Security Pop Quiz! q414.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber
    securingtomorrow.mcafee.com Quick Heal Threat Post Naked Security ESET CIS Malware Patrol SecList MySonicWall

    Critical Infrastructure

    Case Studies

    Tools

    Exploits

    Last 20 Website Defacements - Zone-h

    Press Play to hear the answer!

    Advisories

    • Intel Data Center Manager 4.1.1.45749 Authentication Bypass / Spoofing Wed, 30 Nov 2022 20:48:27 GMT
      Intel Data Center Manager versions 4.1.1.45749 and below suffer from an authentication bypass vulnerability via spoofing.
    • Ubuntu Security Notice USN-5718-2 Wed, 30 Nov 2022 20:39:52 GMT
      Ubuntu Security Notice 5718-2 - USN-5718-1 fixed a vulnerability in pixman. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.
    • Ubuntu Security Notice USN-5750-1 Wed, 30 Nov 2022 20:39:38 GMT
      Ubuntu Security Notice 5750-1 - It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service.
    • Ubuntu Security Notice USN-5749-1 Wed, 30 Nov 2022 20:39:29 GMT
      Ubuntu Security Notice 5749-1 - Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate did not properly perform bounds checking. If a user were tricked into processing a specially crafted audio file, an attacker could possibly use this issue to cause a crash.
    • Ubuntu Security Notice USN-5728-3 Wed, 30 Nov 2022 20:39:15 GMT
      Ubuntu Security Notice 5728-3 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
    • Red Hat Security Advisory 2022-8669-01 Wed, 30 Nov 2022 20:39:00 GMT
      Red Hat Security Advisory 2022-8669-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
    • Red Hat Security Advisory 2022-8679-01 Wed, 30 Nov 2022 20:38:53 GMT
      Red Hat Security Advisory 2022-8679-01 - The USBGuard software framework provides system protection against intrusive USB devices by implementing basic whitelisting and blacklisting capabilities based on device attributes. To enforce a user-defined policy, USBGuard uses the Linux kernel USB device authorization feature.
    • Red Hat Security Advisory 2022-8673-01 Wed, 30 Nov 2022 20:38:47 GMT
      Red Hat Security Advisory 2022-8673-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
    • Red Hat Security Advisory 2022-8680-01 Wed, 30 Nov 2022 20:38:42 GMT
      Red Hat Security Advisory 2022-8680-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration.
    • Ubuntu Security Notice USN-5745-2 Wed, 30 Nov 2022 20:38:24 GMT
      Ubuntu Security Notice 5745-2 - USN-5745-1 fixed vulnerabilities in shadow. Unfortunately that update introduced a regression that caused useradd to behave incorrectly in Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update reverts the security fix pending further investigation.
    • Ubuntu Security Notice USN-5748-1 Wed, 30 Nov 2022 20:38:02 GMT
      Ubuntu Security Notice 5748-1 - It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code.
    • Red Hat Security Advisory 2022-8686-01 Wed, 30 Nov 2022 20:37:02 GMT
      Red Hat Security Advisory 2022-8686-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
    • Red Hat Security Advisory 2022-8685-01 Wed, 30 Nov 2022 20:36:49 GMT
      Red Hat Security Advisory 2022-8685-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a memory leak vulnerability.
    • Ubuntu Security Notice USN-5689-2 Wed, 30 Nov 2022 20:35:49 GMT
      Ubuntu Security Notice 5689-2 - USN-5689-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 22.10. It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification.
    • Red Hat Security Advisory 2022-8662-01 Tue, 29 Nov 2022 16:05:16 GMT
      Red Hat Security Advisory 2022-8662-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
    • Red Hat Security Advisory 2022-8663-01 Tue, 29 Nov 2022 16:05:05 GMT
      Red Hat Security Advisory 2022-8663-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
    • Ubuntu Security Notice USN-5747-1 Tue, 29 Nov 2022 16:04:20 GMT
      Ubuntu Security Notice 5747-1 - It was discovered that Bind incorrectly handled large query name when using lightweight resolver protocol. A remote attacker could use this issue to consume resources, leading to a denial of service. It was discovered that Bind incorrectly handled large zone data size received via AXFR response. A remote authenticated attacker could use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS.
    • Red Hat Security Advisory 2022-8626-01 Tue, 29 Nov 2022 16:04:11 GMT
      Red Hat Security Advisory 2022-8626-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.17. Issues addressed include a denial of service vulnerability.
    • Ubuntu Security Notice USN-5746-1 Tue, 29 Nov 2022 16:03:54 GMT
      Ubuntu Security Notice 5746-1 - Behzad Najjarpour Jabbari discovered that HarfBuzz incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service.
    • Debian Security Advisory 5291-1 Tue, 29 Nov 2022 16:03:27 GMT
      Debian Linux Security Advisory 5291-1 - Multiple security issues were discovered in MuJS, a lightweight JavaScript interpreter, which could result in denial of service and potentially the execution of arbitrary code.
    • Red Hat Security Advisory 2022-8652-01 Tue, 29 Nov 2022 16:03:19 GMT
      Red Hat Security Advisory 2022-8652-01 - This release of Red Hat Fuse 7.11.1 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include bypass, cross site scripting, denial of service, remote SQL injection, and traversal vulnerabilities.
    • Ubuntu Security Notice USN-5745-1 Mon, 28 Nov 2022 15:46:38 GMT
      Ubuntu Security Notice 5745-1 - Florian Weimer discovered that shadow was not properly copying and removing user directory trees, which could lead to a race condition. A local attacker could possibly use this issue to setup a symlink attack and alter or remove directories without authorization.
    • Red Hat Security Advisory 2022-8639-01 Mon, 28 Nov 2022 15:46:20 GMT
      Red Hat Security Advisory 2022-8639-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
    • Red Hat Security Advisory 2022-8638-01 Mon, 28 Nov 2022 15:46:10 GMT
      Red Hat Security Advisory 2022-8638-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
    • Red Hat Security Advisory 2022-8643-01 Mon, 28 Nov 2022 15:46:00 GMT
      Red Hat Security Advisory 2022-8643-01 - Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.