red Hat Security Advisory 2020-0962-01 By packetstormsecurity.com Published On :: Tue, 24 Mar 2020 15:10:43 GMT Red Hat Security Advisory 2020-0962-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. A file read / inclusion vulnerability was addressed among other issues. Full Article
se Red Hat Security Advisory 2020-1428-01 By packetstormsecurity.com Published On :: Mon, 13 Apr 2020 13:22:22 GMT Red Hat Security Advisory 2020-1428-01 - Open Liberty is a lightweight open framework for building fast and efficient cloud-native Java microservices. This release of Open Liberty 20.0.0.4 serves as a replacement for Open Liberty 20.0.0.3 and includes security fixes, bug fixes, and enhancements. Full Article
se Red Hat Security Advisory 2020-1479-01 By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 00:14:17 GMT Red Hat Security Advisory 2020-1479-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for the Apache Tomcat package in JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages. Full Article
se Red Hat Security Advisory 2020-1478-01 By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 00:14:30 GMT Red Hat Security Advisory 2020-1478-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for the Apache Tomcat package in JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package. Full Article
se Red Hat Security Advisory 2020-1508-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 13:54:15 GMT Red Hat Security Advisory 2020-1508-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
se Red Hat Security Advisory 2020-1507-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:05:14 GMT Red Hat Security Advisory 2020-1507-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
se Red Hat Security Advisory 2020-1506-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:05:30 GMT Red Hat Security Advisory 2020-1506-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
se Red Hat Security Advisory 2020-1521-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:07:26 GMT Red Hat Security Advisory 2020-1521-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3 serves as a replacement for Red Hat JBoss Web Server 5.2, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a privilege escalation vulnerability. Full Article
se Red Hat Security Advisory 2020-1520-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:09:21 GMT Red Hat Security Advisory 2020-1520-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3 serves as a replacement for Red Hat JBoss Web Server 5.2, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a privilege escalation vulnerability. Full Article
se Red Hat Security Advisory 2020-1509-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:15:11 GMT Red Hat Security Advisory 2020-1509-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
se Red Hat Security Advisory 2020-1512-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:17:02 GMT Red Hat Security Advisory 2020-1512-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
se Red Hat Security Advisory 2020-1514-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 20:00:19 GMT Red Hat Security Advisory 2020-1514-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
se Red Hat Security Advisory 2020-1517-01 By packetstormsecurity.com Published On :: Wed, 22 Apr 2020 15:10:56 GMT Red Hat Security Advisory 2020-1517-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
se Red Hat Security Advisory 2020-1516-01 By packetstormsecurity.com Published On :: Wed, 22 Apr 2020 15:11:05 GMT Red Hat Security Advisory 2020-1516-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
se Red Hat Security Advisory 2020-1515-01 By packetstormsecurity.com Published On :: Wed, 22 Apr 2020 15:11:12 GMT Red Hat Security Advisory 2020-1515-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
se Red Hat Security Advisory 2020-1864-01 By packetstormsecurity.com Published On :: Tue, 28 Apr 2020 20:26:29 GMT Red Hat Security Advisory 2020-1864-01 - The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Full Article
se Spectre Chip Security Vulnerability Strikes Again By packetstormsecurity.com Published On :: Tue, 22 May 2018 06:36:24 GMT Full Article headline flaw intel
se Intel Chip Flaw - Math Unit May Spill Crypto Secrets To Apps By packetstormsecurity.com Published On :: Thu, 14 Jun 2018 01:21:32 GMT Full Article headline data loss flaw cryptography intel
se WebAssembly Changes Could Ruin Meltdown And Spectre Patches By packetstormsecurity.com Published On :: Thu, 28 Jun 2018 00:30:32 GMT Full Article headline flaw patch intel
se New Spectre Attack Enables Secrets To Be Leaked Over A Network By packetstormsecurity.com Published On :: Fri, 27 Jul 2018 00:57:39 GMT Full Article headline hacker flaw intel
se Foreshadow And Intel SGX Software Attestation: The Whole Trust Model Collapses By packetstormsecurity.com Published On :: Wed, 15 Aug 2018 14:35:56 GMT Full Article headline flaw cryptography intel
se Intel's Commitment To Making Its Stuff Secure Is Called Into Question By packetstormsecurity.com Published On :: Mon, 08 Oct 2018 14:48:27 GMT Full Article headline flaw intel
se Researchers Hide Malware In Intel SGX Enclaves By packetstormsecurity.com Published On :: Tue, 12 Feb 2019 17:37:55 GMT Full Article headline hacker malware intel
se Intel Patches High-Severity Flaws In Media SDK, Mini PC By packetstormsecurity.com Published On :: Wed, 10 Apr 2019 15:01:30 GMT Full Article headline flaw patch intel
se Intel Fixes Severe NUC Firmware, Web Console Vulnerabilities By packetstormsecurity.com Published On :: Wed, 12 Jun 2019 15:28:10 GMT Full Article headline flaw patch intel
se Weakness In Intel Chips Lets Researchers Steal Encrypted SSH Keystrokes By packetstormsecurity.com Published On :: Wed, 11 Sep 2019 13:56:24 GMT Full Article headline privacy flaw password cryptography intel
se Intel Patches Six Security Issues By packetstormsecurity.com Published On :: Thu, 16 Jan 2020 16:22:18 GMT Full Article headline flaw patch intel
se Intel CMSE Bug Is Worse Than Previously Thought By packetstormsecurity.com Published On :: Thu, 05 Mar 2020 14:35:11 GMT Full Article headline flaw intel
se Intel Fixes High-Severity Flaws In NUC, Discontinues Buggy Compute Module By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 18:06:59 GMT Full Article headline flaw patch intel
se Pirate Bay Co-Founder Arrested In Sweden To Serve Sentence By packetstormsecurity.com Published On :: Mon, 02 Jun 2014 02:36:13 GMT Full Article headline government mpaa pirate sweden
se TV Monitoring Service Is Fair Use, Judge Rules By packetstormsecurity.com Published On :: Fri, 12 Sep 2014 04:14:16 GMT Full Article headline government pirate
se The Pirate Bay Uses The Cloud To Stay Out Of Law Enforcement's Reach By packetstormsecurity.com Published On :: Mon, 22 Sep 2014 15:20:35 GMT Full Article headline government riaa mpaa pirate
se Pirate Bay Founder Guilty In Historic Hacker Case By packetstormsecurity.com Published On :: Thu, 30 Oct 2014 22:35:02 GMT Full Article headline hacker riaa mpaa pirate sweden
se uTorrent Users Urged To Upgrade To Mitigate Hijacking Flaw By packetstormsecurity.com Published On :: Fri, 23 Feb 2018 15:16:09 GMT Full Article headline flaw pirate
se Apple Security Advisory 2019-12-10-7 By packetstormsecurity.com Published On :: Wed, 11 Dec 2019 23:23:23 GMT Apple Security Advisory 2019-12-10-7 - Xcode 11.3 is now available and addresses an arbitrary code execution vulnerability. Full Article
se Apple Security Advisory 2019-12-10-8 By packetstormsecurity.com Published On :: Thu, 12 Dec 2019 00:16:21 GMT Apple Security Advisory 2019-12-10-8 - watchOS 6.1.1 is now available and addresses code execution vulnerabilities. Full Article
