what you don't know can hurt you
Showing 1 - 23 of 23 RSS Feed

Files Date: 2020-03-18

Falco 0.21.0
Posted Mar 18, 2020
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: A major change was announced where the SYSDIG_BPF_PROBE environment variable is now just FALCO_BPF_PROBE. Various other updates.
tags | tool, intrusion detection
systems | unix
MD5 | a4c62f75ad8620b01617334523a731d1
Centreon Poller Authenticated Remote Command Execution
Posted Mar 18, 2020
Authored by mekhalleh, Fabien Aunay, Omri Baso | Site metasploit.com

This Metasploit module exploits a flaw where an authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules (to perform certain actions), by the scheduler for data processing, etc. This module uses this functionality to obtain a remote shell on the target.

tags | exploit, remote, arbitrary, shell
MD5 | f836c47b897e703e5d16cddb0a5f7823
OpenSSL Toolkit 1.1.1e
Posted Mar 18, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: It now properly detects EOF while reading in libssl. Fixed SSL_get_servername() behaviour. Various other updates and bug fixes.
tags | tool, encryption, protocol
systems | unix
MD5 | baeff2a64d2f3d7e0a69b677c9977b57
Red Hat Security Advisory 2020-0892-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0892-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. An issue with insecure dropping of privileges when unsetting PRIVILEGED option was addressed.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2019-20044
MD5 | 2e1531394e5c2a3700bb3d016a1655c7
Ubuntu Security Notice USN-4171-5
Posted Mar 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4171-5 - USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem. Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Various other issues were also addressed.

tags | advisory, denial of service, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11481, CVE-2019-11482, CVE-2019-11483, CVE-2019-11485, CVE-2019-15790
MD5 | b7c1da16b8ea42319c7c7dcf19894e3d
Red Hat Security Advisory 2020-0889-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0889-01 - The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-14378, CVE-2019-15890, CVE-2020-7039, CVE-2020-8608
MD5 | e729c7c5549f1baa53123e88c9850236
ZoneAlarm TrueVector Internet Monitor Insecure NTFS Permissions
Posted Mar 18, 2020
Authored by Yorick Koster, Securify B.V.

A vulnerability was found in the TrueVector Internet Monitor service, which is installed as part of the Check Point ZoneAlarm firewall. This vulnerability allows a local attacker to cause the affected service to change the file permissions of arbitrary local files. After the file permissions have been changed, the attacker can then overwrite its content, and ultimately gain elevated privileges on the vulnerable machine. This vulnerability was successfully verified on ZoneAlarm Free Firewall version 15.8.023.18219 and TrueVector Internet Monitor version 15.8.7.18219.

tags | exploit, arbitrary, local
MD5 | 1e8fb7ac9173e275aa2f2eb88bbbecd5
Razer Synapse Service 1.0.0 DLL Injection
Posted Mar 18, 2020
Authored by Juan Sacco

Razer Synapse Service version 1.0.0 suffers from a DLL injection vulnerability that can escalate privileges to SYSTEM.

tags | exploit
MD5 | 462cb9cffc5b2c1587857c2adb98822a
Red Hat Security Advisory 2020-0870-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0870-01 - Flask is a lightweight but extensible web development framework for Python based on the Werkzeug WSGI toolkit, and the Jinja 2 template engine. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, python
systems | linux, redhat
advisories | CVE-2018-1000656
MD5 | 228827defe804859df6e971e88c2ba1e
Ubuntu Security Notice USN-4306-1
Posted Mar 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4306-1 - It was discovered that Dino incorrectly validated inputs. An attacker could use this issue to possibly obtain, inject or remove sensitive information. This update also includes a fix to the encryption implementation in Dino to support 12 byte IVs, in addition to 16 byte IVs.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-16235
MD5 | 893d3685437aa9b3ccdcd8bd7da84ef0
Microsoft VSCode Python Extension Code Execution
Posted Mar 18, 2020
Authored by DoyenSec

Proof of concept exploit for a Microsoft VSCode python extension code execution vulnerability.

tags | exploit, code execution, proof of concept, python
MD5 | 24626a525ed32f6f124ca3a15f0bb0a7
Dynamic MessageBoxA||W PEB And Import Table Method Shellcode
Posted Mar 18, 2020
Authored by Bobby Cooke

232 bytes small Dynamic MessageBoxA||W PEB and Import Table Method shellcode.

tags | shellcode
MD5 | 6c64349a2e58b477d56f2029714b815d
Red Hat Security Advisory 2020-0834-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0834-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11487, CVE-2019-17666, CVE-2019-19338
MD5 | f77a8382079ef6bc1f5235dfa18158be
Red Hat Security Advisory 2020-0853-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0853-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. An issue with insecure dropping of privileges when unsetting PRIVILEGED option was addressed.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2019-20044
MD5 | c774c8d4f668b77ce9d546dca99f95fd
VMware Fusion Local Privilege Escalation / Directory Traversal
Posted Mar 18, 2020
Authored by Grimm

A directory traversal vulnerability in VMware Fusion's SUID binaries can allow an attacker to run commands as the root user. Various 10.x and 11.x versions are affected.

tags | exploit, root
MD5 | 2ce339c89430e546664a7f58d1941528
Ivanti Workspace Manager Security Bypass
Posted Mar 18, 2020
Authored by Juan Sacco

Ivanti Workspace Manager versions prior to 10.3.90 suffer from a bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-10885
MD5 | 7d5aa5b55686f1b2087f5cd444c7b3cc
Red Hat Security Advisory 2020-0850-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0850-01 - An update for python-pip is now available for Red Hat Enterprise Linux 7. CRLF injection and credential exposure issues were addressed.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-18074, CVE-2018-20060, CVE-2019-11236, CVE-2019-11324
MD5 | eff1e890424eb7eb1c66344414b21dba
Microtik SSH Daemon 6.44.3 Denial Of Service
Posted Mar 18, 2020
Authored by Hosein Askari

Microtik SSH Daemon version 6.44.3 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 99df04febb71231588ca4e6c22252925
Red Hat Security Advisory 2020-0839-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0839-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11487, CVE-2019-17666, CVE-2019-19338
MD5 | f2838bc7de71dc6656b7493ab22bcf47
Netlink GPON Router 1.0.11 Remote Code Execution
Posted Mar 18, 2020
Authored by shellord

Netlink GPON Router version 1.0.11 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 1cc2827378b92a22ae328bb04c5645b8
Manually Exploiting Intel AMT
Posted Mar 18, 2020
Authored by Laxita Jain

This document illustrates the manual exploitation of the vulnerability found in the Intel Active Management Technology in 2017 that stripped off the primary authentication mechanism in the Intel AMT web interface.

tags | paper, web
advisories | CVE-2017-5689
MD5 | 72fd2e7bef5700602d4113b623fb94b5
pppd 2.4.8 Buffer Overflow
Posted Mar 18, 2020
Authored by nu11secur1ty, Ventsislav Varbanovski

pppd versions 2.4.2 through 2.4.8 buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2020-8597
MD5 | c66aef2c81ab020e40674a238fc9d130
NetBackup 7.0 Unquoted Service Path
Posted Mar 18, 2020
Authored by Alan Mondragon

NetBackup version 7.0 suffers from a NetBackup INET Daemon unquoted service path vulnerability.

tags | exploit
MD5 | c1123187f9faaaafd92c40eaabbec8ab
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    17 Files
  • 14
    Aug 14th
    7 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close