what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files Date: 2020-08-18

Ubuntu Security Notice USN-4464-1
Posted Aug 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4464-1 - It was discovered that GNOME Shell incorrectly handled the login screen password dialog. Sensitive information could possibly be exposed during user logout.

tags | advisory, shell
systems | linux, ubuntu
advisories | CVE-2020-17489
MD5 | 8745f9f5ffe60d4092fe96c7797d1064
ClamOne 0.102.4-1
Posted Aug 18, 2020
Authored by Lazlo182 | Site github.com

ClamOne is an open source Linux front-end to the ClamAV Antivirus Engine. A basic graphical user interface, designed for a Desktop environment, to provide instant feedback when threats are detected on the local system. Features include configuring the clamd daemon directly from the GUI, indication of threats via visual cues as well as notifications, monitoring and updating the virus definitions, monitoring various clam-related event logs and messages, quarantining of detected threats, and visual graphing of antivirus activity.

tags | tool, local, virus
systems | linux, unix
MD5 | 44ad07c75457a88ca064b6d1994cb0cc
Ubuntu Security Notice USN-4463-1
Posted Aug 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4463-1 - It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. Kyungtae Kim discovered that the USB testing driver in the Linux kernel did not properly deallocate memory on disconnect events. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-12771, CVE-2020-15393
MD5 | 8e30c40c90742d5c51e764f706653bf5
Red Hat Security Advisory 2020-3475-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3475-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 2dd636fea7e0cd4fa94508d728aee804
WordPress Elegant Testimonial 1.1.6 Persistent Cross Site Scripting
Posted Aug 18, 2020
Authored by Melbin K Mathew

WordPress Elegant Testimonial plugin version 1.1.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | e8f7247b8b5d3df66589d56e5f6e6cbd
Encrypted Linux x86-64 Loadable Kernel Modules (ELKM)
Posted Aug 18, 2020
Authored by cenobyte | Site github.com

In this paper, the author presents ELKM, a Linux tool that provides a mechanism to securely transport and load encrypted Loadable Kernel Modules (LKM). The aim is to protect kernel-based rootkits and implants against observation by Endpoint Detection and Response (EDR) software and to neutralize the effects of recovery by disk forensics tooling. The tool as well as the whitepaper is provided in this archive.

tags | tool, paper, kernel
systems | linux, unix
MD5 | eb8470252a6b4d9620877f82a1676c7e
Red Hat Security Advisory 2020-3474-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3474-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux.

tags | advisory, shell, bash
systems | linux, redhat
advisories | CVE-2019-9924
MD5 | b84476e366afe54f22aacc4f6034cd1d
Ubuntu Security Notice USN-4461-1
Posted Aug 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4461-1 - Dominik Penner discovered that Ark did not properly sanitize zip archive files before performing extraction. An attacker could use this to construct a malicious zip archive that, when opened, would create files outside the extraction directory.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-16116
MD5 | d7be1eab82fc120869e85b601895b87f
D-Link Central WiFi Manager CWM(100) Remote Code Execution
Posted Aug 18, 2020
Authored by M3 at ZionLab, Redouane Niboucha | Site metasploit.com

This Metasploit module exploits a PHP code injection vulnerability in D-Link Central WiFi Manager CWM(100) versions below v1.03R0100_BETA6. The vulnerability exists in the username cookie, which is passed to eval() without being sanitized. Dangerous functions are not disabled by default, which makes it possible to get code execution on the target.

tags | exploit, php, code execution
advisories | CVE-2019-13372
MD5 | ad4f9d0e1e861c8a9f9b8b0544120a4c
UFONet 1.6
Posted Aug 18, 2020
Authored by psy | Site ufonet.03c8.net

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

Changes: Added 8 attacks and updated the documentation, website, and more.
tags | tool, web, denial of service, spoof
systems | unix
MD5 | 49e9e16fbc97e3a2ca94cbab3ae02631
WordPress Click To Top 1.2.7 Persistent Cross Site Scripting
Posted Aug 18, 2020
Authored by Melbin K Mathew

WordPress Click To Top plugin version 1.2.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 034353bf5de3af3777573a98a0d3dea1
Red Hat Security Advisory 2020-3470-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3470-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 46c3dcd8832a698a70eff7357261ec11
Red Hat Security Advisory 2020-3471-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3471-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | ea995a2ae04d35d5cd5e454d9d275ec2
Ubuntu Security Notice USN-4462-1
Posted Aug 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4462-1 - It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-12771
MD5 | e9c488c9eb3bd3627a4b2add26ec9824
WordPress Change Login Logo 1.0.1 Persistent Cross Site Scripting
Posted Aug 18, 2020
Authored by Melbin K Mathew

WordPress Change Login Logo plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 763cbadbe34461bea1f2bf7164f1d92b
Red Hat Security Advisory 2020-3453-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3453-01 - The Matrix Project is a module which handles creating Jenkins multi-configuration projects. Matrix Authorization allows configuring the lowest level permissions, such as starting new builds, configuring items, or deleting them, individually. Python-RSA is a RSA implementation in Python. It can be used as a Python library as well as the commandline utility. Issues addressed include cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss, python
systems | linux, redhat
advisories | CVE-2020-13757, CVE-2020-2224, CVE-2020-2225, CVE-2020-2226
MD5 | 6e1a3a007bbbe22b5ec43c60074e143d
Tailor Management System 1.0 Persistent Cross Site Scripting
Posted Aug 18, 2020
Authored by Ahmed Abbas

Tailor Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | a6a5fc6444651eed933281699eccb04f
Ubuntu Security Notice USN-4460-1
Posted Aug 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4460-1 - It was discovered that Oniguruma incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-16163
MD5 | f6579526b0418897d75dd8a291b4e7f4
vBulletin 5.6.2 Persistent Cross Site Scripting
Posted Aug 18, 2020
Authored by Vincent666 ibn Winnie

vBulletin version 5.6.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 83539608efbcec862e3e4b6d4e872268
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    9 Files
  • 26
    Nov 26th
    11 Files
  • 27
    Nov 27th
    15 Files
  • 28
    Nov 28th
    9 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close