exploit the possibilities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2020-03-04

Red Hat Security Advisory 2020-0708-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0708-01 - The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. HTTP request smuggling was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-15605
MD5 | 5d4cdb074b55a1c308856826f531aee6
Red Hat Security Advisory 2020-0707-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0707-01 - The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. HTTP request smuggling was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-15605
MD5 | 98961f4d0f866c3d52ff3339f77a8748
Red Hat Security Advisory 2020-0704-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0704-01 - Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1311
MD5 | 03b27f7da74138188c83b9b274f067e7
Ubuntu Security Notice USN-4296-1
Posted Mar 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4296-1 - Norbert Szetei discovered that Django incorrectly handled the GIS functions and aggregates on Oracle. A remote attacker could possibly use this issue to perform an SQL injection attack.

tags | advisory, remote, sql injection
systems | linux, ubuntu
advisories | CVE-2020-9402
MD5 | 0e88fdf09d5ee84a51c897d800e2a9b4
Exchange Control Panel Viewstate Deserialization
Posted Mar 4, 2020
Authored by Spencer McIntyre | Site metasploit.com

This Metasploit module exploits a .NET serialization vulnerability in the Exchange Control Panel (ECP) web page. The vulnerability is due to Microsoft Exchange Server not randomizing the keys on a per-installation basis resulting in them using the same validationKey and decryptionKey values. With knowledge of these, values an attacker can craft a special viewstate to cause an OS command to be executed by NT_AUTHORITY\SYSTEM using .NET deserialization.

tags | exploit, web
advisories | CVE-2020-0688
MD5 | ed889ec6ff5a153c3263e25acbc08820
Red Hat Security Advisory 2020-0703-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0703-01 - The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. HTTP request smuggling was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-15605
MD5 | d7ca44abbe777828c0bf0e0e2ca3ca38
Red Hat Security Advisory 2020-0702-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0702-01 - Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1311
MD5 | c06a7e21b3ee4b0e63ac8ecbf95ebee8
Red Hat Security Advisory 2020-0617-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0617-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An issue where /etc/passwd was given incorrect privileges has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19345, CVE-2019-19346, CVE-2019-19348, CVE-2020-1707, CVE-2020-1708
MD5 | 113d76ae6cfc4a83e4afcf566b9f2797
Ubuntu Security Notice USN-4295-1
Posted Mar 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4295-1 - It was discovered that Rake incorrectly handled certain files. An attacker could use this issue to possibly execute arbitrary commands.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8130
MD5 | ed5349a254769a0ec902a734db209901
XOO Digital 2.1.0 SQL Injection
Posted Mar 4, 2020
Authored by indoushka

XOO Digital version 2.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9818040eb97253552e16699d8221e159
UniSharp Laravel File Manager 2.0.0 Arbitrary File Read
Posted Mar 4, 2020
Authored by NgoAnhDuc

UniSharp Laravel File Manager version 2.0.0 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
MD5 | 36c28a5443f575569570688658545271
Running Encrypted ELF Binaries In Memory
Posted Mar 4, 2020
Authored by Marco Ortisi, redtimmysec

Whitepaper called Blue Team vs. Red Team: How to run your encrypted binaries in memory and go undetected. This paper discusses the golden frieza project.

tags | paper
MD5 | 52ec6510fb7651a2bf2d2fba030f87b6
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close