what you don't know can hurt you
Showing 1 - 23 of 23 RSS Feed

Files Date: 2020-03-18

Falco 0.21.0
Posted Mar 18, 2020
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: A major change was announced where the SYSDIG_BPF_PROBE environment variable is now just FALCO_BPF_PROBE. Various other updates.
tags | tool, intrusion detection
systems | unix
SHA-256 | b1c9884855d58be94a97b2e348bcdc7db995800f0405b0f4e9a7176ee2f094a7
Centreon Poller Authenticated Remote Command Execution
Posted Mar 18, 2020
Authored by mekhalleh, Fabien Aunay, Omri Baso | Site metasploit.com

This Metasploit module exploits a flaw where an authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules (to perform certain actions), by the scheduler for data processing, etc. This module uses this functionality to obtain a remote shell on the target.

tags | exploit, remote, arbitrary, shell
SHA-256 | 4fc454b9a7db2a27a465a12d5f364a39e3ac7dba6dcd7fc3801635b21c08d5b6
OpenSSL Toolkit 1.1.1e
Posted Mar 18, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: It now properly detects EOF while reading in libssl. Fixed SSL_get_servername() behaviour. Various other updates and bug fixes.
tags | tool, encryption, protocol
systems | unix
SHA-256 | 694f61ac11cb51c9bf73f54e771ff6022b0327a43bbdfa1b2f19de1662a6dcbe
Red Hat Security Advisory 2020-0892-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0892-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. An issue with insecure dropping of privileges when unsetting PRIVILEGED option was addressed.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2019-20044
SHA-256 | d0032e950eb465a7201ef0e9492897f02d9331ada9af4126d44dd1c18bd05c4c
Ubuntu Security Notice USN-4171-5
Posted Mar 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4171-5 - USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem. Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Various other issues were also addressed.

tags | advisory, denial of service, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11481, CVE-2019-11482, CVE-2019-11483, CVE-2019-11485, CVE-2019-15790
SHA-256 | 75bef91aa3e4884192cffeb9817cb1afc24784b2d7d29e5bed569257728aa0f2
Red Hat Security Advisory 2020-0889-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0889-01 - The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-14378, CVE-2019-15890, CVE-2020-7039, CVE-2020-8608
SHA-256 | cb90c6cd9a262933377b552a4fe0e120111a99614cf0f6c9da1cefaa8d581cbd
ZoneAlarm TrueVector Internet Monitor Insecure NTFS Permissions
Posted Mar 18, 2020
Authored by Yorick Koster, Securify B.V.

A vulnerability was found in the TrueVector Internet Monitor service, which is installed as part of the Check Point ZoneAlarm firewall. This vulnerability allows a local attacker to cause the affected service to change the file permissions of arbitrary local files. After the file permissions have been changed, the attacker can then overwrite its content, and ultimately gain elevated privileges on the vulnerable machine. This vulnerability was successfully verified on ZoneAlarm Free Firewall version 15.8.023.18219 and TrueVector Internet Monitor version 15.8.7.18219.

tags | exploit, arbitrary, local
SHA-256 | 02f488ac378d0162d935ec047a7f4397a62ed4cbe4aebb0d1d4566f204e6add5
Razer Synapse Service 1.0.0 DLL Injection
Posted Mar 18, 2020
Authored by Juan Sacco

Razer Synapse Service version 1.0.0 suffers from a DLL injection vulnerability that can escalate privileges to SYSTEM.

tags | exploit
SHA-256 | 495359aea72909f15906270788c6b74cd49fa920f716256f202875b418a86cf3
Red Hat Security Advisory 2020-0870-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0870-01 - Flask is a lightweight but extensible web development framework for Python based on the Werkzeug WSGI toolkit, and the Jinja 2 template engine. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, python
systems | linux, redhat
advisories | CVE-2018-1000656
SHA-256 | 016d1b79215ffe41441199e4e3ffee6992e3b9c6b1b41aa69d4af900072dc7f5
Ubuntu Security Notice USN-4306-1
Posted Mar 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4306-1 - It was discovered that Dino incorrectly validated inputs. An attacker could use this issue to possibly obtain, inject or remove sensitive information. This update also includes a fix to the encryption implementation in Dino to support 12 byte IVs, in addition to 16 byte IVs.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-16235
SHA-256 | a2f47a230f911f76555a82ef0156744fc0e7d0d73052c80d4f504e0a8010ebd4
Microsoft VSCode Python Extension Code Execution
Posted Mar 18, 2020
Authored by DoyenSec

Proof of concept exploit for a Microsoft VSCode python extension code execution vulnerability.

tags | exploit, code execution, proof of concept, python
SHA-256 | 025f73454d1ef7631173c3393c24e1203dc75a77cab3ab1a9da0f5201963a303
Dynamic MessageBoxA||W PEB And Import Table Method Shellcode
Posted Mar 18, 2020
Authored by Bobby Cooke

232 bytes small Dynamic MessageBoxA||W PEB and Import Table Method shellcode.

tags | shellcode
SHA-256 | a59207d673c6ae2ce3319ba16803d2d5ba9f5bd698e3c783ec0895dedd0d7478
Red Hat Security Advisory 2020-0834-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0834-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11487, CVE-2019-17666, CVE-2019-19338
SHA-256 | 758a425822c3749b7f1c327d3b1465dd171e616d8dec19e7e019946e186c08ee
Red Hat Security Advisory 2020-0853-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0853-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. An issue with insecure dropping of privileges when unsetting PRIVILEGED option was addressed.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2019-20044
SHA-256 | 4335e4dad0c3d3395d391de372ba2fb83499e28428e3de98b138545d103d7fda
VMware Fusion Local Privilege Escalation / Directory Traversal
Posted Mar 18, 2020
Authored by Grimm

A directory traversal vulnerability in VMware Fusion's SUID binaries can allow an attacker to run commands as the root user. Various 10.x and 11.x versions are affected.

tags | exploit, root
SHA-256 | 8ed4482dd535aafff278cebf5b26efbd2b1fdaa02044539836e9e1b487553621
Ivanti Workspace Manager Security Bypass
Posted Mar 18, 2020
Authored by Juan Sacco

Ivanti Workspace Manager versions prior to 10.3.90 suffer from a bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-10885
SHA-256 | d5a5d5763c494f264bad3c58327b4e873bfe30a582df25931163b631bce663ba
Red Hat Security Advisory 2020-0850-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0850-01 - An update for python-pip is now available for Red Hat Enterprise Linux 7. CRLF injection and credential exposure issues were addressed.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-18074, CVE-2018-20060, CVE-2019-11236, CVE-2019-11324
SHA-256 | c1674723bf5c16e5a05432dc3f9d31be0db0dce59a812facdd8e98956fcd15bf
Microtik SSH Daemon 6.44.3 Denial Of Service
Posted Mar 18, 2020
Authored by Hosein Askari

Microtik SSH Daemon version 6.44.3 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | ef78bf04172f75d2db6c62245121b1b179e68f6949f2f6cc0e9d92cb8765d047
Red Hat Security Advisory 2020-0839-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0839-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11487, CVE-2019-17666, CVE-2019-19338
SHA-256 | 86bf34ad4e6ff350aaa75831b2d6bf93552d185d2baf99a97059c30ad2a3aa0b
Netlink GPON Router 1.0.11 Remote Code Execution
Posted Mar 18, 2020
Authored by shellord

Netlink GPON Router version 1.0.11 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | a2cd44db9b8737d54512b900c1682e0248edce009fd815a46a2fa5c38c4ec7ff
Manually Exploiting Intel AMT
Posted Mar 18, 2020
Authored by Laxita Jain

This document illustrates the manual exploitation of the vulnerability found in the Intel Active Management Technology in 2017 that stripped off the primary authentication mechanism in the Intel AMT web interface.

tags | paper, web
advisories | CVE-2017-5689
SHA-256 | cfebcadf4361db526ce74bd43cf6067fdd66062b8ff3d28335972d33dcde2b8d
pppd 2.4.8 Buffer Overflow
Posted Mar 18, 2020
Authored by nu11secur1ty, Ventsislav Varbanovski

pppd versions 2.4.2 through 2.4.8 buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2020-8597
SHA-256 | 10a6602a635fe00eda73adff8cbfa55b1f8d3d56c298fa18edcd1caf80413f7a
NetBackup 7.0 Unquoted Service Path
Posted Mar 18, 2020
Authored by Alan Mondragon

NetBackup version 7.0 suffers from a NetBackup INET Daemon unquoted service path vulnerability.

tags | exploit
SHA-256 | edaca32624a2ddf4a6ca6091b83f06f4199b8f9916f2f065e6b36ed3cf5a2eeb
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close