what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

CVE-2020-1377

Status Candidate

Overview

An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by running a specially crafted application. The security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly handles objects in memory.

Related Files

Red Hat Security Advisory 2021-4582-02
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4582-02 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring. Security fixes: golang: crypto/tls: certificate of wrong type is causing TLS client to panic.

tags | advisory, remote, cryptography
systems | linux, redhat
advisories | CVE-2019-3842, CVE-2020-13776, CVE-2021-22922, CVE-2021-22923, CVE-2021-34558, CVE-2021-3620
SHA-256 | f28cc76ddb412145654050664da26602d7c4d62da2e36475367e140177eb756a
Red Hat Security Advisory 2021-3900-01
Posted Oct 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3900-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2019-3842, CVE-2020-13776
SHA-256 | 63a07e8360f77dfe555176ca7d93d1d3dc92ca9f3bd11718439a228e6179acd9
Red Hat Security Advisory 2021-2705-01
Posted Jul 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2705-01 - Red Hat OpenShift Serverless 1.16.0 release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6 and 4.7, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-27618, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-27219, CVE-2021-27918, CVE-2021-31525, CVE-2021-33196, CVE-2021-3326
SHA-256 | 08eae3fe4757ace30ec86f5cc2744cf14810094d114320ba3dccf22aa96dce2c
Red Hat Security Advisory 2021-2543-01
Posted Jun 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2543-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13776, CVE-2020-13949, CVE-2020-15358, CVE-2020-24977, CVE-2020-26116, CVE-2020-27618, CVE-2020-27619, CVE-2020-28196, CVE-2020-28362, CVE-2020-28500, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-20305, CVE-2021-23336
SHA-256 | de10f870e361f9c40e606f0ad79acca7e8e375dc5f52949dbafbc84fbfe8b8b3
Red Hat Security Advisory 2021-2532-01
Posted Jun 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2532-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-26116, CVE-2020-27618, CVE-2020-27619, CVE-2020-28196, CVE-2020-28362, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-20305, CVE-2021-23336, CVE-2021-27219, CVE-2021-3114
SHA-256 | 6df91b966c2f87eaa0baa1dffa7ac30d99e91800fcb0ddee8e2b10e21c68d59c
Red Hat Security Advisory 2021-2130-01
Posted Jun 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2130-01 - Windows Container Support for Red Hat OpenShift allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat, windows
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-27618, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-20305, CVE-2021-25736, CVE-2021-27219, CVE-2021-3326, CVE-2021-3449, CVE-2021-3450
SHA-256 | cee16136d7421cbe5ca19256caf3668d7fa40f347e02a96e5696e4c7709cca44
Red Hat Security Advisory 2021-2479-01
Posted Jun 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2479-01 - Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-13012, CVE-2019-14866, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13543, CVE-2020-13584, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-25659, CVE-2020-25678, CVE-2020-26116, CVE-2020-26137, CVE-2020-27618, CVE-2020-27619, CVE-2020-27783, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-36242, CVE-2020-8231
SHA-256 | 407dd58a4d56a1577f85a63f8d3249362ebd855a9d2e9461bef124d76718dfe1
Red Hat Security Advisory 2021-2461-01
Posted Jun 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2461-01 - Red Hat Advanced Cluster Management for Kubernetes 2.2.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues. Issues addressed include denial of service and integer overflow vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-14866, CVE-2019-25013, CVE-2019-25032, CVE-2019-25034, CVE-2019-25035, CVE-2019-25036, CVE-2019-25037, CVE-2019-25038, CVE-2019-25039, CVE-2019-25040, CVE-2019-25041, CVE-2019-25042, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-10543, CVE-2020-10878, CVE-2020-12362, CVE-2020-12363, CVE-2020-12364, CVE-2020-13434, CVE-2020-13776, CVE-2020-15358, CVE-2020-24330, CVE-2020-2433
SHA-256 | 4746bce06101c5ed31286fd228a56e6836f518395cd2ec946eedb9ed0a938d38
Red Hat Security Advisory 2021-2136-01
Posted May 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2136-01 - An Openshift Logging bug fix release addresses an index validation issue.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2019-13012, CVE-2019-18811, CVE-2019-19523, CVE-2019-19528, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-0431, CVE-2020-10543, CVE-2020-10878, CVE-2020-11608, CVE-2020-12114, CVE-2020-12362, CVE-2020-12464, CVE-2020-13434, CVE-2020-13543, CVE-2020-13584, CVE-2020-13776, CVE-2020-14314, CVE-2020-14344, CVE-2020-14345, CVE-2020-14346, CVE-2020-14347, CVE-2020-14356, CVE-2020-14360
SHA-256 | 8f9746dfa68f5ebe03798d9f8686052c21773b749d26577fe45138585199782b
Red Hat Security Advisory 2021-1611-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1611-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2019-3842, CVE-2020-13776
SHA-256 | 2a8e25602363d8cc48d2fa1f91d09c868e41b6388fb54af5a7ac5b964f4a671e
Microsoft Windows CmpDoReDoCreateKey Arbitrary Registry Key Creation Privilege Escalation
Posted Aug 21, 2020
Authored by James Forshaw, Google Security Research

The handling of KTM logs does not limit Registry Key operations to the loading hive leading to elevation of privilege.

tags | exploit, registry
advisories | CVE-2020-1377
SHA-256 | dc36265f20912463478c32c5203d3f4e619cc492c989532a060ccc10362e3045
Red Hat Security Advisory 2020-3525-01
Posted Aug 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3525-01 - Quay 3.3.1 release has been released. An issue where build triggers can disclose robot account names and existence of private repos within namespaces has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11080, CVE-2020-12049, CVE-2020-13777, CVE-2020-14313
SHA-256 | 3f0048d4bdec59a51f24f090fac9217f3567fd502a0907966e5df07b310946ee
Debian Security Advisory 4697-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4697-1 - A flaw was reported in the TLS session ticket key construction in GnuTLS, a library implementing the TLS and SSL protocols. The flaw caused the TLS server to not securely construct a session ticket encryption key considering the application supplied secret, allowing a man-in-the-middle attacker to bypass authentication in TLS 1.3 and recover previous conversations in TLS 1.2.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2020-13777
SHA-256 | 1895794b8fd81d9f052729b86087ff5d07fc51243bab11c512c5cb216d4bdb51
Red Hat Security Advisory 2020-2637-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2637-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-13777
SHA-256 | 75e20d2ad7787693194645be75739ed1dbd377aebd8eafabfc4c215110018701
Red Hat Security Advisory 2020-2638-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2638-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-13777
SHA-256 | c23fb9ec6d6c8f98388464967da270f6e08492eaf03d2f00d45bfbb844a79d5c
Red Hat Security Advisory 2020-2639-01
Posted Jun 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2639-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-13777
SHA-256 | 659bc136b339fefd06456f7340bedbfb5561c8e45e51bc36c5c892767f1aa198
Gentoo Linux Security Advisory 202006-01
Posted Jun 9, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202006-1 - An information disclosure vulnerability in GnuTLS allow remote attackers to obtain sensitive information. Versions less than 3.6.14 are affected.

tags | advisory, remote, info disclosure
systems | linux, gentoo
advisories | CVE-2020-13777
SHA-256 | 323e146f2376f2d129a54e1b0cca63f0ea73eac997d0155096a35e454fe04324
Ubuntu Security Notice USN-4384-1
Posted Jun 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4384-1 - It was discovered that GnuTLS incorrectly handled session ticket encryption keys. A remote attacker could possibly use this issue to bypass authentication or recover sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-13777
SHA-256 | 492abbc577184d8e91af368a59566ed8ddd0e0406382a8c4734a76657eeb48e5
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close