what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files Date: 2023-12-21

Vinchin Backup And Recovery Command Injection
Posted Dec 21, 2023
Authored by Valentin Lobstein, Gregory Boddin | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Vinchin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.*. Due to insufficient input validation in the checkIpExists API endpoint, an attacker can execute arbitrary commands as the web server user.

tags | exploit, web, arbitrary
advisories | CVE-2023-45498, CVE-2023-45499
SHA-256 | 3d8e50d9f7626533b7df0f51d965d0f800628210479cd9fb5dd93a7e5ade89f2
Glibc Tunables Privilege Escalation
Posted Dec 21, 2023
Authored by Blasty, jheysel-r7, Qualys Threat Research Unit | Site metasploit.com

A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. It has been dubbed Looney Tunables. This issue allows an local attacker to use maliciously crafted GLIBC_TUNABLES when launching binaries with SUID permission to execute code in the context of the root user. This Metasploit module targets glibc packaged on Ubuntu and Debian. Fedora 37 and 38 and other distributions of linux also come packaged with versions of glibc vulnerable to CVE-2023-4911 however this module does not target them.

tags | exploit, overflow, local, root
systems | linux, debian, fedora, ubuntu
advisories | CVE-2023-4911
SHA-256 | e48ab23fe12076a6f076606de74abf4141a72444bfb88e5c9ea8bf73a3f2b891
Debian Security Advisory 5581-1
Posted Dec 21, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5581-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape or clickjacking.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2023-6856, CVE-2023-6857, CVE-2023-6858, CVE-2023-6859, CVE-2023-6860, CVE-2023-6861, CVE-2023-6862, CVE-2023-6863, CVE-2023-6864, CVE-2023-6865, CVE-2023-6867
SHA-256 | 8e9ebae0bccbe4842bf36efe2bc7e6db305fad064c670f91a6bc7f76d2742daa
Red Hat Security Advisory 2023-7886-03
Posted Dec 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7886-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6377
SHA-256 | 24a0fece622c18fe7a44ca53d8f618e921d20db98bcef9b842304f150874e048
Red Hat Security Advisory 2023-7885-03
Posted Dec 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7885-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

tags | advisory, remote, overflow, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2023-5868
SHA-256 | 6a8d45290a1026c18b076c098659a061e49cef14545a2f513022e5cfaae97ab9
Red Hat Security Advisory 2023-7884-03
Posted Dec 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7884-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

tags | advisory, remote, overflow, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2023-5868
SHA-256 | 71d7661c625a0dc790f1aed4426234a1d2b63827de983c2b9ca8dfb682327b67
Red Hat Security Advisory 2023-7883-03
Posted Dec 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7883-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

tags | advisory, remote, overflow, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2023-5868
SHA-256 | 27f6e6d3f72873d3d1a97bdf0df810ec30ccd140e3202bd97649ec9340236739
Red Hat Security Advisory 2023-7612-03
Posted Dec 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7612-03 - A new release of the Red Hat build of Quarkus is now available. This new release comes packed with a host of enhancements, bug fixes, and security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-6394
SHA-256 | 500ebe066ed78afa187f9efd9f9964ae5f197e88455665dae02f13ac35b79b40
OpenSSH 9.6p1
Posted Dec 21, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release contains fixes for a newly-discovered weakness in the SSH transport protocol, a logic error relating to constrained PKCS#11 keys in ssh-agent(1) and countermeasures for programs that invoke ssh(1) with user or hostnames containing invalid characters. Included are three security changes, five new features, nine bug fixes, and various other updates.
tags | tool, encryption
systems | linux, unix, openbsd
advisories | CVE-2023-38408
SHA-256 | 910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close