what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 91 RSS Feed

Files Date: 2020-09-30

Red Hat Security Advisory 2020-3841-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3841-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include cross site scripting and information leakage vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-17638, CVE-2020-2229, CVE-2020-2230, CVE-2020-2231
SHA-256 | 77a91d7eb8ec634429339830c6925d60cfecc790452b9ca6402775e98428831d
Ubuntu Security Notice USN-4560-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4560-1 - It was discovered that Gon gem did not properly escape certain input. An attacker could use this vulnerability to execute a cross-site scripting attack.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2020-25739
SHA-256 | 0afd784d9fff5bc200bfe4ee62a7b0add6fd23a6068db9500099691b82ad4bc0
Cisco AnyConnect Privilege Escalation
Posted Sep 30, 2020
Authored by Yorick Koster, Christophe de la Fuente, Antoine Goichot | Site metasploit.com

The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.9.00086 is vulnerable to a DLL hijacking and allows local attackers to execute code on the affected machine with with system level privileges. Both attacks consist in sending a specially crafted IPC request to the TCP port 62522 on the loopback device, which is exposed by the Cisco AnyConnect Secure Mobility Agent service.

tags | exploit, arbitrary, local, tcp
systems | cisco, windows
advisories | CVE-2020-3153, CVE-2020-3433
SHA-256 | 74ae12d312c6c46fa9f122b2a106d803de515d0b707dfe34720c066dd56a2680
MailDepot 2032 SP2 Session Expiration
Posted Sep 30, 2020
Authored by Micha Borrmann | Site syss.de

MailDepot version 2032 SP2 (2.2.1242) suffers from a session expiration design issue.

tags | exploit
advisories | CVE-2019-19199
SHA-256 | 700f980163d0fca1ea48e794d6af4f154b44ba1253811ef8c5c1d57d881a5603
DOMOS 5.8 Command Injection
Posted Sep 30, 2020
Authored by Patrick Hener | Site syss.de

DOMOS versions 5.8 and below suffer from a command injection vulnerability.

tags | exploit
advisories | CVE-2020-14293
SHA-256 | f79d55cd2e399530aae5ed6c8d32963564e7a1e6dcd732e4f4fc6cb4d787808f
Qiata FTA 1.70.19 Cross Site Scripting
Posted Sep 30, 2020
Authored by Patrick Hener | Site syss.de

Qiata FTA versions 1.70.19 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-14294
SHA-256 | ffa825bb3a9b050965fbf372d65a3eb70ac962e897f3c02dab225c86de686b1c
Red Hat Security Advisory 2020-4143-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4143-01 - Red Hat OpenShift Container Storage is a provider of agnostic persistent storage for OpenShift Container Platform either in-house or in a hybrid cloud. As a Red Hat storage solution, OCS is completely integrated with OpenShift Container Platform for deployment, management, and monitoring. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10762, CVE-2020-10763
SHA-256 | 0dbc282aeec100c2d1899b563dc76ec89d7815b9267395dededfa9e69ace4db5
Ubuntu Security Notice USN-4559-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4559-1 - Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which forced a secure netlogon channel, this update provides additional improvements. Various other issues were also addressed.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2020-1472
SHA-256 | 61ebb653ef48e45237d93b5107a0ea96c40140ab606b9ea9367ed3556b69e08d
Ubuntu Security Notice USN-4557-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4557-1 - It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. It was discovered that Tomcat incorrectly controlled reading system properties. A malicious application could possibly use this to bypass Security Manager restrictions. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-0762, CVE-2016-5018, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735
SHA-256 | 9f854df2f31b73d069aea8b610b051dd4715b779d998975ff90093312a237d8b
Red Hat Security Advisory 2020-4137-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4137-01 - Fixed an XSS vulnerability Fixed the Red Hat sosreport tool to no longer include the Ansible Tower SECRET_KEY value Fixed the Ansible Tower installer so that it is now compatible with the latest supported Red Hat OpenShift Container Platforms 3.x and 4.x. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2020-14365, CVE-2020-25626
SHA-256 | 3c45228725985140a00c8945df5dc1bd22d32fd30a3069bc0f2833320d9b2911
Red Hat Security Advisory 2020-4136-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4136-01 - Updated to the latest version of the git-python library to no longer cause certain jobs to fail Updated to the latest version of the ovirt.ovirt collection to no longer cause connections to hang when syncing inventory from oVirt/RHV Added a number of optimizations to Ansible Tower's callback receiver to improve the speed of stdout processing for simultaneous playbooks runs Added an optional setting to disable the auto-creation of organizations and teams on successful SAML login Fixed an XSS vulnerability Fixed a slow memory leak in the Daphne process Fixed Automation Analytics data gathering to no longer fail for customers with large datasets Fixed scheduled jobs that run every X minute or hour to no longer fail to run at the proper time Fixed delays in Ansible Tower's task manager when large numbers of simultaneous jobs are scheduled Fixed the performance for playbooks that store large amounts of data using the set_stats module Fixed the awx-manage remove_from_queue tool when used with isolated nodes Fixed an issue that prevented jobs from being properly marked as canceled when Tower is backed up and then restored to another environment. Issues addressed include cross site scripting and memory leak vulnerabilities.

tags | advisory, vulnerability, xss, memory leak, python
systems | linux, redhat
advisories | CVE-2020-14365, CVE-2020-25626
SHA-256 | d35bdae114c99ede1a241ed0ae74cb3f31fecb568f0fd7025cd59c44c369df33
Ubuntu Security Notice USN-4558-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4558-1 - It was discovered that libapreq2 did not properly sanitize the Content-Type field in certain, crafted HTTP requests. An attacker could use this vulnerability to cause libapreq2 to crash.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2019-12412
SHA-256 | 0f30c7af281d84dac651e300978d28e37afc2f319de0fb84cbac40a96464d2a9
Red Hat Security Advisory 2020-4134-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4134-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site request forgery vulnerability.

tags | advisory, web, ruby, csrf
systems | linux, redhat
advisories | CVE-2020-14369
SHA-256 | d7a924fa93f1dc0be2809f3ed8f22321634d261660f39a52c638e3618931c2a5
Red Hat Security Advisory 2020-4127-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4127-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14334
SHA-256 | 8456c21538d892dd34e5cf93b41f4e429a5a358c8cbd5ae12618a399fef6bf74
Red Hat Security Advisory 2020-4129-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4129-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25017
SHA-256 | e16378cb875decab083b62551d34c53f96f2e1d9647b8d773cacc85ef5839e8a
Red Hat Security Advisory 2020-4114-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4114-01 - ovirt-ansible-repositories is an Ansible role used to set up the repositories required for oVirt engine or host installation. The openvswitch package contains components for enabling Open vSwitch; a software-based Ethernet virtual switch. It also includes OVN components for supporting virtual network abstraction. The Red Hat Virtualization Python SDK is a program that simplifies access to the Red Hat Virtualization API by providing an object-oriented view to developers. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow, python
systems | linux, redhat
advisories | CVE-2020-10722, CVE-2020-10723
SHA-256 | 4dffb70b4f7fb9ef435a293216ee684f0d6b05f4b8e7ba17e986288db5a0b575
Red Hat Security Advisory 2020-4115-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4115-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-10713, CVE-2020-14364
SHA-256 | ef009eb847fe892d2d50e7ad290122b9d17bf50303a38ccb2504c9dc6e2918cd
Red Hat Security Advisory 2020-4111-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4111-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14364
SHA-256 | cd39c2f60d162d01a039b7d8cdda054f23aadeb8dcfb96e66ef700a1ecbb834f
Red Hat Security Advisory 2020-4082-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4082-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and information leakage vulnerabilities.

tags | advisory, web, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-12528, CVE-2020-15049, CVE-2020-15810, CVE-2020-15811, CVE-2020-24606, CVE-2020-8449, CVE-2020-8450
SHA-256 | ac5f5be72f882c9207020a5a07bfe8f72ffe10b798001249d9950ce8b30580f7
Red Hat Security Advisory 2020-4080-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4080-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.3.0 ESR. Issues addressed include bypass, cross site scripting, integer overflow, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, overflow, spoof, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-15648, CVE-2020-15653, CVE-2020-15654, CVE-2020-15656, CVE-2020-15658, CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, CVE-2020-15678
SHA-256 | 361d1317f4daafbb10a578b06dd543b000c2f1529726b032817c13fa41886222
Red Hat Security Advisory 2020-4079-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4079-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14364, CVE-2020-1983
SHA-256 | a83d4415a0665813688624904ea6ec62535b2e1c2928de36f229e59dc2d1c097
Gentoo Linux Security Advisory 202009-18
Posted Sep 30, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-18 - Multiple vulnerabilities have been found in Bitcoin, the worst of which could result in a Denial of Service condition. Versions less than 0.20.1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-15947, CVE-2020-14198
SHA-256 | 79977fbc6f9945f1f37b8e762674ad8ec67e98beeb72d107c722133ae7c64667
Gentoo Linux Security Advisory 202009-14
Posted Sep 30, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-14 - A buffer overflow in Xen might allow remote attacker(s) to execute arbitrary code. Versions less than 4.13.1-r3 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2020-14364
SHA-256 | 64ed126575bc6e2536457095537752f33bddec786cdcd645d5ffc6ff20726054
Red Hat Security Advisory 2020-4078-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4078-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14364
SHA-256 | f240482ee9550d1620e5cedfb813b8307d58715fcd9b7e04a765244a9a7fcfd7
Red Hat Security Advisory 2020-4003-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4003-01 - NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband, and PPPoE devices, as well as providing VPN integration with a variety of different VPN services.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10754
SHA-256 | 4a27dc949a5e9b2ce0de414d35d030bee6669dec203fb36640cdbe1b08ae5121
Page 1 of 4
Back1234Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close