what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files Date: 2020-02-14

Debian Security Advisory 4623-1
Posted Feb 14, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4623-1 - Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks.

tags | advisory
systems | linux, debian
advisories | CVE-2020-1720
MD5 | 92b5a6198d7405587de53f39b56cba1b
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Feb 14, 2020
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6797, CVE-2020-6798, CVE-2020-6800
MD5 | 697e52faa40f66447a2d89d88ebc666c
Ubuntu Security Notice USN-4278-1
Posted Feb 14, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4278-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2020-6796
MD5 | bd1bce211d3f89848ba40701fd31747e
EnumJavaLibs Java Classpath Enumerator
Posted Feb 14, 2020
Authored by redtimmysec | Site github.com

EnumJavaLibs is a tool that can be used to discover which libraries are loaded (i.e. available on the classpath) by a remote Java application when it supports deserialization.

tags | tool, java, remote, scanner
systems | unix
MD5 | c37f21f6e2c425db8730da6e925ee89a
CA Unified Infrastructure Management Command Execution
Posted Feb 14, 2020
Authored by Ken Williams, wetw0rk | Site www3.ca.com

CA Technologies, A Broadcom Company, is alerting customers to three vulnerabilities in CA Unified Infrastructure Management (Nimsoft / UIM). Multiple vulnerabilities exist that can allow an unauthenticated remote attacker to execute arbitrary code or commands, read from or write to systems, or conduct denial of service attacks. CA published solutions to address these vulnerabilities and recommends that all affected customers implement these solutions. The first vulnerability, CVE-2020-8010, occurs due to improper ACL handling. A remote attacker can execute commands, read from, or write to the target system. The second vulnerability, CVE-2020-8011, occurs due to a null pointer dereference. A remote attacker can crash the Controller service. The third vulnerability, CVE-2020-8012, occurs due to a buffer overflow vulnerability in the Controller service. A remote attacker can execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2020-8010, CVE-2020-8011, CVE-2020-8012
MD5 | b836a3683ff08a889e3a66d3ea648cdf
SprintWork 2.3.1 Local Privilege Escalation
Posted Feb 14, 2020
Authored by Bobby Cooke

SprintWork version 2.3.1 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 62d77fac1c188ff07085e83d80d376bb
Debian Security Advisory 4622-1
Posted Feb 14, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4622-1 - Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks.

tags | advisory
systems | linux, debian
advisories | CVE-2020-1720
MD5 | 5fe90b2aca0322f6f4bd1698497e2a84
The R.A.T In The Shell
Posted Feb 14, 2020
Authored by Pradyumn Khanchandani, Siddharth Balyan, Monika Arora

This whitepaper is an analysis of the breach into the Kudankulam Nuclear Power Plant through the lens of Cyber Kill Chain, the study of remote access trojans, and the targeting of critical infrastructure.

tags | paper, remote, trojan
MD5 | c9ed98dbcbf5c0a3dfbec128ccf74d1b
Slackware Security Advisory - mozilla-firefox Updates
Posted Feb 14, 2020
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2020-6796, CVE-2020-6797, CVE-2020-6798, CVE-2020-6799, CVE-2020-6800
MD5 | 198c9567376f9732607cddf237258cf9
EPSON EasyMP Network Projection 2.81 Unquoted Service Path
Posted Feb 14, 2020
Authored by Roberto Pina

EPSON EasyMP Network Projection version 2.81 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | a7bf44d47eaf048122f2dfeb2a325075
Red Hat Security Advisory 2020-0509-01
Posted Feb 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0509-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, root
systems | linux, redhat
advisories | CVE-2019-18634
MD5 | 44d67fb50244e13f157bd402372134d6
Red Hat Security Advisory 2020-0498-01
Posted Feb 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0498-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include cross site scripting and null pointer vulnerabilities.

tags | advisory, root, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-19336
MD5 | be6712bb6e1b0b6fbcc03ea514fe6279
HomeGuard Pro 9.3.1 Insecure Folder Permissions
Posted Feb 14, 2020
Authored by Bobby Cooke

HomeGuard Pro version 9.3.1 suffers from an insecure folder permission vulnerability.

tags | exploit
MD5 | a0e51a7e93f68de15cbd46648a358704
phpMyChat Plus 1.98 SQL Injection
Posted Feb 14, 2020
Authored by J3rryBl4nks

phpMyChat Plus version 1.98 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9213f3b689c839421d7a82a9fae9f8ba
SWAPGS Attack Proof Of Concept
Posted Feb 14, 2020
Authored by Dan Horea, Andrei Vlad

SWAPGS attack proof of concept exploit that demonstrates an information disclosure in the windows kernel.

tags | exploit, kernel, proof of concept, info disclosure
systems | windows
advisories | CVE-2019-1125
MD5 | bc36cf27bccf91e98ad52d648c1882e1
F-SECURE Generic Malformed Container Bypass
Posted Feb 14, 2020
Authored by Thierry Zoller

The F-SECURE parsing engine supports the RAR Archive. The parsing engine can be bypassed by specifically manipulating a RAR archive. Various products are affected.

tags | advisory
MD5 | 192bc50776f25bf49730d36c48892734
HTTP DoS / DDoS Tools User Manual
Posted Feb 14, 2020
Authored by Merve Latife Say

This whitepaper acts as a user manual to go over HTTP DoS and DDoS tooling. Written in Turkish.

tags | paper, web, denial of service
MD5 | d150e08fa6ec2e09d8267192579b4de1
Page 1 of 1
Back1Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close