la Linux Kernel Sendpage Local Privilege Escalation By packetstormsecurity.com Published On :: Thu, 19 Jul 2012 00:45:23 GMT The Linux kernel failed to properly initialize some entries the proto_ops struct for several protocols, leading to NULL being derefenced and used as a function pointer. By using mmap(2) to map page 0, an attacker can execute arbitrary code in the context of the kernel. Several public exploits exist for this vulnerability, including spender's wunderbar_emporium and rcvalle's ppc port, sock_sendpage.c. All Linux 2.4/2.6 versions since May 2001 are believed to be affected: 2.4.4 up to and including 2.4.37.4; 2.6.0 up to and including 2.6.30.4 Full Article
la Were Oslo's Terror Blasts Caused By Car Bombs? By packetstormsecurity.com Published On :: Fri, 22 Jul 2011 21:16:02 GMT Full Article headline terror norway
la Anonymous Lashes Out At Norway Massacre Suspect By packetstormsecurity.com Published On :: Tue, 26 Jul 2011 04:32:40 GMT Full Article headline terror anonymous norway
la Chkrootkit Local Privilege Escalation By packetstormsecurity.com Published On :: Fri, 20 Nov 2015 01:09:39 GMT Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privsec. WfsDelay is set to 24h, since this is how often a chkrootkit scan is scheduled by default. Full Article
la Apache Server Status Pages Put Popular Websites At Risk By packetstormsecurity.com Published On :: Fri, 02 Nov 2012 04:02:21 GMT Full Article headline privacy data loss flaw apache
la Apache ActiveMQ Flaws Leave Servers Open To DoS Attacks By packetstormsecurity.com Published On :: Mon, 09 Mar 2015 20:04:49 GMT Full Article headline denial of service flaw apache
la 1 In 20 Android Apps Hit By Apache Cordova Flaw By packetstormsecurity.com Published On :: Thu, 28 May 2015 13:47:45 GMT Full Article headline phone flaw google apache
la Apache Struts 2 Needs Patching, Without Delay. It's Under Attack Now. By packetstormsecurity.com Published On :: Thu, 09 Mar 2017 16:15:22 GMT Full Article headline hacker flaw apache
la Yahoo Fixes Email Cross-Site Scripting Flaw By packetstormsecurity.com Published On :: Wed, 25 Jun 2008 18:27:02 GMT Full Article email flaw yahoo xss
la XSS Flaws Poke Ridicule At Entertainment Industry By packetstormsecurity.com Published On :: Fri, 08 May 2009 09:06:46 GMT Full Article flaw xss
la Adobe Plagued By 16-Month-Old XSS Bug By packetstormsecurity.com Published On :: Thu, 14 May 2009 08:22:15 GMT Full Article adobe xss
la Mozilla Tackles XSS Vulnerabilities With New Technology By packetstormsecurity.com Published On :: Mon, 22 Jun 2009 16:29:11 GMT Full Article mozilla xss
la MoD Website Outflanked By XSS Flaws By packetstormsecurity.com Published On :: Mon, 10 Aug 2009 02:30:05 GMT Full Article flaw xss
la RubyOnRails XSS Vulnerability Claims Twitter, Basecamp And My Confidence By packetstormsecurity.com Published On :: Thu, 03 Sep 2009 14:57:22 GMT Full Article xss twitter
la Facebook App Flaws Create Trojan Download Risk By packetstormsecurity.com Published On :: Mon, 21 Sep 2009 16:04:03 GMT Full Article trojan flaw facebook xss
la XSS Vulnerabilities In 8 Million Flash Files By packetstormsecurity.com Published On :: Tue, 22 Dec 2009 09:16:16 GMT Full Article adobe xss
la Serious XSS Flaw Haunts Microsoft SharePoint By packetstormsecurity.com Published On :: Thu, 29 Apr 2010 04:24:15 GMT Full Article microsoft flaw xss
la Anti-Virus Vendor Trio Plug Website Flaws By packetstormsecurity.com Published On :: Mon, 04 Oct 2010 10:06:13 GMT Full Article virus flaw xss
la Adobe Updates Flash Player To Fix XSS Flaw By packetstormsecurity.com Published On :: Tue, 07 Jun 2011 03:23:00 GMT Full Article headline adobe xss
la Patchy App Development Security Slammed By packetstormsecurity.com Published On :: Thu, 08 Dec 2011 16:29:13 GMT Full Article headline flaw xss csrf
la XSS Flaw Discovered In Skype's Shop, User Accounts Targeted By packetstormsecurity.com Published On :: Fri, 24 Feb 2012 23:57:20 GMT Full Article headline flaw identity theft skype social xss
la FreeBSD Intel SYSRET Privilege Escalation By packetstormsecurity.com Published On :: Thu, 07 Mar 2019 02:01:26 GMT This Metasploit module exploits a vulnerability in the FreeBSD kernel, when running on 64-bit Intel processors. By design, 64-bit processors following the X86-64 specification will trigger a general protection fault (GPF) when executing a SYSRET instruction with a non-canonical address in the RCX register. However, Intel processors check for a non-canonical address prior to dropping privileges, causing a GPF in privileged mode. As a result, the current userland RSP stack pointer is restored and executed, resulting in privileged code execution. Full Article
la FreeBSD rtld execl() Privilege Escalation By packetstormsecurity.com Published On :: Wed, 22 May 2019 00:51:22 GMT This Metasploit module exploits a vulnerability in the FreeBSD run-time link-editor (rtld). The rtld unsetenv() function fails to remove LD_* environment variables if __findenv() fails. This can be abused to load arbitrary shared objects using LD_PRELOAD, resulting in privileged code execution. Full Article
la Hacker Almost Derailed Mandela Election In South Africa By packetstormsecurity.com Published On :: Wed, 27 Oct 2010 12:19:03 GMT Full Article hacker africa
la Ebola Outbreak Used To Trick Users Into Downloading Malware By packetstormsecurity.com Published On :: Fri, 24 Oct 2014 15:51:26 GMT Full Article headline malware cybercrime fraud africa
la Ebola Outbreak Reaches City Of 1 Million Residents By packetstormsecurity.com Published On :: Sat, 15 Dec 2018 14:26:52 GMT Full Article headline africa science
la Huawei Africa Spying Claims Denied By packetstormsecurity.com Published On :: Fri, 16 Aug 2019 16:22:30 GMT Full Article headline government china africa spyware facebook
la JUNOS (Juniper) Flaw Exposes Core Routers To Kernel Crash By packetstormsecurity.com Published On :: Wed, 06 Jan 2010 03:10:59 GMT Full Article flaw kernel juniper
la Juniper Resets 'Days Since Last Rogue Code Incident' Clock By packetstormsecurity.com Published On :: Mon, 11 Jan 2016 14:41:03 GMT Full Article headline flaw juniper backdoor
la Juniper Bleeding Data And Money: Slaps Band-Aids All Over JunOS By packetstormsecurity.com Published On :: Thu, 14 Apr 2016 12:58:46 GMT Full Article headline flaw patch juniper
la Hacker 1x0123 Claims He Has More Leaked NSA Files To View - If You Can Solve This Puzzle By packetstormsecurity.com Published On :: Thu, 25 Aug 2016 13:39:18 GMT Full Article headline hacker government data loss flaw cyberwar cisco juniper nsa
la Slackware Security Advisory - mozilla-thunderbird Updates By packetstormsecurity.com Published On :: Thu, 12 Sep 2019 14:32:20 GMT Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Full Article
la Slackware Security Advisory - expat Updates By packetstormsecurity.com Published On :: Tue, 17 Sep 2019 16:47:22 GMT Slackware Security Advisory - New expat packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Full Article
la Slackware Security Advisory - mozilla-thunderbird Updates By packetstormsecurity.com Published On :: Thu, 26 Sep 2019 16:30:17 GMT Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Full Article
la Slackware Security Advisory - tcpdump Updates By packetstormsecurity.com Published On :: Wed, 02 Oct 2019 15:03:37 GMT Slackware Security Advisory - New libpcap and tcpdump packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Full Article
la Slackware Security Advisory - sudo Updates By packetstormsecurity.com Published On :: Tue, 15 Oct 2019 13:53:36 GMT Slackware Security Advisory - New sudo packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Full Article
la Slackware Security Advisory - python Updates By packetstormsecurity.com Published On :: Mon, 21 Oct 2019 17:02:22 GMT Slackware Security Advisory - New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Full Article
la Slackware Security Advisory - mozilla-firefox Updates By packetstormsecurity.com Published On :: Wed, 23 Oct 2019 18:28:47 GMT Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Full Article
la Slackware Security Advisory - libtiff Updates By packetstormsecurity.com Published On :: Tue, 05 Nov 2019 15:12:35 GMT Slackware Security Advisory - New libtiff packages are available for Slackware 14.2 and -current to fix security issues. Full Article
la Slackware Security Advisory - Slackware 14.2 kernel Updates By packetstormsecurity.com Published On :: Fri, 08 Nov 2019 15:37:19 GMT Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues. Full Article
la Slackware Security Advisory - Slackware 14.2 kernel Updates By packetstormsecurity.com Published On :: Mon, 18 Nov 2019 15:22:09 GMT Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues. Full Article
la Slackware Security Advisory - bind Updates By packetstormsecurity.com Published On :: Thu, 21 Nov 2019 15:09:45 GMT Slackware Security Advisory - New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Full Article
la Slackware Security Advisory - mozilla-firefox Updates By packetstormsecurity.com Published On :: Wed, 04 Dec 2019 23:11:46 GMT Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Full Article
la Slackware Security Advisory - wavpack Updates By packetstormsecurity.com Published On :: Fri, 20 Dec 2019 19:33:33 GMT Slackware Security Advisory - New wavpack packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Full Article
la Slackware Security Advisory - openssl Updates By packetstormsecurity.com Published On :: Thu, 26 Dec 2019 23:32:50 GMT Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix a security issue. Full Article
la Slackware Security Advisory - tigervnc Updates By packetstormsecurity.com Published On :: Thu, 26 Dec 2019 23:33:08 GMT Slackware Security Advisory - New tigervnc packages are available for Slackware 14.2 and -current to fix security issues. Full Article
la Slackware Security Advisory - mozilla-firefox Updates By packetstormsecurity.com Published On :: Tue, 07 Jan 2020 16:47:01 GMT Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Full Article
la Slackware Security Advisory - Slackware 14.2 kernel Updates By packetstormsecurity.com Published On :: Thu, 09 Jan 2020 15:06:22 GMT Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues. Full Article
la Slackware Security Advisory - mozilla-firefox Updates By packetstormsecurity.com Published On :: Thu, 09 Jan 2020 15:06:33 GMT Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue. Full Article
la Slackware Security Advisory - mozilla-thunderbird Updates By packetstormsecurity.com Published On :: Mon, 13 Jan 2020 18:01:22 GMT Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Full Article
