what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2020-08-18

Ubuntu Security Notice USN-4464-1
Posted Aug 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4464-1 - It was discovered that GNOME Shell incorrectly handled the login screen password dialog. Sensitive information could possibly be exposed during user logout.

tags | advisory, shell
systems | linux, ubuntu
advisories | CVE-2020-17489
SHA-256 | 27a35d2e8e2f7b62fba0bdc4f772c8174e50b13efcc6371edac4db7a01276fd4
ClamOne 0.102.4-1
Posted Aug 18, 2020
Authored by Lazlo182 | Site github.com

ClamOne is an open source Linux front-end to the ClamAV Antivirus Engine. A basic graphical user interface, designed for a Desktop environment, to provide instant feedback when threats are detected on the local system. Features include configuring the clamd daemon directly from the GUI, indication of threats via visual cues as well as notifications, monitoring and updating the virus definitions, monitoring various clam-related event logs and messages, quarantining of detected threats, and visual graphing of antivirus activity.

tags | tool, local, virus
systems | linux, unix
SHA-256 | f250e27eb3c116cb84503f7635105bc042fae9788de5918a15506c7d404de967
Ubuntu Security Notice USN-4463-1
Posted Aug 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4463-1 - It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. Kyungtae Kim discovered that the USB testing driver in the Linux kernel did not properly deallocate memory on disconnect events. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-12771, CVE-2020-15393
SHA-256 | 9bae40e89e07da10d54b7fabc2d9a2f10be261c5b51e7f931b3529f60b4ed56e
Red Hat Security Advisory 2020-3475-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3475-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 4d1b212ed310460f7c14cebdc457a408ed5077e1a54519e2fba54bd4d3b6d5cf
WordPress Elegant Testimonial 1.1.6 Persistent Cross Site Scripting
Posted Aug 18, 2020
Authored by Melbin K Mathew

WordPress Elegant Testimonial plugin version 1.1.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4001e445bea3300c2962d26324ae3a84c15202be2d8172987521789caa23ac00
Encrypted Linux x86-64 Loadable Kernel Modules (ELKM)
Posted Aug 18, 2020
Authored by cenobyte | Site github.com

In this paper, the author presents ELKM, a Linux tool that provides a mechanism to securely transport and load encrypted Loadable Kernel Modules (LKM). The aim is to protect kernel-based rootkits and implants against observation by Endpoint Detection and Response (EDR) software and to neutralize the effects of recovery by disk forensics tooling. The tool as well as the whitepaper is provided in this archive.

tags | tool, paper, kernel
systems | linux, unix
SHA-256 | 90f8eb13eaf41b5f53ca0215da59d606b3744835abc350e84c035ce5e337aa31
Red Hat Security Advisory 2020-3474-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3474-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux.

tags | advisory, shell, bash
systems | linux, redhat
advisories | CVE-2019-9924
SHA-256 | e33707a21648effcc7921de1ee320bb14788d0b377049fe958d23e6f263fc180
Ubuntu Security Notice USN-4461-1
Posted Aug 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4461-1 - Dominik Penner discovered that Ark did not properly sanitize zip archive files before performing extraction. An attacker could use this to construct a malicious zip archive that, when opened, would create files outside the extraction directory.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-16116
SHA-256 | 8b77ab0583418946ca538da2bc0b79f0c808cfa6b4dd79f73e3808043c87a43f
D-Link Central WiFi Manager CWM(100) Remote Code Execution
Posted Aug 18, 2020
Authored by M3 at ZionLab, Redouane Niboucha | Site metasploit.com

This Metasploit module exploits a PHP code injection vulnerability in D-Link Central WiFi Manager CWM(100) versions below v1.03R0100_BETA6. The vulnerability exists in the username cookie, which is passed to eval() without being sanitized. Dangerous functions are not disabled by default, which makes it possible to get code execution on the target.

tags | exploit, php, code execution
advisories | CVE-2019-13372
SHA-256 | ac0e25a36b1f650a673695023120501aef0392916303b8f4a0574daeb5e71a35
UFONet 1.6
Posted Aug 18, 2020
Authored by psy | Site ufonet.03c8.net

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

Changes: Added 8 attacks and updated the documentation, website, and more.
tags | tool, web, denial of service, spoof
systems | unix
SHA-256 | e0b500cf7432e9f3e87940b14a0c82a075eb96a783e0d1f3101c0a6931476863
WordPress Click To Top 1.2.7 Persistent Cross Site Scripting
Posted Aug 18, 2020
Authored by Melbin K Mathew

WordPress Click To Top plugin version 1.2.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1b98dcba76d7ba8701e78ac0a3ec04fae93953fcb07a4df694c8e36a5611b1eb
Red Hat Security Advisory 2020-3470-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3470-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 8c41ef985a873c34e1500d6376c72a14c1a08e4450eb1f0dd62bf66526444b1c
Red Hat Security Advisory 2020-3471-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3471-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 9c986b6214b7254cf4e6b3b36b5e907fefe8a2ac4dfebf0306f1e7acd21daa8f
Ubuntu Security Notice USN-4462-1
Posted Aug 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4462-1 - It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-12771
SHA-256 | fb0e88bc41f4506e33d919ac3bcfd5b540e7a37e4a4d4b56d5b09ea6fd34366e
WordPress Change Login Logo 1.0.1 Persistent Cross Site Scripting
Posted Aug 18, 2020
Authored by Melbin K Mathew

WordPress Change Login Logo plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7993527c734646f6b5795851c7757282b97883c544e56274b5878255b840bdec
Red Hat Security Advisory 2020-3453-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3453-01 - The Matrix Project is a module which handles creating Jenkins multi-configuration projects. Matrix Authorization allows configuring the lowest level permissions, such as starting new builds, configuring items, or deleting them, individually. Python-RSA is a RSA implementation in Python. It can be used as a Python library as well as the commandline utility. Issues addressed include cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss, python
systems | linux, redhat
advisories | CVE-2020-13757, CVE-2020-2224, CVE-2020-2225, CVE-2020-2226
SHA-256 | dcba8ed7be6bf93cafc80deff5dd57772dc8ea7c104f758c6b9f084ddded22ca
Tailor Management System 1.0 Persistent Cross Site Scripting
Posted Aug 18, 2020
Authored by Ahmed Abbas

Tailor Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6639118d29bceefaec78d6b51566ed7c0a0d9abd5a3a18d576a7508d0f922521
Ubuntu Security Notice USN-4460-1
Posted Aug 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4460-1 - It was discovered that Oniguruma incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-16163
SHA-256 | 81353d08ed185bd09b1a38842ed60c2e15eacb213eaaba32f0f0e5bf0513abbb
vBulletin 5.6.2 Persistent Cross Site Scripting
Posted Aug 18, 2020
Authored by Vincent666 ibn Winnie

vBulletin version 5.6.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6797e8d2f7f5133f6e61f40e7b532b6ad62a8debe938bad1511a6ef507e1d286
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close