what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-03-03

Red Hat Security Advisory 2020-0698-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0698-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-20856
SHA-256 | 4acbdf80508c41123e5d0d93ef9f016b4d2a91390e5c809eecf45a244a37e858
Red Hat Security Advisory 2020-0567-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0567-01 - This release of Red Hat build of Eclipse Vert.x 3.8.5 includes security updates, bug fixes, and enhancements. HTTP request smuggling was addressed along with other security issues.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
SHA-256 | 0b4509783ea57282385660eff66e033ecf2a133395097e433a3aa74442a3937b
Red Hat Security Advisory 2020-0666-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0666-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-11135
SHA-256 | 970ebb7260fc6a24f04f64db39246cbb8c07532b4d5d881a871042dfd6307a61
Red Hat Security Advisory 2020-0669-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0669-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds heap access vulnerability has been addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | 3a667ec0799bac2febeb85814d40c6f07c5a57a238ccbde21565372f10eefeba
Red Hat Security Advisory 2020-0664-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0664-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, heap overflow, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-20856, CVE-2019-14816, CVE-2019-14895, CVE-2019-17133
SHA-256 | 8c1f96fceed0781f4ec0f4d1d7246e231bd211118ad046fc05b7bc2419d23b29
Red Hat Security Advisory 2020-0663-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0663-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-8777, CVE-2018-8780
SHA-256 | e0107cb7986229680e31e1bbd0c5628975549a8bf69add5599076c8baacb57a6
Golden Frieza
Posted Mar 3, 2020
Authored by redtimmysec

Imagine finding yourself in a "hostile" environment, one where you cannot run exploits, tools, and applications without worrying about prying eyes spying on you, be they a legitimate system administrator, a colleague sharing an access with you or a software solution that scans the machine you are logged in to for malicious files. Your binary should live in encrypted form in the filesystem so that no static analysis would be possible even if identified and copied somewhere else. It should be only decrypted on the fly in memory when executed, so preventing dynamic analysis too, unless the decryption key is known. To experiment with such an idea Red Timmy Sec have created the "golden frieza" project.

tags | tool
systems | unix
SHA-256 | 41f188a8a31adc549c15b975f94febb25727777ba9bf32f0242c38f4b2c03bc0
EyesOfNetwork AutoDiscovery Target Command Execution
Posted Mar 3, 2020
Authored by Brendan Coles, Clement Billac, Erik Wynter | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities in EyesOfNetwork version 5.3 and prior in order to execute arbitrary commands as root. This module takes advantage of a command injection vulnerability in the target parameter of the AutoDiscovery functionality within the EON web interface in order to write an Nmap NSE script containing the payload to disk. It then starts an Nmap scan to activate the payload. This results in privilege escalation because the apache user can execute Nmap as root. Valid credentials for a user with administrative privileges are required. However, this module can bypass authentication via two methods, i.e. by generating an API access token based on a hard-coded key, and via SQL injection. This module has been successfully tested on EyesOfNetwork 5.3 with API version 2.4.2.

tags | exploit, web, arbitrary, root, vulnerability, sql injection
advisories | CVE-2020-8654, CVE-2020-8655, CVE-2020-8656, CVE-2020-8657
SHA-256 | ca3db710e6c2e94599263d57eba6a658ddbbec8120a91bed5f5b3b7fa9dc20a6
Ubuntu Security Notice USN-4290-2
Posted Mar 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4290-2 - USN-4290-1 fixed a vulnerability in libpam-radius-auth. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that libpam-radius-auth incorrectly handled certain long passwords. A remote attacker could possibly use this issue to cause libpam-radius-auth to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-9542
SHA-256 | e88d9001c79faddacce3f965f6b7deea49e815367fdba894d5a3e7e5730e6166
Red Hat Security Advisory 2020-0661-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0661-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, heap overflow, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-20976, CVE-2019-14816, CVE-2019-14895, CVE-2019-17133, CVE-2019-17666
SHA-256 | 07c3208d83521bdb147c46e8789a694174d432353ebe0e71efc235c05ccdc65f
Red Hat Security Advisory 2020-0653-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0653-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and heap overflow vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-14816, CVE-2019-14895, CVE-2019-17133
SHA-256 | 15c26f80d5ab7c4a7ffa313e8b48cf28f41cecfa4afcdcfc7951ba6b0cdaf899
GUnet OpenEclass 1.7.3 SQL Injection
Posted Mar 3, 2020
Authored by emaragkos

GUnet OpenEclass version 1.7.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e162d1edebed0020832cf809b72ac4a04a78f6fc85f445bff17873886d261cc6
RICOH Aficio SP 5210SF Printer HTML Injection
Posted Mar 3, 2020
Authored by Olga Villagran

The RICOH Aficio SP 5210SF printer suffers from a html injection vulnerability.

tags | exploit
SHA-256 | 60ef9b0d6c40fbf9912431936a070eb34763bac7e82555459a6f8d9d7360760e
Alfresco 5.2.4 Cross Site Scripting
Posted Mar 3, 2020
Authored by Alexandre Zanni, Romain Loisel

Alfresco version 5.2.4 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-8776, CVE-2020-8777, CVE-2020-8778
SHA-256 | e8b6bf3c9d0342e4295b21ad9cf44c5ed78bd87235425b6da9f85a1f54a77b2f
RICOH Aficio SP 5200S Printer HTML Injection
Posted Mar 3, 2020
Authored by Paulina Giron

The RICOH Aficio SP 5200S printer suffers from a html injection vulnerability.

tags | exploit
SHA-256 | 2feb057890c0c58d6eb51497dcfd5641289ed9e43349ea72cbdc87ad7829cb5b
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    8 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close