Javier García

5 junio, 2018

DSA-4217 wireshark – security update

It was discovered that Wireshark, a network protocol analyzer, containedseveral vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC,IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denialof service or the execution of arbitrary code. More info: https://www.debian.org/security/2018/dsa-4217

5 junio, 2018

DSA-4215 batik – security update

Man Yue Mo, Lars Krapf and Pierre Ernst discovered that Batik, atoolkit for processing SVG images, did not properly validate itsinput. This would allow an attacker to cause a denial-of-service,mount cross-site scripting attacks, or access restricted files on theserver. More info: https://www.debian.org/security/2018/dsa-4215

4 junio, 2018

DSA-4215 batik – security update

4 junio, 2018

DSA-4214 zookeeper – security update

It was discovered that Zookeeper, a service for maintaining configurationinformation, enforced no authentication/authorisation when a serverattempts to join a Zookeeper quorum. More info: https://www.debian.org/security/2018/dsa-4214

2 junio, 2018

wpForo Forum <= 1.4.11 – Unauthenticated Reflected Cross-Site Scripting (XSS)

More info: https://wpvulndb.com/vulnerabilities/9090

1 junio, 2018

DSA-4212 git – security update

Etienne Stalmans discovered that git, a fast, scalable, distributedrevision control system, is prone to an arbitrary code executionvulnerability exploitable via specially crafted submodule names in a.gitmodules file. More info: https://www.debian.org/security/2018/dsa-4212

1 junio, 2018

OpenSSL RSA key generation vulnerability CVE-2018-0737

OpenSSL RSA key generation vulnerability CVE-2018-0737. Security Advisory. Security Advisory Description. The OpenSSL ... More info: https://support.f5.com/csp/article/K43429502

1 junio, 2018

TMM vulnerability CVE-2017-6153

TMM vulnerability CVE-2017-6153. Security Advisory. Security Advisory Description. Features in the BIG-IP system that utilize ... More info: https://support.f5.com/csp/article/K52167636

1 junio, 2018

How To Identify That Your Website Hacked for Pharma Spam

https://blog.threatpress.com/pharma-spam-identify-hacked-website/Pharma Spam or Pharma Hack is a type of SEO spam used by hackers to improve the SEO rank of websites selling pharmaceutical products like Viagra, Cialis, Xanax, Valium, and Celebrex. Hacked Website Report 2017 found that 44% of all malware attacks included the creation of SEO spam campaigns on the targeted site. This kind […] More info: https://blog.threatpress.com/pharma-spam-identify-hacked-website/

1 junio, 2018

GeoIP vulnerability CVE-2018-5521

GeoIP vulnerability CVE-2018-5521. Security Advisory. Security Advisory Description. Carefully crafted URLs can be used ... More info: https://support.f5.com/csp/article/K23124150