exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2020-27216

Status Candidate

Overview

In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability.

Related Files

Debian Security Advisory 4949-1
Posted Aug 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4949-1 - Multiple vulnerabilities were discovered in Jetty, a Java servlet engine and webserver which could result in cross-site scripting, information disclosure, privilege escalation or denial of service.

tags | advisory, java, denial of service, vulnerability, xss, info disclosure
systems | linux, debian
advisories | CVE-2019-10241, CVE-2019-10247, CVE-2020-27216, CVE-2020-27223, CVE-2020-28165, CVE-2020-28169, CVE-2021-34428
SHA-256 | 36aa94d69a18cbcbfbe8632d49d6587502da2bc7f601b1dddaab1fd811d2bbcd
Red Hat Security Advisory 2021-2431-01
Posted Jul 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2431-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.41. Issues addressed include XML injection, cross site request forgery, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2020-27216, CVE-2020-27218, CVE-2020-27223, CVE-2021-21642, CVE-2021-21643, CVE-2021-21644, CVE-2021-21645
SHA-256 | 8320ca0fbf52a821c1d861f06d563f78252ebe92f38a8903490a83a5c335a58f
Red Hat Security Advisory 2021-2517-01
Posted Jul 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2517-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.462. Issues addressed include XML injection, cross site request forgery, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2020-27216, CVE-2020-27218, CVE-2020-27223, CVE-2021-21642, CVE-2021-21643, CVE-2021-21644, CVE-2021-21645
SHA-256 | f0cc7cc7453112310b6e9a4cfd6847dd90f4a89758cd89cba7b0719660010c0b
Red Hat Security Advisory 2021-2499-01
Posted Jun 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2499-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.36. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-27216, CVE-2020-27218, CVE-2020-27223
SHA-256 | fc33e3ccc5d69dcd993e15c937230658440ccc17e77d1efce3da137b504799bc
Red Hat Security Advisory 2020-5365-01
Posted Dec 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5365-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.0 serves as a replacement for Red Hat AMQ Broker 7.7.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include cross site scripting and server-side request forgery vulnerabilities.

tags | advisory, vulnerability, protocol, xss
systems | linux, redhat
advisories | CVE-2015-5183, CVE-2019-9827, CVE-2020-13932, CVE-2020-27216
SHA-256 | 8697b746ab2a47b1d90f0bb825389950884d10f9f4396d03dd356147283c114f
Red Hat Security Advisory 2020-5168-01
Posted Nov 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5168-01 - Eclipse is an integrated development environment. The rh-eclipse packages have been upgraded to version 4.17, which is based on the Eclipse Foundation's 2020-09 release train. For instructions on how to use rh-eclipse, see Using Eclipse linked from the References section.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-27216
SHA-256 | fea17f7efb851aa85922eb699f58d3890322bad3a8953da3ab672f73cf0e19e1
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close