This Metasploit module exploits a PHP object injection vulnerability in Joomla version 3.4.6.
40a2c7517a1a512236449ed2d7eb3073Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
c6f8d12a3efe21cc7885f7cb0c4bd938This Metasploit module exploits a vulnerability in xscreensaver versions since 5.06 on unpatched Solaris 11 systems which allows users to gain root privileges. xscreensaver allows users to create a user-owned file at any location on the filesystem using the -log command line argument introduced in version 5.06. This module uses xscreensaver to create a log file in /usr/lib/secure/, overwrites the log file with a shared object, and executes the shared object using the LD_PRELOAD environment variable. This module has been tested successfully on xscreensaver version 5.15 on Solaris 11.1 (x86) and xscreensaver version 5.15 on Solaris 11.3 (x86).
6839e7bec0a8edd74031049d0e2ff4f0This Metasploit module exploits an issue in ptrace_link in kernel/ptrace.c before Linux kernel 5.1.17. This issue can be exploited from a Linux desktop terminal, but not over an SSH session, as it requires execution from within the context of a user with an active Polkit agent. In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME.
a67b52657090e25d42aa370f66e7ca88SySS GmbH found out that the wireless desktop set Fujitsu LX390 is vulnerable to keystroke injection attacks as the used data communication is unencrypted and unauthenticated.
46f8039bc3143237160c82d81a99144cSySS GmbH found out that the wireless desktop set Fujitsu LX390 does not use encryption for transmitting data packets containing keyboard events like keystrokes.
9da9fdcb531ffd979cce3d19c995049aSySS GmbH found out that the wireless keyboard Fujitsu LX390 is prone to replay attacks. An attacker can simply sniff the data packets of the 2.4 GHz radio communication sent by the keyboard to the receiver (USB dongle) and replay the recorded communication data at will causing the same effect as the original data communication. A replay attack against the keyboard can, for example, be used to gain unauthorized access to a computer system that is operated with a vulnerable Fujitsu LX390 keyboard. In this attack scenario, an attacker records the radio communication during a password-based user authentication of his or her victim, for instance during a login to the operating system or during unlocking a screen lock. At an opportune moment when the victim's computer system is unattended, the attacker approaches the victim's computer and replays the previously recorded data communication for the password-based user authentication and thereby gets unauthorized access to the victim's system.
ce4fab29d187678de3f4e3aa69d4200fWordPress Sliced Invoices plugin versions 3.8.2 and below suffer from a remote SQL injection vulnerability.
9ded6b959b02e7be9501260e777779e3WordPress Sliced Invoices plugin versions 3.8.2 and below suffer from a cross site scripting vulnerability.
df9d4d1e2f545ded8d4d29f70c2d5267It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
aa1b2d5e0e41264715ab20ee76ffa47dRed Hat Security Advisory 2019-3193-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.
a0eb5cf0c3c7462ccd3b643f896fd32aRed Hat Security Advisory 2019-3187-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. BR/EDR encryption key negotiation attacks were addressed.
7ad27ac9c2533b2a01b7657da6d845bfUbuntu Security Notice 4162-2 - USN-4162-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach operations correctly, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
3e3f2ea22058c41745d3f9b8662322dbSlackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
fee5e64bc1beffc59874a58428182583Ubuntu Security Notice 4163-2 - USN-4163-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that a race condition existed in the ARC EMAC ethernet driver for the Linux kernel, resulting in a use-after-free vulnerability. An attacker could use this to cause a denial of service. Various other issues were also addressed.
c0aa284e15530090be4397bd622f2915IObit Uninstaller version 9.1.0.8 suffers from an IObitUnSvr unquoted service path vulnerability.
084f3207692cb64b3de2525e77497157Rocket.Chat version 2.1.0 suffers from a cross site scripting vulnerability.
426408e3c6927553e46c936cb22c498bMoxa EDR-810 suffers from command injection and information disclosure vulnerabilities.
44aaabac61169cb9f8674a0c43a2cae6
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed