what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files Date: 2020-07-02

AnyDesk GUI Format String Write
Posted Jul 2, 2020
Authored by Spencer McIntyre, scryh | Site metasploit.com

The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger the vulnerability. On successful exploitation, code is executed within the context of the user who started the AnyDesk GUI.

tags | exploit
advisories | CVE-2020-13160
MD5 | e9ef3a85832f0886a5ba8ac4e7bad664
Red Hat Security Advisory 2020-2817-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2817-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2019-20372
MD5 | ff035f1244dbfc0959dcde6a860cb2bf
Wireshark Analyzer 3.2.5
Posted Jul 2, 2020
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: A GVCP dissector infinite loop vulnerability has been addressed along with many other bug fixes.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2020-15466
MD5 | 56d7c971d6d8f03175183cc411653e6c
AIEngine 2.0.0
Posted Jul 2, 2020
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Changes: Support for read cooked devices and pcap files. Split the bytes and packet metrics of the flow on upstream and downstream. Added support for search networks on IPvv4 on python(show_flows) and on the HTTP interface. Many other additions and fixes.
tags | tool
systems | unix
MD5 | 0427da1e7d253e36925e47988634bff5
EQDKP Plus CMS 2.3.29 Cross Site Scripting
Posted Jul 2, 2020
Authored by Farhan Rahman, Nik Ramadhan Nik Idris | Site sec-consult.com

EQDKP Plus CMS versions 2.3.29 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6e0586e92216026b2681d3aa315d4314
Ubuntu Security Notice USN-4409-1
Posted Jul 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4409-1 - Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. Douglas Bagnall discovered that Samba incorrectly handled certain queries. A remote attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-10730, CVE-2020-10745, CVE-2020-10760
MD5 | 3322491090594c014bb7c6e818e27fff
Red Hat Security Advisory 2020-2816-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2816-01 - Packages: Red Hat Single Sign-On 7.4.1 adapters for Red Hat JBoss Enterprise Application Platform 6. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1714
MD5 | 305c99a3906baeee9845f83cd9f59f6c
Ubuntu Security Notice USN-4408-1
Posted Jul 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4408-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass permission prompts, or execute arbitrary code. It was discovered that when performing add-on updates, certificate chains not terminating with built-in roots were silently rejected. This could result in add-ons becoming outdated. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2020-12415, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426
MD5 | 48c7a1a12cccbc01a51fc442ac452636
Red Hat Security Advisory 2020-2814-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2814-01 - Packages: Red Hat Single Sign-On 7.4.1 adapters for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1714
MD5 | 89b5259b3e747b45dc8b0c79b028d834
Red Hat Security Advisory 2020-2813-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2813-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.1 serves as a replacement for Red Hat Single Sign-On 7.4.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-10719, CVE-2020-10748, CVE-2020-11022, CVE-2020-11023, CVE-2020-1694, CVE-2020-1714, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548
MD5 | fc87487bd16e3e344871d5b5c6ab11d5
Ubuntu Security Notice USN-4407-1
Posted Jul 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4407-1 - It was discovered that LibVNCServer incorrectly handled decompressing data. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. It was discovered that an information disclosure vulnerability existed in LibVNCServer when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, info disclosure
systems | linux, ubuntu
advisories | CVE-2017-18922, CVE-2019-15680, CVE-2019-15681, CVE-2019-20788
MD5 | ab2befd375e9d3e5fb9cb009d5446e52
Red Hat Security Advisory 2020-2799-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2799-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-11253
MD5 | 96f2e45ea9876e606700c1bfb84d3d70
Red Hat Security Advisory 2020-2795-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2795-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-11253, CVE-2020-14306
MD5 | 9d457955ad6464fc4faa2cd0e4b741ed
Red Hat Security Advisory 2020-2796-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2796-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include cross site scripting, denial of service, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11253, CVE-2019-16769, CVE-2020-12052, CVE-2020-12245, CVE-2020-13379, CVE-2020-13430, CVE-2020-7660, CVE-2020-7662
MD5 | 6aa2c306664a21495013deb64b301e7b
Red Hat Security Advisory 2020-2798-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2798-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a resource exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12603, CVE-2020-12604, CVE-2020-12605, CVE-2020-8663
MD5 | 555134472c4668f698e1e991fa50ec93
Red Hat Security Advisory 2020-2595-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2595-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1750, CVE-2020-8616, CVE-2020-8617
MD5 | bf6d357bfb4dbbd15b7e7767bb19110a
Red Hat Security Advisory 2020-2594-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2594-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a server-side request forgery vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8555
MD5 | 8512fbf6c1d479b9a516dfe1e1eda42b
Red Hat Security Advisory 2020-2592-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2592-01 - The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10749
MD5 | 0742a2b9dcdee8cf2afcde085dad53ec
macOS Privacy Protection Bypass
Posted Jul 2, 2020
Authored by Jeff Johnson | Site lapcatsoftware.com

Proof of concept Xcode project that leverages Safari to demonstrate a macOS privacy protections bypass vulnerability.

tags | exploit, proof of concept, bypass
MD5 | 01ec5551b26be5360691d2c1c326ec2a
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    17 Files
  • 14
    Aug 14th
    3 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close