Flash RSS News

Un site utilisant WordPress

Catégorie : Actualité Sécurité Info (Page 1 of 89)

[dos] ntp 4.2.8p11 – Local Buffer Overflow (PoC)

ntp 4.2.8p11 – Local Buffer Overflow (PoC)

Source: [dos] ntp 4.2.8p11 – Local Buffer Overflow (PoC)

Alleged Leaker Of Vault7 Cache Busted By Poor OpSec

Source: Alleged Leaker Of Vault7 Cache Busted By Poor OpSec

FBI Recovers WhatsApp, Signal Data Stored On Michael Cohen’s BlackBerry

Source: FBI Recovers WhatsApp, Signal Data Stored On Michael Cohen’s BlackBerry

Red Hat Security Advisory 2018-1932-01

Red Hat Security Advisory 2018-1932-01 – The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. Issues addressed include buffer overflow and code execution vulnerabilities.

Source: Red Hat Security Advisory 2018-1932-01

Hackers Who Sabotaged The Olympic Games Return For More Mischief

Source: Hackers Who Sabotaged The Olympic Games Return For More Mischief

[webapps] Redatam Web Server < 7 – Directory Traversal

Redatam Web Server < 7 – Directory Traversal

Source: [webapps] Redatam Web Server < 7 – Directory Traversal

Pale Moon Browser Use-After-Free

Pale Moon Browser versions prior to 27.9.3 suffer from a use-after-free vulnerability.

Source: Pale Moon Browser Use-After-Free

FBI Recovers WhatsApp, Signal Data Stored On Michael Cohen’s BlackBerry

Source: FBI Recovers WhatsApp, Signal Data Stored On Michael Cohen’s BlackBerry

Microsoft COM For Windows Improper Serialized Object Handling

Microsoft COM for Windows privilege escalation proof of concept exploit. A remote code execution vulnerability exists in “Microsoft COM for Windows” when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file. The security update addresses the vulnerability by correcting how “Microsoft COM for Windows” handles serialized objects.

Source: Microsoft COM For Windows Improper Serialized Object Handling

[local] Microsoft COM for Windows – Privilege Escalation

Microsoft COM for Windows – Privilege Escalation

Source: [local] Microsoft COM for Windows – Privilege Escalation

Page 1 of 89

Fièrement propulsé par WordPress & Thème par Anders Norén

serial rss