what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2020-02-14

Debian Security Advisory 4623-1
Posted Feb 14, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4623-1 - Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks.

tags | advisory
systems | linux, debian
advisories | CVE-2020-1720
SHA-256 | 07b281b93bc3e551c542129111e82e593bafba8ae7fa8f3fa45f1cd3c949e937
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Feb 14, 2020
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6797, CVE-2020-6798, CVE-2020-6800
SHA-256 | 99f04b86268fb22a08e70ff9ef4ddfd161a7f6189c3363589e59d22f54fc13a5
Ubuntu Security Notice USN-4278-1
Posted Feb 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4278-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2020-6796
SHA-256 | 3cee7693baf92f13b72a4f7814750e482cfdbe8ffcdeb341169530ec7c83ef25
EnumJavaLibs Java Classpath Enumerator
Posted Feb 14, 2020
Authored by redtimmysec | Site github.com

EnumJavaLibs is a tool that can be used to discover which libraries are loaded (i.e. available on the classpath) by a remote Java application when it supports deserialization.

tags | tool, java, remote, scanner
systems | unix
SHA-256 | da5559bc7f4710283fa54efb778574987ae6e5d69dd60d06904a9fadf495e067
CA Unified Infrastructure Management Command Execution
Posted Feb 14, 2020
Authored by Ken Williams, wetw0rk | Site www3.ca.com

CA Technologies, A Broadcom Company, is alerting customers to three vulnerabilities in CA Unified Infrastructure Management (Nimsoft / UIM). Multiple vulnerabilities exist that can allow an unauthenticated remote attacker to execute arbitrary code or commands, read from or write to systems, or conduct denial of service attacks. CA published solutions to address these vulnerabilities and recommends that all affected customers implement these solutions. The first vulnerability, CVE-2020-8010, occurs due to improper ACL handling. A remote attacker can execute commands, read from, or write to the target system. The second vulnerability, CVE-2020-8011, occurs due to a null pointer dereference. A remote attacker can crash the Controller service. The third vulnerability, CVE-2020-8012, occurs due to a buffer overflow vulnerability in the Controller service. A remote attacker can execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2020-8010, CVE-2020-8011, CVE-2020-8012
SHA-256 | 091817c9084bf974c8447837781753ec3e99d5062faa76769b21604190b2d347
SprintWork 2.3.1 Local Privilege Escalation
Posted Feb 14, 2020
Authored by Bobby Cooke

SprintWork version 2.3.1 suffers from a local privilege escalation vulnerability.

tags | exploit, local
SHA-256 | d8622d1321eb8dfc8e9948dda82fa59c25ee28044e91e0d2a1b8bbf52b0562be
Debian Security Advisory 4622-1
Posted Feb 14, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4622-1 - Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks.

tags | advisory
systems | linux, debian
advisories | CVE-2020-1720
SHA-256 | d999adcd4a26533ad6b97e43e89785ffaeab03376921934028ff9754878be2cb
The R.A.T In The Shell
Posted Feb 14, 2020
Authored by Pradyumn Khanchandani, Siddharth Balyan, Monika Arora

This whitepaper is an analysis of the breach into the Kudankulam Nuclear Power Plant through the lens of Cyber Kill Chain, the study of remote access trojans, and the targeting of critical infrastructure.

tags | paper, remote, trojan
SHA-256 | d8039afcc3c0cd3e6b5b5d81614dfe2af2ca27e37a62ad3c25dcf711d62a33c4
Slackware Security Advisory - mozilla-firefox Updates
Posted Feb 14, 2020
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2020-6796, CVE-2020-6797, CVE-2020-6798, CVE-2020-6799, CVE-2020-6800
SHA-256 | 41de21ecf821ffe77355371dc33280e3af41cf9768beab1fff75487b8d3f362b
EPSON EasyMP Network Projection 2.81 Unquoted Service Path
Posted Feb 14, 2020
Authored by Roberto Pina

EPSON EasyMP Network Projection version 2.81 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 88c4c8e60a99cb86cb49c2933c34129d57b2526f6c6c23038743dcaf9a2538b2
Red Hat Security Advisory 2020-0509-01
Posted Feb 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0509-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, root
systems | linux, redhat
advisories | CVE-2019-18634
SHA-256 | 46e026b8c73b2c8554ec737612a6983dcc2e937ad252d8277022593a99e1f078
Red Hat Security Advisory 2020-0498-01
Posted Feb 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0498-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include cross site scripting and null pointer vulnerabilities.

tags | advisory, root, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-19336
SHA-256 | 9aaaf65f69bca88fd867633900a54dddbdc4184850f87795f0cea9cea29cf525
HomeGuard Pro 9.3.1 Insecure Folder Permissions
Posted Feb 14, 2020
Authored by Bobby Cooke

HomeGuard Pro version 9.3.1 suffers from an insecure folder permission vulnerability.

tags | exploit
SHA-256 | ab8ff483fe7b4b5a45d38067e7ed7ab7553683fb897f6e1124fa1ab9b453128a
phpMyChat Plus 1.98 SQL Injection
Posted Feb 14, 2020
Authored by J3rryBl4nks

phpMyChat Plus version 1.98 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f800cf8da709ce6ee8aad396e006234a64709225dbfc102700611159d080e34a
SWAPGS Attack Proof Of Concept
Posted Feb 14, 2020
Authored by Dan Horea, Andrei Vlad

SWAPGS attack proof of concept exploit that demonstrates an information disclosure in the windows kernel.

tags | exploit, kernel, proof of concept, info disclosure
systems | windows
advisories | CVE-2019-1125
SHA-256 | 97c7f1bfac2298891dcb61e8c551eb43a94ba5aa1cbb726ea737dee6af790bb9
F-SECURE Generic Malformed Container Bypass
Posted Feb 14, 2020
Authored by Thierry Zoller

The F-SECURE parsing engine supports the RAR Archive. The parsing engine can be bypassed by specifically manipulating a RAR archive. Various products are affected.

tags | advisory
SHA-256 | f8afc9d260d24a97130afc2b29b93956227a49e671abb3b13665f13a1b0de68d
HTTP DoS / DDoS Tools User Manual
Posted Feb 14, 2020
Authored by Merve Latife Say

This whitepaper acts as a user manual to go over HTTP DoS and DDoS tooling. Written in Turkish.

tags | paper, web, denial of service
SHA-256 | 4f322fd7f21dd63af18e04ece2c4a29622617f1f6d6e08866fc467306bb0e4fc
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close