Adventures in Automotive Networks and Control Units (aka car hacking) is an overview of the original work by Charlie Miller and Chris Valasek that covers CAN bus sniffing, injection, and attacks against a Toyota Prius and Ford Escape. Also included are all the tools they used and related data.
388155dad3d4941180cc43d65a21b1b4f0febcb901ea70241f133325b8b436dfDell Customer Connect (DCCService.exe) version 1.3.28.0 suffers from a local privilege escalation vulnerability.
01adb10edf42c5c531eefc99d7226ee312a57ead81179ddea9469321e3875f5eOpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dm_bp_transition docbase method with a user-created dm_procedure object, as demonstrated by use of a backspace character in an injected string. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2513. This code is a proof of concept exploit.
075e41464f5a5b594ef398cfbdc839e338020d08e61a4d818296c681db42b4d7Ubuntu Security Notice 3266-2 - USN-3266-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service.
38bf0e1ebe7b487031f7f129018d145bb062758b3fcb637423c23f99910dc876Ubuntu Security Notice 3265-1 - It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Andrey Konovalov discovered an out-of-bounds access in the IPv6 Generic Routing Encapsulation tunneling implementation in the Linux kernel. An attacker could use this to possibly expose sensitive information. Various other issues were also addressed.
458544e325eb238c58004371dbe9356a95171c61c3dbdaeb26265ab61d0a46c5Ubuntu Security Notice 3265-2 - USN-3265-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
0c9967de91275097ac2b964a5f5f15ab25ba17e3a65406a24207ac40379c8d83Ubuntu Security Notice 3266-1 - Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service.
388005729548db4ef2fb458e260c25a00a658e1fc5e6cc30a86ff9544d66f5cdUbuntu Security Notice 3264-2 - USN-3264-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
08bd22ddd449f23f83690f03bef696d4220beacfda3e370c51c533548712002aUbuntu Security Notice 3267-1 - Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories.
380cf9bf4beda1eda84eea11a36b4452ad006b1cfa8e93c8e4f2d3defff5110cUbuntu Security Notice 3268-1 - Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Jann Horn discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged attacker inside the guest could use this issue to access files on the host file system outside of the shared directory and possibly escalate their privileges. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. Various other issues were also addressed.
55219cd93a67e26cc2c98285217c82a6a4c4a415f32a2bc50c406be0dfd12705Ubuntu Security Notice 3264-1 - Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service.
5617bdc6e6c1ccc15c09b9257b1ec4cce82e101317b00bd377fd23662ed06fa8Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
df5e943771e59fc2289df3af757bd1a57e0e1c52504d2a66c7b611ab1f057e98Debian Linux Security Advisory 3833-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.
8d692af2b943bea43208aef15f7da5e70206cdcf1a91c28cbe75076b9a37add4Red Hat Security Advisory 2017-1126-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system.
34d392e00adb86300a44fe21a8d79fc93f1e9dbf79ba5dc3b3e00240e2bbc6beRed Hat Security Advisory 2017-1125-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system.
7112adc140cf091a6d4e364b6e09c73a98b1eea23f7cd1fef5eb48900766f898Red Hat Security Advisory 2017-1124-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 58.0.3029.81. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
e325fa775ede1fe0fa9d26ba89abf5e87c0e726c82d6a6adb5a3e13ea26b42d1OXATIS 2017 suffers from a cross site scripting vulnerability.
b4ff5aa49a3b93d6b92ea4d397b075e42df21186055dbc33740a7c44b12f9701This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how an olelink object can make a http(s) request, and execute hta code in response. This bug was originally seen being exploited in the wild starting in Oct 2016. This Metasploit module was created by reversing a public malware sample.
7e6b9ea3c2f7098466493a6d04a3625fe49a4a591628f01dcefb67c6615f8b03The Postgres database on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has default hardcoded credentials. While some security measures were taken to ensure that network connectivity to the Postgres database wouldn't be possible using IPv4, the same measures were not taken for IPv6.
ad169956f0f3396698d40c18a3a0e55793e890d9d218704c030183521609a602The management shell on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 allows the end user to edit the MOTD banner displayed during SSH logon. The editor provided for this is nano. This editor has a keyboard mapped function which lets the user import a file from the local file system into the editor. An attacker can abuse this to read arbitrary files within the allowed permissions.
2a881d9217c48b1606ec88d0bb0823e2e6d7359165db582cfbbd90943ae24f0eInsufficient input validation in the management interface can be leveraged in order to execute arbitrary commands. This can lead to (root) shell access to the underlying operating system on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.
fe9867b691ca5367a9f8e75d21f16e8f3d6804f2ad561bedd0abd524a2546349An attacker can abuse functionality provided by a script which may be run with root privilege in order to elevate privilege on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.
541cc742cf8744931b966ccfc14ec82005cd85e4a6e1bff7ce5f93c7ba245576Due to lax filesystem permissions, an attacker can take control of a hardcoded sudo path in order to execute commands as a privileged user on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.
3f138413d3ee07b7fb98c0ec9430dcebbf62f40cd8ffb3fa592f0455512444f9Slackware Security Advisory - New proftpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
4dc0c7f616e5a08691f41b50024d5cde24ec3fc8bee6bd91a0d897bf20523babSlackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
8ebef10dc26715edf05044fa1397cb02c9aaa68b0b15d9b0882c1f4e80053a4a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed