what you don't know can hurt you
Showing 1 - 23 of 23 RSS Feed

Files Date: 2020-03-18

Falco 0.21.0
Posted Mar 18, 2020
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: A major change was announced where the SYSDIG_BPF_PROBE environment variable is now just FALCO_BPF_PROBE. Various other updates.
tags | tool, intrusion detection
systems | unix
MD5 | a4c62f75ad8620b01617334523a731d1
Centreon Poller Authenticated Remote Command Execution
Posted Mar 18, 2020
Authored by mekhalleh, Fabien Aunay, Omri Baso | Site metasploit.com

This Metasploit module exploits a flaw where an authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules (to perform certain actions), by the scheduler for data processing, etc. This module uses this functionality to obtain a remote shell on the target.

tags | exploit, remote, arbitrary, shell
MD5 | f836c47b897e703e5d16cddb0a5f7823
OpenSSL Toolkit 1.1.1e
Posted Mar 18, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: It now properly detects EOF while reading in libssl. Fixed SSL_get_servername() behaviour. Various other updates and bug fixes.
tags | tool, encryption, protocol
systems | unix
MD5 | baeff2a64d2f3d7e0a69b677c9977b57
Red Hat Security Advisory 2020-0892-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0892-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. An issue with insecure dropping of privileges when unsetting PRIVILEGED option was addressed.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2019-20044
MD5 | 2e1531394e5c2a3700bb3d016a1655c7
Ubuntu Security Notice USN-4171-5
Posted Mar 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4171-5 - USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem. Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Various other issues were also addressed.

tags | advisory, denial of service, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11481, CVE-2019-11482, CVE-2019-11483, CVE-2019-11485, CVE-2019-15790
MD5 | b7c1da16b8ea42319c7c7dcf19894e3d
Red Hat Security Advisory 2020-0889-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0889-01 - The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-14378, CVE-2019-15890, CVE-2020-7039, CVE-2020-8608
MD5 | e729c7c5549f1baa53123e88c9850236
ZoneAlarm TrueVector Internet Monitor Insecure NTFS Permissions
Posted Mar 18, 2020
Authored by Yorick Koster, Securify B.V.

A vulnerability was found in the TrueVector Internet Monitor service, which is installed as part of the Check Point ZoneAlarm firewall. This vulnerability allows a local attacker to cause the affected service to change the file permissions of arbitrary local files. After the file permissions have been changed, the attacker can then overwrite its content, and ultimately gain elevated privileges on the vulnerable machine. This vulnerability was successfully verified on ZoneAlarm Free Firewall version 15.8.023.18219 and TrueVector Internet Monitor version 15.8.7.18219.

tags | exploit, arbitrary, local
MD5 | 1e8fb7ac9173e275aa2f2eb88bbbecd5
Razer Synapse Service 1.0.0 DLL Injection
Posted Mar 18, 2020
Authored by Juan Sacco

Razer Synapse Service version 1.0.0 suffers from a DLL injection vulnerability that can escalate privileges to SYSTEM.

tags | exploit
MD5 | 462cb9cffc5b2c1587857c2adb98822a
Red Hat Security Advisory 2020-0870-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0870-01 - Flask is a lightweight but extensible web development framework for Python based on the Werkzeug WSGI toolkit, and the Jinja 2 template engine. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, python
systems | linux, redhat
advisories | CVE-2018-1000656
MD5 | 228827defe804859df6e971e88c2ba1e
Ubuntu Security Notice USN-4306-1
Posted Mar 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4306-1 - It was discovered that Dino incorrectly validated inputs. An attacker could use this issue to possibly obtain, inject or remove sensitive information. This update also includes a fix to the encryption implementation in Dino to support 12 byte IVs, in addition to 16 byte IVs.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-16235
MD5 | 893d3685437aa9b3ccdcd8bd7da84ef0
Microsoft VSCode Python Extension Code Execution
Posted Mar 18, 2020
Authored by DoyenSec

Proof of concept exploit for a Microsoft VSCode python extension code execution vulnerability.

tags | exploit, code execution, proof of concept, python
MD5 | 24626a525ed32f6f124ca3a15f0bb0a7
Dynamic MessageBoxA||W PEB And Import Table Method Shellcode
Posted Mar 18, 2020
Authored by Bobby Cooke

232 bytes small Dynamic MessageBoxA||W PEB and Import Table Method shellcode.

tags | shellcode
MD5 | 6c64349a2e58b477d56f2029714b815d
Red Hat Security Advisory 2020-0834-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0834-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11487, CVE-2019-17666, CVE-2019-19338
MD5 | f77a8382079ef6bc1f5235dfa18158be
Red Hat Security Advisory 2020-0853-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0853-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. An issue with insecure dropping of privileges when unsetting PRIVILEGED option was addressed.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2019-20044
MD5 | c774c8d4f668b77ce9d546dca99f95fd
VMware Fusion Local Privilege Escalation / Directory Traversal
Posted Mar 18, 2020
Authored by Grimm

A directory traversal vulnerability in VMware Fusion's SUID binaries can allow an attacker to run commands as the root user. Various 10.x and 11.x versions are affected.

tags | exploit, root
MD5 | 2ce339c89430e546664a7f58d1941528
Ivanti Workspace Manager Security Bypass
Posted Mar 18, 2020
Authored by Juan Sacco

Ivanti Workspace Manager versions prior to 10.3.90 suffer from a bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-10885
MD5 | 7d5aa5b55686f1b2087f5cd444c7b3cc
Red Hat Security Advisory 2020-0850-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0850-01 - An update for python-pip is now available for Red Hat Enterprise Linux 7. CRLF injection and credential exposure issues were addressed.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-18074, CVE-2018-20060, CVE-2019-11236, CVE-2019-11324
MD5 | eff1e890424eb7eb1c66344414b21dba
Microtik SSH Daemon 6.44.3 Denial Of Service
Posted Mar 18, 2020
Authored by Hosein Askari

Microtik SSH Daemon version 6.44.3 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 99df04febb71231588ca4e6c22252925
Red Hat Security Advisory 2020-0839-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0839-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11487, CVE-2019-17666, CVE-2019-19338
MD5 | f2838bc7de71dc6656b7493ab22bcf47
Netlink GPON Router 1.0.11 Remote Code Execution
Posted Mar 18, 2020
Authored by shellord

Netlink GPON Router version 1.0.11 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 1cc2827378b92a22ae328bb04c5645b8
Manually Exploiting Intel AMT
Posted Mar 18, 2020
Authored by Laxita Jain

This document illustrates the manual exploitation of the vulnerability found in the Intel Active Management Technology in 2017 that stripped off the primary authentication mechanism in the Intel AMT web interface.

tags | paper, web
advisories | CVE-2017-5689
MD5 | 72fd2e7bef5700602d4113b623fb94b5
pppd 2.4.8 Buffer Overflow
Posted Mar 18, 2020
Authored by nu11secur1ty, Ventsislav Varbanovski

pppd versions 2.4.2 through 2.4.8 buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2020-8597
MD5 | c66aef2c81ab020e40674a238fc9d130
NetBackup 7.0 Unquoted Service Path
Posted Mar 18, 2020
Authored by Alan Mondragon

NetBackup version 7.0 suffers from a NetBackup INET Daemon unquoted service path vulnerability.

tags | exploit
MD5 | c1123187f9faaaafd92c40eaabbec8ab
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    10 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close