Alibaba Clone Script suffers from a remote SQL injection vulnerability.
Monthly Archives: March 2017
Vuln: Samba CVE-2017-2619 Symlink Vulnerability
Samba CVE-2017-2619 Symlink Vulnerability
Fraudsters Using GiftGhostBot Botnet to Steal Gift Card Balances
Gift cards have once again caused quite a headache for retailers, as cyber criminals are using a botnet to break into and steal cash from money-loaded gift cards provided by major retailers around the globe.
Dubbed GiftGhostBot, the new botnet specialized in gift card fraud is an advanced persistent bot (APB) that has been spotted in the wild by cyber security firm Distil Networks.
Experts Doubt Hackers’ Claim Of Millions Of Breached Apple Credentials
Security experts say they are skeptical that a group called Turkish Crime Family actually possess a cache of hundreds of millions of Apple iCloud account credentials.
python-sleekxmpp-1.3.2-1.fc24
Update to latest upstream release 1.3.2 to fix CVE-2017-5591 (rhbz#1421077)
python-sleekxmpp-1.3.2-1.fc25
Update to latest upstream release 1.3.2 to fix CVE-2017-5591 (rhbz#1421077)
python-sleekxmpp-1.3.2-1.fc26
Update to latest upstream release 1.3.2 to fix CVE-2017-5591 (rhbz#1421077)
NetBSD-SA2017-003 Weak privilege separation in XEN
USN-3233-1: Thunderbird vulnerabilities
Ubuntu Security Notice USN-3233-1
24th March, 2017
thunderbird vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
Several security issues were fixed in Thunderbird.
Software description
- thunderbird
– Mozilla Open Source mail and newsgroup client
Details
Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to bypass same origin
restrictions, obtain sensitive information, cause a denial of service via
application crash or hang, or execute arbitrary code. (CVE-2017-5398,
CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405,
CVE-2017-5407, CVE-2017-5408, CVE-2017-5410)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 16.10:
-
thunderbird
1:45.8.0+build1-0ubuntu0.16.10.1
- Ubuntu 16.04 LTS:
-
thunderbird
1:45.8.0+build1-0ubuntu0.16.04.1
- Ubuntu 14.04 LTS:
-
thunderbird
1:45.8.0+build1-0ubuntu0.14.04.1
- Ubuntu 12.04 LTS:
-
thunderbird
1:45.8.0+build1-0ubuntu0.12.04.1
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart Thunderbird to make
all the necessary changes.
References
Linux/x86 Reverse Shell Shellcode
110 bytes small Linux/x86 reverse /bin/bash shellcode.