uri NetBSD Security Advisory 2004.10 By packetstormsecurity.com Published On :: Thu, 30 Dec 2004 09:10:46 GMT NetBSD Security Advisory 2004-010 - Some of the functions in /usr/src/sys/compat/ which implement execution of foreign binaries (such as Linux, FreeBSD, IRIX, OSF1, SVR4, HPUX, and ULTRIX) use argument data in unsafe ways prior to calling the kernel syscall. Full Article
uri iDEFENSE Security Advisory 2005-01-13.3 By packetstormsecurity.com Published On :: Sun, 16 Jan 2005 05:55:12 GMT iDEFENSE Security Advisory 01.13.05-3 - Local exploitation of a design error vulnerability in the inpview command included in multiple versions of Silicon Graphics Inc.'s IRIX could allow for arbitrary code execution as the root user. iDEFENSE has confirmed the existence of this vulnerability in SGI IRIX version 6.5.9 (feature) and 6.5.22 (maintenance). Full Article
uri Secunia Security Advisory 14875 By packetstormsecurity.com Published On :: Sun, 17 Apr 2005 18:55:16 GMT Secunia Security Advisory - Two vulnerabilities have been reported in SGI IRIX, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges and disclose some sensitive information. Full Article
uri iDEFENSE Security Advisory 2005-04-07.1 By packetstormsecurity.com Published On :: Sun, 17 Apr 2005 19:35:49 GMT iDEFENSE Security Advisory 04.07.05 - Local exploitation of an information disclosure vulnerability in the gr_osview command included in multiple versions of Silicon Graphics Inc.'s IRIX Operating System could allow for the disclosure of sensitive information such as the root user's password hash. The vulnerability specifically exists in the way that gr_osview opens user-specified description files without dropping privileges. When this is combined with the debug option, it is possible to dump a line from an arbitrary file, regardless of its protection. Full Article
uri iDEFENSE Security Advisory 2005-04-07.2 By packetstormsecurity.com Published On :: Sun, 17 Apr 2005 19:37:10 GMT iDEFENSE Security Advisory 04.07.05 - Local exploitation of a file overwrite vulnerability in the gr_osview command included in multiple versions of Silicon Graphics Inc.'s IRIX operating system could allow for the overwriting of arbitrary files, regardless of permissions. The vulnerability specifically exists in the way that gr_osview opens user specified files without dropping privileges. When a file is specified using the -s option, it will be opened regardless of permissions, and operating system usage information will be written into it. Full Article
uri Secunia Security Advisory 15619 By packetstormsecurity.com Published On :: Thu, 16 Jun 2005 05:01:37 GMT Secunia Security Advisory - A security issue has been reported in SGI IRIX, which potentially can be exploited by malicious users to disclose and modify sensitive information. Full Article
uri Secunia Security Advisory 15785 By packetstormsecurity.com Published On :: Fri, 24 Jun 2005 05:21:08 GMT Secunia Security Advisory - SGI has acknowledged a vulnerability in IRIX, which can be exploited by malicious people to compromise a vulnerable system. Full Article
uri iDEFENSE Security Advisory 2005-10-10.t By packetstormsecurity.com Published On :: Tue, 11 Oct 2005 04:50:55 GMT iDEFENSE Security Advisory 10.10.05-1 - Local exploitation of a design error vulnerability in the runpriv command included in multiple versions of Silicon Graphics Inc.'s IRIX could allow for arbitrary code execution as the root user. iDEFENSE has confirmed the existence of this vulnerability in SGI IRIX version 6.5.22 (maintenance). It is suspected that previous and later versions of both the feature and maintenance revisions of IRIX 6.5 are also vulnerable. Full Article
uri Secunia Security Advisory 42874 By packetstormsecurity.com Published On :: Mon, 10 Jan 2011 05:18:17 GMT Secunia Security Advisory - A vulnerability has been reported in SGI IRIX, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service). Full Article
uri Oracle Warns Of Attacks Against Recently Patched WebLogic Security Bug By packetstormsecurity.com Published On :: Fri, 01 May 2020 13:36:40 GMT Full Article headline hacker flaw patch oracle
uri Apple's Corellium Lawsuit Causes Chilling Effect With Security Researchers By packetstormsecurity.com Published On :: Wed, 06 May 2020 14:30:58 GMT Full Article headline hacker phone apple
uri Ubuntu Security Notice USN-3457-1 By packetstormsecurity.com Published On :: Mon, 23 Oct 2017 13:51:09 GMT Ubuntu Security Notice 3457-1 - Brian Carpenter discovered that curl incorrectly handled IMAP FETCH response lines. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Full Article
uri Red Hat Security Advisory 2017-3263-01 By packetstormsecurity.com Published On :: Mon, 27 Nov 2017 10:10:00 GMT Red Hat Security Advisory 2017-3263-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker could exploit this flaw to potentially cause information disclosure or crash the application. Full Article
uri Debian Security Advisory 4181-1 By packetstormsecurity.com Published On :: Sat, 28 Apr 2018 18:18:00 GMT Debian Linux Security Advisory 4181-1 - Andrea Basile discovered that the 'archive' plugin in roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize a user-controlled parameter, allowing a remote attacker to inject arbitrary IMAP commands and perform malicious actions. Full Article
uri Ubuntu Security Notice USN-3724-1 By packetstormsecurity.com Published On :: Thu, 26 Jul 2018 00:00:01 GMT Ubuntu Security Notice 3724-1 - Jon Kristensen discovered that Evolution Data Server would automatically downgrade a connection to an IMAP server if the IMAP server did not support SSL. This would result in the user's password being unexpectedly sent in clear text, even though the user had requested to use SSL. Full Article
uri Red Hat Security Advisory 2018-2526-01 By packetstormsecurity.com Published On :: Mon, 20 Aug 2018 17:06:08 GMT Red Hat Security Advisory 2018-2526-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include code execution and traversal vulnerabilities. Full Article
uri Debian Security Advisory 4344-1 By packetstormsecurity.com Published On :: Mon, 26 Nov 2018 08:32:22 GMT Debian Linux Security Advisory 4344-1 - Aidan Marlin discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling invalid style tag content. Full Article
uri Debian Security Advisory 4458-1 By packetstormsecurity.com Published On :: Sat, 08 Jun 2019 18:32:22 GMT Debian Linux Security Advisory 4458-1 - A flaw was discovered in the CalDAV feature in httpd of the Cyrus IMAP server, leading to denial of service or potentially the execution of arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. Full Article
uri Red Hat Security Advisory 2019-1771-01 By packetstormsecurity.com Published On :: Mon, 15 Jul 2019 15:17:18 GMT Red Hat Security Advisory 2019-1771-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Issues addressed include a buffer overflow vulnerability. Full Article
uri Debian Security Advisory 4510-1 By packetstormsecurity.com Published On :: Wed, 28 Aug 2019 18:24:06 GMT Debian Linux Security Advisory 4510-1 - Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve protocol parsers in the Dovecot email server do not properly validate input (both pre- and post-login). A remote attacker can take advantage of this flaw to trigger out of bounds heap memory writes, leading to information leaks or potentially the execution of arbitrary code. Full Article
uri Red Hat Security Advisory 2019-2799-01 By packetstormsecurity.com Published On :: Thu, 19 Sep 2019 16:28:51 GMT Red Hat Security Advisory 2019-2799-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a focus on high concurrency, performance and low memory usage. Issues addressed include a denial of service vulnerability. Full Article
uri Red Hat Security Advisory 2019-2822-01 By packetstormsecurity.com Published On :: Fri, 20 Sep 2019 14:57:21 GMT Red Hat Security Advisory 2019-2822-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability. Full Article
uri Red Hat Security Advisory 2019-2836-01 By packetstormsecurity.com Published On :: Fri, 20 Sep 2019 14:59:48 GMT Red Hat Security Advisory 2019-2836-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability. Full Article
uri Red Hat Security Advisory 2019-2885-01 By packetstormsecurity.com Published On :: Tue, 24 Sep 2019 17:01:54 GMT Red Hat Security Advisory 2019-2885-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability. Full Article
uri Ubuntu Security Notice USN-4160-1 By packetstormsecurity.com Published On :: Mon, 21 Oct 2019 23:23:12 GMT Ubuntu Security Notice 4160-1 - It was discovered that UW IMAP incorrectly handled inputs. A remote attacker could possibly use this issue to execute arbitrary OS commands. Full Article
uri Red Hat Security Advisory 2019-3467-01 By packetstormsecurity.com Published On :: Wed, 06 Nov 2019 15:40:34 GMT Red Hat Security Advisory 2019-3467-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. An improper certificate validation flaw was addressed. Full Article
uri Debian Security Advisory 4590-1 By packetstormsecurity.com Published On :: Sat, 21 Dec 2019 07:00:07 GMT Debian Linux Security Advisory 4590-1 - It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks. Full Article
uri Red Hat Security Advisory 2020-1126-01 By packetstormsecurity.com Published On :: Wed, 01 Apr 2020 14:58:03 GMT Red Hat Security Advisory 2020-1126-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include a traversal vulnerability. Full Article
uri Red Hat Security Advisory 2020-1062-01 By packetstormsecurity.com Published On :: Wed, 01 Apr 2020 15:13:48 GMT Red Hat Security Advisory 2020-1062-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a buffer overflow vulnerability. Full Article
uri FreeBSD Security Advisory - FreeBSD-SA-19:13.pts By packetstormsecurity.com Published On :: Thu, 25 Jul 2019 10:11:11 GMT FreeBSD Security Advisory - The code which handles a close(2) of a descriptor created by posix_openpt(2) fails to undo the configuration which causes SIGIO to be raised. This bug can lead to a write-after-free of kernel memory. The bug permits malicious code to trigger a write-after-free, which may be used to gain root privileges or escape a jail. Full Article
uri Red Hat Security Advisory 2019-2118-01 By packetstormsecurity.com Published On :: Tue, 06 Aug 2019 21:00:07 GMT Red Hat Security Advisory 2019-2118-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Full Article
uri Red Hat Security Advisory 2019-3513-01 By packetstormsecurity.com Published On :: Wed, 06 Nov 2019 15:49:23 GMT Red Hat Security Advisory 2019-3513-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Full Article
uri Red Hat Security Advisory 2020-1828-01 By packetstormsecurity.com Published On :: Tue, 28 Apr 2020 20:28:20 GMT Red Hat Security Advisory 2020-1828-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Full Article
uri Mobile Security Framework MobSF 0.9.2 Beta By packetstormsecurity.com Published On :: Tue, 03 May 2016 10:32:22 GMT Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK & IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting. Full Article
uri Mobile Security Framework MobSF 0.9.3 Beta By packetstormsecurity.com Published On :: Wed, 23 Nov 2016 00:49:57 GMT Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK & IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting. Full Article
uri Search Engine For Japanese Sex Hotels Announces Security Breach By packetstormsecurity.com Published On :: Mon, 06 Jan 2020 16:01:25 GMT Full Article headline privacy data loss japan
uri Suricata IDPE 5.0.3 By packetstormsecurity.com Published On :: Tue, 28 Apr 2020 14:56:56 GMT Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools. Full Article
uri Red Hat Security Advisory 2020-1765-01 By packetstormsecurity.com Published On :: Tue, 28 Apr 2020 20:20:53 GMT Red Hat Security Advisory 2020-1765-01 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. Issues addressed include a buffer overflow vulnerability. Full Article
uri Red Hat Security Advisory 2020-1880-01 By packetstormsecurity.com Published On :: Tue, 28 Apr 2020 20:38:42 GMT Red Hat Security Advisory 2020-1880-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. The Intelligent Input Bus is an input method framework for multilingual input in Unix-like operating systems. Issues addressed include an improper authorization vulnerability. Full Article
uri Microsoft Mocks Google For Failed Security Fix Deployment Methodology By packetstormsecurity.com Published On :: Thu, 19 Oct 2017 14:17:08 GMT Full Article headline microsoft flaw google chrome
uri Google Steps Up Browser Rivalry With Site Isolation Security By packetstormsecurity.com Published On :: Thu, 07 Dec 2017 14:24:14 GMT Full Article headline google chrome
uri Google Chrome 75 Rolls Out With 42 Security Fixes By packetstormsecurity.com Published On :: Thu, 06 Jun 2019 13:23:13 GMT Full Article headline flaw google patch chrome
uri HPP Protection Patch For ModSecurity 2.5.9 By packetstormsecurity.com Published On :: Mon, 06 Jul 2009 18:09:02 GMT HPP (HTTP Parameter Pollution) protection patch for ModSecurity version 2.5.9. Full Article
uri With Everyone WFH, VPN Security Has Become Paramount By packetstormsecurity.com Published On :: Wed, 18 Mar 2020 14:38:00 GMT Full Article headline privacy cryptography
uri Zoom: Every Security Issue Uncovered In The Video Chat App By packetstormsecurity.com Published On :: Tue, 14 Apr 2020 14:32:56 GMT Full Article headline hacker privacy phone flaw cryptography
uri Zoom Tackles Hackers With New Security Measures By packetstormsecurity.com Published On :: Wed, 06 May 2020 14:30:55 GMT Full Article headline privacy phone flaw cryptography
uri Gentoo Linux Security Advisory 202004-14 By packetstormsecurity.com Published On :: Fri, 01 May 2020 13:52:20 GMT Gentoo Linux Security Advisory 202004-14 - Multiple vulnerabilities have been found in FontForge, the worst of which could result in the arbitrary execution of code. Versions less than 20200314 are affected. Full Article
uri Gentoo Linux Security Advisory 202004-15 By packetstormsecurity.com Published On :: Fri, 01 May 2020 13:52:27 GMT Gentoo Linux Security Advisory 202004-15 - Multiple vulnerabilities have been found in libu2f-host, the worst of which could result in the execution of code. Versions less than 1.1.10 are affected. Full Article
uri Gentoo Linux Security Advisory 202004-16 By packetstormsecurity.com Published On :: Fri, 01 May 2020 13:52:33 GMT Gentoo Linux Security Advisory 202004-16 - Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code. Versions less than 1.2.11 are affected. Full Article
uri Gentoo Linux Security Advisory 202004-17 By packetstormsecurity.com Published On :: Fri, 01 May 2020 13:52:38 GMT Gentoo Linux Security Advisory 202004-17 - Multiple vulnerabilities have been found in Django, the worst of which could result in privilege escalation. Versions less than 2.2.11 are affected. Full Article