what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

Files Date: 2020-07-15

Ubuntu Security Notice USN-4424-1
Posted Jul 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4424-1 - It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without restrictions. A physical attacker could exploit this to craft cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. It was discovered that snapctl user-open allowed altering the XDG_DATA_DIRS environment variable when calling the system xdg-open. A malicious snap could exploit this to bypass intended access restrictions to control how the host system xdg-open script opens the URL. This issue did not affect Ubuntu Core systems. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-11933, CVE-2020-11934
MD5 | 87a21186ee9ea4e0e7f16c0ac71fbc4e
Ubuntu Security Notice USN-4199-2
Posted Jul 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4199-2 - USN-4199-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13194
MD5 | 6d26a2ce8c8d4bb8f1bda85ce67bd696
Red Hat Security Advisory 2020-2954-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2954-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.106 and .NET Core Runtime 3.1.6. .NET Core: XML source markup processing remote code execution. Issues addressed include a code execution vulnerability.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2020-1147
MD5 | d2e2524b75a5471c8ec3a10f36e09baf
Oracle Solaris 11 Device Driver Utility 1.3.1 Race Condition
Posted Jul 15, 2020
Authored by Larry W. Cashdollar

Oracle Solaris 11 Device Driver Utility version 1.3.1 suffers from an insecure use of /tmp that can allow for a race condition which leads to privilege escalation. Included exploit provides a root shell.

tags | exploit, shell, root
systems | solaris
advisories | CVE-2020-14724
MD5 | 0d782daa9cfb79ed229915dc519292a7
SecZetta NEProfile 3.3.11 Remote Code Execution
Posted Jul 15, 2020
Authored by Josh Sheppard

SecZetta NEProfile version 3.3.11 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2020-12854
MD5 | f14b49d5bf3f7e700db26375e42265ae
Red Hat Security Advisory 2020-2939-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2939-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.106 and .NET Core Runtime 3.1.6. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1147
MD5 | 0de8165af404825e40c6f0b3b0fb0b01
Red Hat Security Advisory 2020-2938-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2938-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that addresses a security vulnerability is now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1147
MD5 | 53fd6262e5fb13d14df367365b652a50
Red Hat Security Advisory 2020-2937-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2937-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1147
MD5 | 6cbcdeca6a5a8fce38e33a85bce8f399
Red Hat Security Advisory 2020-2933-01
Posted Jul 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2933-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An information exposure issue has been addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-18660
MD5 | 8f71e8fd138f17e03dc960b9e4349025
Ubuntu Security Notice USN-4423-1
Posted Jul 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4423-1 - It was discovered that X-Frame-Options could be bypassed in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct clickjacking attacks.

tags | advisory
systems | linux, ubuntu
MD5 | e85ed607c7bdf4f180365b498a3cc7c1
Zyxel Armor X1 WAP6806 Directory Traversal
Posted Jul 15, 2020
Authored by Rajivarnan R

Zyxel Armor X1 WAP6806 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2020-14461
MD5 | 3489e3347ae626ade153762d017313f6
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close