TestSSL 2.9.5-8

testssl.sh is a free command line tool which checks a server’s service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Link: https://packetstormsecurity.com/files/152613/testssl.sh-2.9.5-8.tar.gz

HackerTor

Red Hat Security Advisory 2019-0868-01

Red Hat Security Advisory 2019-0868-01 – Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.7 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

Link: https://packetstormsecurity.com/files/152614/RHSA-2019-0868-01.txt

HackerTor

Sony Smart TV Information Disclosure / File Read

Sony Smart TVs suffer from information disclosure and arbitrary file read vulnerabilities.

Link: https://packetstormsecurity.com/files/152612/sonysmarttvs-fileread.txt

HackerTor

Ubuntu Security Notice USN-3936-2

Ubuntu Security Notice 3936-2 – USN-3936-1 fixed a vulnerability in AdvanceCOMP. This update provides the corresponding update for Ubuntu 19.04. It was discovered that AdvanceCOMP incorrectly handled certain PNG files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

Link: https://packetstormsecurity.com/files/152615/USN-3936-2.txt

HackerTor

Facebook Profits Likely To Fall After Fake News And Privacy Scandals

Link: https://www.theguardian.com/technology/2019/apr/22/facebook-profit-fall-fake-news-privacy-scandals

HackerTor

Msvod 10 Cross Site Request Forgery

Msvod version 10 suffers from a cross site request forgery vulnerability.

Link: https://packetstormsecurity.com/files/152604/msvod10-xsrf.txt

HackerTor

Linux/ARM Password Protected Reverse TCP Shell Shellcode

100 bytes small Linux/ARM password protected reverse TCP shell shellcode.

Link: https://packetstormsecurity.com/files/152602/linuxarmpprshell-shellcode.txt

HackerTor

systemd Seat Verification Active Session Spoofing

systemd suffers from a lack of seat verification in the PAM module and in turn permits the spoofing of an active session to polkit.

Link: https://packetstormsecurity.com/files/152610/GS20190424002035.txt

HackerTor

Red Hat Security Advisory 2019-0856-01

Red Hat Security Advisory 2019-0856-01 – Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.7 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements.

Link: https://packetstormsecurity.com/files/152605/RHSA-2019-0856-01.txt

HackerTor

UliCMS 2019.2 / 2019.1 Cross Site Scripting

UliCMS versions 2019.2 and 2019.1 suffers from multiple cross site scripting vulnerabilities.

Link: https://packetstormsecurity.com/files/152608/ulicms2019-xss.txt