what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

Files Date: 2019-11-27

Grub2 grub2-set-bootflag Environment Corruption
Posted Nov 27, 2019
Authored by Tavis Ormandy, Google Security Research

Grub2 has grub2-set-bootflag setuid in the new Fedora release and has the ability to corrupt the environment.

tags | exploit
systems | linux, fedora
MD5 | 521fcef9f7dbf428929332a5f1ece053
Packet Fence 9.2.0
Posted Nov 27, 2019
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Now allows to force the access duration when using device registration. Added audit log for API and new admin interface. Added configuration based switch modules. Various other additions.
tags | tool, remote
systems | unix
MD5 | 9e814654d1ade904d23ca004e56b0870
Red Hat Security Advisory 2019-4019-01
Posted Nov 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4019-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-14838, CVE-2019-14843, CVE-2019-9511, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
MD5 | 87115a7601280067a7b46f9664a64f2a
Red Hat Security Advisory 2019-4018-01
Posted Nov 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4018-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-14838, CVE-2019-14843, CVE-2019-9511, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
MD5 | aae190edf8594ff10d1a8ecb98f8cefe
Xiaomi Mi Box Display Corruption
Posted Nov 27, 2019
Authored by Bug Reporter

The vulnerability allows rescaling and corrupting the Xiaomi Mi Box (model: MIBOX3, build.id : MHC19) display without any privilege requirement, thus creating an opportunity for a non-privilege malicious app to disable the basic functionalities that the TV box is offering or can even be used for ransomware purpose - e.g., each time a target streaming app is launched, the malicious app can corrupt the display.

tags | exploit
MD5 | de7ea94c8301dc45448597ee55213bf1
BSidesLjubljana 2020 Call For Papers
Posted Nov 27, 2019
Site bsidesljubljana.si

B-Sides Ljubljana will be held April 4th, 2020 in Ljubljana, Slovenia.

tags | paper, conference
MD5 | cc75508f174a9d80d3f5e405effe1cc7
Red Hat Security Advisory 2019-4021-01
Posted Nov 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4021-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-14838, CVE-2019-14843, CVE-2019-9511, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
MD5 | 3a95fce4e80361829ee75de88548e735
Red Hat Security Advisory 2019-4020-01
Posted Nov 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4020-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-14838, CVE-2019-14843, CVE-2019-9511, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
MD5 | b1793fef4380b6c0c3ecac9b39987c73
Android-Gif-Drawable Double-Free
Posted Nov 27, 2019
Authored by Marcin Kozlowski

A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.

tags | advisory, remote, denial of service, arbitrary
advisories | CVE-2019-11932
MD5 | a6614c2514fa1b374a4aab6d0310003c
SpotAuditor 5.3.2 Denial Of Service
Posted Nov 27, 2019
Authored by ZwX

SpotAuditor version 5.3.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | c16f9fccb8295777e506b28eb8d65e33
Microsoft DirectX SDK 2010 Denial Of Service
Posted Nov 27, 2019
Authored by ZwX

Microsoft DirectX SDK 2010 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 3892d191883979a31381aa6e48af01ca
Page 1 of 1
Back1Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    10 Files
  • 7
    Dec 7th
    1 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    15 Files
  • 10
    Dec 10th
    30 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close