Flash RSS News

Un site utilisant WordPress

Catégorie : Packet Storm (Page 2 of 142)

Asterisk Project Security Advisory – AST-2018-010

Asterisk Project Security Advisory – There is a buffer overflow vulnerability in dns_srv and dns_naptr functions of Asterisk that allows an attacker to crash Asterisk via a specially crafted DNS SRV or NAPTR response. The attacker’s request causes Asterisk to segfault and crash.

Source: Asterisk Project Security Advisory – AST-2018-010

Data Leaking Holes Riddle Intel, AMD, Arm Chips

Source: Data Leaking Holes Riddle Intel, AMD, Arm Chips

It’s Amateur Hour In The World Of Spyware And Victims Will Pay The Price

Source: It’s Amateur Hour In The World Of Spyware And Victims Will Pay The Price

SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle

SwitchVPN for MacOS and Windows version 2.1012.03 suffers from a man-in-the-middle vulnerability.

Source: SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle

It’s Amateur Hour In The World Of Spyware And Victims Will Pay The Price

Source: It’s Amateur Hour In The World Of Spyware And Victims Will Pay The Price

It’s Amateur Hour In The World Of Spyware And Victims Will Pay The Price

Source: It’s Amateur Hour In The World Of Spyware And Victims Will Pay The Price

It’s Amateur Hour In The World Of Spyware And Victims Will Pay The Price

Source: It’s Amateur Hour In The World Of Spyware And Victims Will Pay The Price

Ubuntu Security Notice USN-3817-1

Ubuntu Security Notice 3817-1 – It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that Python incorrectly handled running external commands in the shutil module. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

Source: Ubuntu Security Notice USN-3817-1

Facebook Patches Another User Data Harvesting Bug

Source: Facebook Patches Another User Data Harvesting Bug

Atlassian Jira Authenticated Upload Code Execution

This Metasploit module can be used to execute a payload on Atlassian Jira via the Universal Plugin Manager(UPM). The module requires valid login credentials to an account that has access to the plugin manager. The payload is uploaded as a JAR archive containing a servlet using a POST request against the UPM component. The check command will test the validity of user supplied credentials and test for access to the plugin manager.

Source: Atlassian Jira Authenticated Upload Code Execution

Fièrement propulsé par WordPress & Thème par Anders Norén

serial rss