exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 45 RSS Feed

Files Date: 2021-01-28

Debian Security Advisory 4806-2
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4806-2 - The update for minidlna released as DSA 4806-1 introduced a regression when purging the package. Updated minidlna packages are now available to correct this issue.

tags | advisory
systems | linux, debian
SHA-256 | fa016f6a33c4b414fd5fb1e640fa079e1c96cd11e815202c4f08047c24cff24f
Debian Security Advisory 4823-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4823-1 - It was discovered that incorrect validation of JWT tokens in InfluxDB, a time series, metrics, and analytics database, could result in authentication bypass.

tags | advisory
systems | linux, debian
advisories | CVE-2019-20933
SHA-256 | f27a1ee5809e7396fcc1df33173759952f11d2dc156b6ec1306744a1bfdb5860
Debian Security Advisory 4824-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4824-1 - Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, web, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2019-8075, CVE-2020-15959, CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963, CVE-2020-15964, CVE-2020-15965, CVE-2020-15966, CVE-2020-15967, CVE-2020-15968, CVE-2020-15969, CVE-2020-15970, CVE-2020-15971
SHA-256 | 78ae179da093a6a577d6550cb23d27e5e249f89eb26dccf78b4377df3c7b642d
Debian Security Advisory 4825-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4825-1 - Several vulnerabilities have been discovered in the Dovecot email server.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2020-24386, CVE-2020-25275
SHA-256 | cf693b635e996bdc26281c39413a36a22f79f81d8a17b14eed1e84213499f91a
Debian Security Advisory 4826-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4826-1 - Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code or HTTP request smuggling.

tags | advisory, web, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2020-8265, CVE-2020-8287
SHA-256 | e2b5d65d7f6f0ab587468c3f477ba1e069f60f0a6607c72f983e63a159263283
Debian Security Advisory 4827-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4827-1 - A security issue was found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2020-16044
SHA-256 | 9416f0cae0c06d14ac73984ac9dc8c0775d5c30fe49312106293817720a26170
Debian Security Advisory 4828-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4828-1 - Liaogui Zhong discovered two security issues in XStream, a Java library to serialise objects to XML and back again, which could result in the deletion of files or server-side request forgery when unmarshalling.

tags | advisory, java
systems | linux, debian
advisories | CVE-2020-26258, CVE-2020-26259
SHA-256 | 23076c5eeea51b7e0850ffd341eb9d56280a3057689e9fd411b78f5822b86f73
Debian Security Advisory 4829-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4829-1 - A flaw was discovered in coturn, a TURN and STUN server for VoIP. By default coturn does not allow peers on the loopback addresses (127.x.x.x and ::1). A remote attacker can bypass the protection via a specially crafted request using a peer address of '0.0.0.0' and trick coturn in relaying to the loopback interface. If listening on IPv6 the loopback interface can also be reached by using either [::1] or [::] as the address.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2020-26262
SHA-256 | 0e50e94f21084349379aee27ae6a0c950c9d141059b68a995c92c65ef2de6f30
Debian Security Advisory 4830-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4830-1 - Simon McVittie discovered a bug in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape).

tags | advisory, arbitrary
systems | linux, debian
SHA-256 | bc10e6a3a810afe88ce0900a3775ebba92614ba5c237107563fc42249fbbfdb4
Debian Security Advisory 4830-2
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4830-2 - The update for flatpak released as DSA 4830-1 introduced regressions with flatpak build and in the extra-data mechanism. Updated flatpak packages are now available to correct this issue.

tags | advisory
systems | linux, debian
SHA-256 | 9a05357fb42191b23127bcf9b39593397fad5dc139a8541bf2faed24ee7012d9
Debian Security Advisory 4831-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4831-1 - Johan Smits discovered that ruby-redcarpet, a markdown parser, did not properly validate its input. This would allow an attacker to mount a cross-site scripting attack.

tags | advisory, xss, ruby
systems | linux, debian
advisories | CVE-2020-26298
SHA-256 | c44d3382c1f80e8cf0550616c6754cf2d8909778050390bda5bc76cc7db10c35
Debian Security Advisory 4832-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4832-1 - Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, web, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2020-15995, CVE-2020-16043, CVE-2021-21106, CVE-2021-21107, CVE-2021-21108, CVE-2021-21109, CVE-2021-21110, CVE-2021-21111, CVE-2021-21112, CVE-2021-21113, CVE-2021-21114, CVE-2021-21115, CVE-2021-21116
SHA-256 | f8968b495112cc61d8cd316cc29fb53c1e3ef24394aa6e85331e4c668fff0545
Debian Security Advisory 4833-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4833-1 - Andrew Wesie discovered a buffer overflow in the H264 support of the GStreamer multimedia framework, which could potentially result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
SHA-256 | c2777b102bdfdee0452abcc6cfcef4778c25b2bdc0dbd5a8f64f82e7cb34eb30
Debian Security Advisory 4833-2
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4833-2 - The update for gst-plugins-bad1.0 released as DSA 4833-1 choosed a package version incompatible with binNMUs and prevented upgrades to the fixed packages. Updated gst-plugins-bad1.0 packages are now available to correct this issue.

tags | advisory
systems | linux, debian
SHA-256 | aa2703f9e2d7d434d025b60e7125e8730a007730118983af5de3116a493f80fc
Debian Security Advisory 4834-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4834-1 - Multiple vulnerabilities were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed media file is opened.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2020-26664
SHA-256 | 544bd3fed5024bcefffcb2650cfc527c9dd86b0bc5d1dfb373dfa244f6ba1f62
Debian Security Advisory 4835-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4835-1 - Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure.

tags | advisory, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2020-13943, CVE-2020-17527
SHA-256 | 7f3756a8dc94a8beea932a635225c00aecca17b7645a6dfc7cb9022698d5f74f
Debian Security Advisory 4836-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4836-1 - Two vulnerabilities were discovered in the LLPD implementation of Open vSwitch, a software-based Ethernet virtual switch, which could result in denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2015-8011, CVE-2020-27827
SHA-256 | c2367cc4a03bf127469d0dadf14f09a6ec978d53c85712c68d452cdbd6c5656c
Debian Security Advisory 4837-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4837-1 - Several vulnerabilities were discovered in salt, a powerful remote execution manager. The flaws could result in authentication bypass and invocation of Salt SSH, creation of certificates with weak file permissions via the TLS execution module or shell injections with the Salt API using the SSH client.

tags | advisory, remote, shell, vulnerability
systems | linux, debian
advisories | CVE-2020-16846, CVE-2020-17490, CVE-2020-25592
SHA-256 | 1265eaac9da5321225abc341caa107482a2babd057291d3ade1956f641263f64
Debian Security Advisory 4838-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4838-1 - Tavis Ormandy discovered a memory leak flaw in the rfc822 group recipient parsing in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, which could result in denial of service.

tags | advisory, denial of service, memory leak
systems | linux, debian
advisories | CVE-2021-3181
SHA-256 | de785fa3ca42c9061cabf4657b2fc7f4d0a6b05b48e2daa4a2647917a226ef71
Debian Security Advisory 4839-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4839-1 - The Qualys Research Labs discovered a heap-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users. Any local user (sudoers and non-sudoers) can exploit this flaw for root privilege escalation.

tags | advisory, overflow, local, root
systems | linux, debian
advisories | CVE-2021-3156
SHA-256 | e618531d43ceeb3d6e8d6ee5e3baaee28ecc28d7ebb4a21ac4e2bbab7d16d3f1
Debian Security Advisory 4840-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4840-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure.

tags | advisory, web, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | a455110f3d60caf3ae5c8658ad367edc2ed3dedfcaffe307837d11cad00237d8
Debian Security Advisory 4841-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4841-1 - Multiple security issues were discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system, which could result in denial of service, information disclosure or privilege escalation.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2019-19728, CVE-2020-12693, CVE-2020-27745, CVE-2020-27746
SHA-256 | 712ed599fc20ba013e1934a61707706f7641e32e87a2fb01164d581a781f4383
Debian Security Advisory 4842-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4842-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or an information leak.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2020-15685, CVE-2020-16044, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 89e3de7221b5cc6b8d9749c61f4b9aaceef320c125257ec4835fbba653d95ce6
PRTG Network Monitor Remote Code Execution
Posted Jan 28, 2021
Authored by Josh Berry, Julien Bedel | Site metasploit.com

This Metasploit module exploits an authenticated remote code execution vulnerability in PRTG Network Monitor. Notifications can be created by an authenticated user and can execute scripts when triggered. Due to a poorly validated input on the script name, it is possible to chain it with a user-supplied command allowing command execution under the context of privileged user. The module uses provided credentials to log in to the web interface, then creates and triggers a malicious notification to perform remote code execution using a Powershell payload. It may require a few tries to get a shell because notifications are queued up on the server. This vulnerability affects versions prior to 18.2.39.

tags | exploit, remote, web, shell, code execution
advisories | CVE-2018-9276
SHA-256 | c4ad3f67d521bd09be953b85a6d838485af4c4523264fbbbeb295896439dc54a
Micro Focus UCMDB Remote Code Execution
Posted Jan 28, 2021
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits two vulnerabilities, that when chained allow an attacker to achieve unauthenticated remote code execution in Micro Focus UCMDB. UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected, but this module can probably also be used to exploit Operations Bridge Manager (containerized) and Application Performance Management.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2020-11853, CVE-2020-11854
SHA-256 | 59be14dc0b274846876d82ee91afdb255998980f7c79be4eb7f93d0f3ff0e005
Page 1 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close