what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2020-07-02

AnyDesk GUI Format String Write
Posted Jul 2, 2020
Authored by Spencer McIntyre, scryh | Site metasploit.com

The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger the vulnerability. On successful exploitation, code is executed within the context of the user who started the AnyDesk GUI.

tags | exploit
advisories | CVE-2020-13160
SHA-256 | 3a9a77f3da97e3fa3eabb2ff840fb3ea885747038fdb66fcbcb8f64ab38332f4
Red Hat Security Advisory 2020-2817-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2817-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2019-20372
SHA-256 | 8532ff6109d76302c144b3361db60c0aa50758a60d06b2d79ebf30dee7c39f74
Wireshark Analyzer 3.2.5
Posted Jul 2, 2020
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: A GVCP dissector infinite loop vulnerability has been addressed along with many other bug fixes.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2020-15466
SHA-256 | bd89052a5766cce08b1090df49628567e48cdd24bbaa47667c851bac6aaac940
AIEngine 2.0.0
Posted Jul 2, 2020
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Changes: Support for read cooked devices and pcap files. Split the bytes and packet metrics of the flow on upstream and downstream. Added support for search networks on IPvv4 on python(show_flows) and on the HTTP interface. Many other additions and fixes.
tags | tool
systems | unix
SHA-256 | 799bac2e6f3d6d87c6ff98afc9bb5be9e6dfc175a8fce55552688bf68cfcb34d
EQDKP Plus CMS 2.3.29 Cross Site Scripting
Posted Jul 2, 2020
Authored by Farhan Rahman, Nik Ramadhan Nik Idris | Site sec-consult.com

EQDKP Plus CMS versions 2.3.29 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 96581e3268698e7949f7963bd55792656b81cc7537416ddc64e37abb905a7742
Ubuntu Security Notice USN-4409-1
Posted Jul 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4409-1 - Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. Douglas Bagnall discovered that Samba incorrectly handled certain queries. A remote attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-10730, CVE-2020-10745, CVE-2020-10760
SHA-256 | 4924b1a19dd6a621e54d404d4a685266e56a5f2ab5c765d8c6c670cc4f44855b
Red Hat Security Advisory 2020-2816-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2816-01 - Packages: Red Hat Single Sign-On 7.4.1 adapters for Red Hat JBoss Enterprise Application Platform 6. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1714
SHA-256 | 37ae1faf530d1b55f569d88661539cc9d8e6dc9ac6c0e7c7785727ff4bd5a343
Ubuntu Security Notice USN-4408-1
Posted Jul 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4408-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass permission prompts, or execute arbitrary code. It was discovered that when performing add-on updates, certificate chains not terminating with built-in roots were silently rejected. This could result in add-ons becoming outdated. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2020-12415, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426
SHA-256 | 6ca4741ec78669fe449e3105edcdad19b8a5775cdcccfa95a54e6e0651210cf2
Red Hat Security Advisory 2020-2814-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2814-01 - Packages: Red Hat Single Sign-On 7.4.1 adapters for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1714
SHA-256 | 502f03d181f164bfaf25712bd57530d9cd65c56ec4a6b9b8f5673ae775f3e570
Red Hat Security Advisory 2020-2813-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2813-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.1 serves as a replacement for Red Hat Single Sign-On 7.4.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-10719, CVE-2020-10748, CVE-2020-11022, CVE-2020-11023, CVE-2020-1694, CVE-2020-1714, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548
SHA-256 | 1c1d602b8a2a7830043fa2e0ba5fef5fa819bd9b6197bfeb59f173a6993f87e6
Ubuntu Security Notice USN-4407-1
Posted Jul 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4407-1 - It was discovered that LibVNCServer incorrectly handled decompressing data. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. It was discovered that an information disclosure vulnerability existed in LibVNCServer when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, info disclosure
systems | linux, ubuntu
advisories | CVE-2017-18922, CVE-2019-15680, CVE-2019-15681, CVE-2019-20788
SHA-256 | 381823d3f578d2ce7c04ed4ac635ad995451cdf2fecebc4a75523f9889132a63
Red Hat Security Advisory 2020-2799-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2799-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-11253
SHA-256 | fd07a6bd3b655cfbbe4dfc3cbfac15f701c8670e8eafef1bca994f93593bbda5
Red Hat Security Advisory 2020-2795-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2795-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-11253, CVE-2020-14306
SHA-256 | e9043d6ff8097b17353dd617de418d1713971ad9b6dae3696ed363b36664def9
Red Hat Security Advisory 2020-2796-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2796-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include cross site scripting, denial of service, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11253, CVE-2019-16769, CVE-2020-12052, CVE-2020-12245, CVE-2020-13379, CVE-2020-13430, CVE-2020-7660, CVE-2020-7662
SHA-256 | 80a98f897d0125587f947d7e21d187fdf53a7ab0eecebcab70a90ca4d0b97ac0
Red Hat Security Advisory 2020-2798-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2798-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a resource exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12603, CVE-2020-12604, CVE-2020-12605, CVE-2020-8663
SHA-256 | dc335eda8e8b9827967b99450ea48210135b55c100b7fc2697ea1f19dac97241
Red Hat Security Advisory 2020-2595-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2595-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1750, CVE-2020-8616, CVE-2020-8617
SHA-256 | 2dc2027788a2469b52ac06d8c4d6495cafd25c31f8ca4b7ed6e5aeb5002d87e2
Red Hat Security Advisory 2020-2594-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2594-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a server-side request forgery vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8555
SHA-256 | 35ad6edc32870963614b04e2e20063cf7ef2dccdd8b045a478f367eef522e10c
Red Hat Security Advisory 2020-2592-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2592-01 - The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10749
SHA-256 | ecb22dc9704b8ee9c3afe94ec3aabe2bf4b529fec3f11c1b11710f0337d9d2c3
macOS Privacy Protection Bypass
Posted Jul 2, 2020
Authored by Jeff Johnson | Site lapcatsoftware.com

Proof of concept Xcode project that leverages Safari to demonstrate a macOS privacy protections bypass vulnerability.

tags | exploit, proof of concept, bypass
SHA-256 | 67c83963ffe24a3a123e62b635d2bf0846d65ed8f00bbaa9ab88e8747cb9895e
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close