Debian Linux Security Advisory 4437-1 - It was discovered that a buffer overflow in the RTSP parser of the GStreamer media framework may result in the execution of arbitrary code if a malformed RSTP stream is opened.
3b3dfeceb9ba38bb1664c7973cfeaee1Revive Adserver versions prior to 4.2.0 suffers from deserialization and open redirection vulnerabilities.
abad14aca99f2cdd967301136687b1d9Ubuntu Security Notice 3959-1 - It was discovered that Evince incorrectly handled certain images. An attacker could possibly use this issue to expose sensitive information.
8507656bb445dc32563448e50e7859bdLinux suffers from a missing locking between ELF coredump code and userfaultfd VMA modification.
6e83b659aeebd1f611e769f9fff5b64bDebian Linux Security Advisory 4435-1 - A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed.
91303436378ae37f2510c65fdc62ed5eRed Hat Security Advisory 2019-0902-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an information leakage vulnerability.
80b330039fe810ed9adf6765ef42e063Debian Linux Security Advisory 4436-1 - problems and missing or incomplete input sanitizing may result in denial of service, memory disclosure or the execution of arbitrary code if malformed TIFF or Postscript files are processed.
84c8daabb44c2ba7fe19e349dc65db85This Metasploit module will execute an arbitrary payload on an "ESEL" server used by the AIS logistic software. The server typically listens on port 5099 without TLS. There could also be server listening on 5100 with TLS but the port 5099 is usually always open. The login process is vulnerable to an SQL Injection. Usually a MSSQL Server with the 'sa' user is in place. This module was verified on version 67 but it should also run on lower versions. An fixed version was created by AIS in September 2017. However most systems have not been updated. In regard to the payload, unless there is a closed port in the web server, you dont want to use any "bind" payload. You want a "reverse" payload, probably to your port 80 or to any other outbound port allowed on the firewall. Currently, one delivery method is supported This method takes advantage of the Command Stager subsystem. This allows using various techniques, such as using a TFTP server, to send the executable. By default the Command Stager uses 'wcsript.exe' to generate the executable on the target. NOTE: This module will leave a payload executable on the target system when the attack is finished.
2683e770d74ded7d653c48065da8cf98This Metasploit module creates a pre-invoke hook for APT in apt.conf.d. The hook name syntax is numeric followed by text.
b179cf4af20d7965b946a31e7afd1470Ubuntu Security Notice 3958-1 - It was discovered that GStreamer Base Plugins did not correctly handle certain malformed RTSP streams. If a user were tricked into opening a crafted RTSP stream with a GStreamer application, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code.
385b6cfa4824bdf37d0aaa34cc43d15eThis Metasploit module exploits a PHP unserialize() in Pimcore before 5.7.1 to execute arbitrary code. An authenticated user with "classes" permission could exploit the vulnerability. The vulnerability exists in the "ClassController.php" class, where the "bulk-commit" method makes it possible to exploit the unserialize function when passing untrusted values in "data" parameter. Tested on Pimcore 5.4.0-5.4.4, 5.5.1-5.5.4, 5.6.0-5.6.6 with the Symfony unserialize payload. Tested on Pimcore 4.0.0-4.6.5 with the Zend unserialize payload.
79730eefdd4acca72b854fb1e724225eUbuntu Security Notice 3957-1 - Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04 have been updated to MySQL 5.7.26. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
f4166adc75e85887924cf3fea42a9f43Slackware Security Advisory - New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
67752587c136df2459d1e2ab9f2e8f29Agent Tesla Botnet suffers from an information leakage vulnerability.
e3e57ee3c2b3a4e3e36a746854d64e01Joomla JiFile component version 2.3.1 suffers from an arbitrary file download vulnerability.
e8322aa45b0cac81cd4f999c28f59cb2
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed