XMPlay version 3.8.3 local stack overflow exploit that results in code execution.
5146784259b886d41113810fd0991effBase64 Decoder version 1.1.2 SEH local buffer overflow exploit.
37db0d754be9bb19b122b6e75f7047cbIt was discovered that an integer overflow vulnerability existed in the CDRom driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
62b6f4b7e6e1fd65e163f970baba56dcUbuntu Security Notice 3847-2 - USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
b0c6ce592d43ca8552efd6262de2cbbbUbuntu Security Notice 3847-1 - It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
5703c2f44fdffc67aa1c3e986372d1a0Ubuntu Security Notice 3846-1 - It was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information.
0492ac4c9faaf5253e3674fa0f151866Debian Linux Security Advisory 4357-1 - Raphael Arrouas and Jean Lejeune discovered an access control bypass vulnerability in mod_jk, the Apache connector for the Tomcat Java servlet engine. The vulnerability is addressed by upgrading mod_jk to the new upstream version 1.2.46, which includes additional changes.
9e847d769318a725230a89eab33578d6Debian Linux Security Advisory 4356-1 - Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges.
9de55ea3fc805ca7f3f0c1fd3e1fd942Debian Linux Security Advisory 4355-1 - Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.
cb9dcaf98d42d86ba8f80a539e4c194eFreeBSD Security Advisory - Due to insufficient validation of network-provided data it may be possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. It is possible that the buffer overflow could lead to a Denial of Service or remote code execution.
88112b48fbe7ec1d8945f0322a19ff3fWordPress Sem-Wysiwyg plugin version 1.0 suffers from a remote shell upload vulnerability.
a76a7d0fcd4124de13b03ba160d1e6deWordPress ChenPress plugin version 3.1.1 suffers from a remote shell upload vulnerability.
c0d1acc6327d18872f2f4ad948113d8cLanSpy version 2.0.1.159 SEH buffer overflow exploit with egghunter shellcode.
e24be56b77f08aec271e87869258bcc2WordPress Monsters-Editor-10-For-WP-Super-Edit plugin version 2.3.1 suffers from a remote shell upload vulnerability.
0f90375655920200193c67f3d6793028WordPress St_Newsletter Swift Mailer plugin version 2.7 suffers from a remote shell upload vulnerability.
b0dc2bfae3e770cc059421d34b64c34dWordPress FCKEditor-For-Wordpress-Plugin plugin version 3.3.1 suffers from a remote shell upload vulnerability.
e80bfb92d6f5ea0ae1dfc3bd3df33034Whitepaper called Auditing Microsoft Domain Environment.
07819284bb17e61b2cca36896160d64eDAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
52bee3b0ee635b5730862625e458f877
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed