exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2020-02-25

OpenSMTPD Out-Of-Bounds Read
Posted Feb 25, 2020
Authored by Qualys Security Advisory

Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability, an out-of-bounds read introduced in December 2015, is exploitable remotely and leads to the execution of arbitrary shell commands.

tags | exploit, arbitrary, shell
systems | openbsd
advisories | CVE-2020-8794
SHA-256 | 2c58b82819510289b2fd55d1c6a82b81b279777abd6a6b0db391f990ec12b148
OpenSMTPD Local Information Disclosure
Posted Feb 25, 2020
Authored by Qualys Security Advisory

Qualys discovered a minor vulnerability in OpenSMTPD, OpenBSD's mail server. An unprivileged local attacker can read the first line of an arbitrary file (for example, root's password hash in /etc/master.passwd) or the entire contents of another user's file (if this file and /var/spool/smtpd/ are on the same filesystem). A proof of concept exploit is included in this archive.

tags | exploit, arbitrary, local, root, proof of concept
systems | openbsd
advisories | CVE-2020-8793
SHA-256 | 3617b8854e485e1d063e08764e96429e54c6b7bb0467d127e819133f80c925d5
Astak CM-818T3 Remote Configuration Disclosure
Posted Feb 25, 2020
Authored by Todor Donev

Astak CM-818T3 2.4GHz wireless security surveillance camera remote configuration disclosure exploit.

tags | exploit, remote
SHA-256 | ad19dd11d7736fd3ada2ef71991e1c460b83b06c633d85a704dad751959e2c2a
Cisco Unified Contact Center Express Privilege Escalation
Posted Feb 25, 2020
Authored by Jamie R

Cisco Unified Contact Center Express suffers from a privilege escalation vulnerability.

tags | advisory
systems | cisco
advisories | CVE-2019-1888
SHA-256 | 3b4a032f286a08e996bc7bfa0eaa2fdd87978080ffb2a1d130af4339afc53464
WhatWeb Scanner 0.5.1
Posted Feb 25, 2020
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.

Changes: This is a minor release with bug fixes, one new plugin, and a couple of plugin updates.
tags | tool, web, scanner, javascript
systems | unix
SHA-256 | 0d95c6a0a11ab19f8683e7f22702b9440ebdcdad3598201a34aeb1a2a2e07a82
Red Hat Security Advisory 2020-0598-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0598-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. HTTP request smuggling was addressed along with other security issues.

tags | advisory, web, javascript
systems | linux, redhat
advisories | CVE-2019-15604, CVE-2019-15605, CVE-2019-15606
SHA-256 | 9fc3f9bc8d7dd7b61381febce5db7ceadfe94a7f3ed9b5467b3740dd5e2b5f6d
Red Hat Security Advisory 2020-0597-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0597-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. HTTP request smuggling was addressed along with other security issues.

tags | advisory, web, javascript
systems | linux, redhat
advisories | CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-16775, CVE-2019-16776, CVE-2019-16777
SHA-256 | 4f28657da8e272a2e2844edb1a5372df1b1680d0daf9e675279a4c550d709df9
Red Hat Security Advisory 2020-0591-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0591-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-8777, CVE-2018-8780
SHA-256 | 6e60f83a7899b23721090dd7233a10b58aecb9b303e627934ee3b4be58c71833
Red Hat Security Advisory 2020-0592-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0592-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-20976, CVE-2019-11085, CVE-2019-14895, CVE-2019-17133
SHA-256 | 3be3e97d9cf47b79cdc4d236e0de82e7e19c550c90ec4264b3b8aced6ccf652b
Red Hat Security Advisory 2020-0593-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0593-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. State injection and out-of-bounds read vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2018-15686, CVE-2018-16866
SHA-256 | 2558b5c10d9bce547ec28cacce9ccb7f155c668ab9ea7a100e7b88633301a2b7
Red Hat Security Advisory 2020-0595-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0595-01 - The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. A local privilege escalation vulnerability in top has been addressed.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2018-1122
SHA-256 | 0ecb6816c4a7cbaafddd66991561a6488bb1316d81f0605665c4f473770e2a97
Red Hat Security Advisory 2020-0594-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0594-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include denial of service, null pointer, and out of bounds write vulnerabilities.

tags | advisory, web, denial of service, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2018-1000007, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000301
SHA-256 | 5800d93843f1ea719cdba522f0012e32a8772db15e37256fc66938007179eaea
Debian Security Advisory 4633-1
Posted Feb 25, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4633-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2019-5436, CVE-2019-5481, CVE-2019-5482
SHA-256 | b7f2ce0f1e8a86c966bfba98bf404e0b81f1d24285a3ca41d94c909e96c042ac
Falco 0.20.0
Posted Feb 25, 2020
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: A memory leak was addressed along with two bugs and seven rule changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | b873e3590e56ead740ed905108221f98da6100da3c5b7acf2355ea1cf628d931
Red Hat Security Advisory 2020-0579-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0579-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. HTTP request smuggling was addressed along with other security issues.

tags | advisory, web, javascript
systems | linux, redhat
advisories | CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-16775, CVE-2019-16776, CVE-2019-16777
SHA-256 | b886b0e95ead26013e0308ccf593a5a846e8731401ea54bdeeb098795796b513
Red Hat Security Advisory 2020-0562-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0562-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An issue where /etc/passwd was given incorrect privileges has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19351
SHA-256 | aa4b35d0c786a9d7900ebed2fef4942c97c28fdeb4354363539f0cb3932af57f
Red Hat Security Advisory 2020-0589-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0589-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. A remote code execution vulnerability has been addressed.

tags | advisory, remote, web, code execution, ruby
systems | linux, redhat
advisories | CVE-2019-14894
SHA-256 | 72b85f78832b028a25adbb0e1b3d74a8a46515b97d66312ac283e4c4668085da
Red Hat Security Advisory 2020-0588-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0588-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. A remote code execution vulnerability has been addressed.

tags | advisory, remote, web, code execution, ruby
systems | linux, redhat
advisories | CVE-2019-14894
SHA-256 | 76dabe1fb1f83704fe07415992cc6ce59ac0ca564a556f595df6cccd087ebe63
Ubuntu Security Notice USN-4292-1
Posted Feb 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4292-1 - It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that rsync incorrectly handled vectors involving left shifts of negative integers in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
SHA-256 | 872f3d3c647448679bc2a39190a107c07265f8e8f3f284ca4549af533866a3b0
Ubuntu Security Notice USN-4291-1
Posted Feb 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4291-1 - It was discovered that mod_auth_mellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13038
SHA-256 | 711a647bdd901a450dd17d6c7c8386a50244fab44728fcad01a811450ca18bfe
Ubuntu Security Notice USN-4290-1
Posted Feb 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4290-1 - It was discovered that libpam-radius-auth incorrectly handled certain long passwords. A remote attacker could possibly use this issue to cause libpam-radius-auth to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-9542
SHA-256 | bc59a93ec7b447083b3050b77e460713ae650bc45ae6bf0cf1174c130dd8d8c4
Red Hat Security Advisory 2020-0578-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0578-01 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2019-16865, CVE-2020-5312
SHA-256 | ca03f7b6dda56b6cc65687c2e937f37afc3ae2e723015642775b0a7849ff8318
Red Hat Security Advisory 2020-0580-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0580-01 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2019-16865, CVE-2020-5311, CVE-2020-5312
SHA-256 | 371aad08e8ae99c8569963a08902cee37a31eb305d7e0007b6db8c249e51b6ef
Red Hat Security Advisory 2020-0573-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0573-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. HTTP request smuggling was addressed along with other security issues.

tags | advisory, web, javascript
systems | linux, redhat
advisories | CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-16775, CVE-2019-16776, CVE-2019-16777
SHA-256 | c2e5505c347e28a5c5b708280a3f87650156fcbc79f19efa78129e544ac3accb
Red Hat Security Advisory 2020-0576-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0576-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.5.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800
SHA-256 | 978c1b0b59479617849e1dae241a04727b4528b0656bd8755d3b6277b6d7f915
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close