exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-09-02

COVR 3902 1.01B0 Hardcoded Credentials
Posted Sep 2, 2020
Authored by CSW Research Lab

The COVR 3902 REVA router with firmware 1.01B0 has hardcoded telnet credentials.

tags | exploit
advisories | CVE-2018-20432
MD5 | ba5f94886ff6503e7b4c0cfef4f0092e
Go CGI / FastCGI Transport Cross Site Scripting
Posted Sep 2, 2020
Site redteam-pentesting.de

The CGI and FastCGI implementations in the Go standard library behave differently from the HTTP server implementation when serving content. In contrast to the documented behavior, they may return non-HTML data as HTML. This may lead to cross site scripting vulnerabilities even if uploaded data has been validated during upload. Versions 1.15 and 1.14.7 and below are affected.

tags | exploit, web, cgi, vulnerability, xss
advisories | CVE-2020-24553
MD5 | 130ddc7a83a7200dee6d6d19904f8bd0
Ubuntu Security Notice USN-4487-1
Posted Sep 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4487-1 - Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. Jayden Rivers discovered that libx11 incorrectly handled locales. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-14344, CVE-2020-14363
MD5 | 24979d028c4f9afba0853484ef80f628
Ubuntu Security Notice USN-4488-1
Posted Sep 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4488-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-14346, CVE-2020-14347, CVE-2020-14361, CVE-2020-14362
MD5 | c1fb4cc9f0f5241da7a5ed5b69d9a826
Red Hat Security Advisory 2020-3539-01
Posted Sep 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3539-01 - This release of Red Hat build of Thorntail 2.7.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service, deserialization, and improper authorization vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-10758, CVE-2020-14297, CVE-2020-14307, CVE-2020-1710, CVE-2020-1728, CVE-2020-1748
MD5 | ee9ccdb705db5bec1e84246752ab0e5e
Ubuntu Security Notice USN-4486-1
Posted Sep 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4486-1 - Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2018-10323
MD5 | 0d6a96e56e6f4802efd041fd7f80f8e8
Ubuntu Security Notice USN-4485-1
Posted Sep 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4485-1 - Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915_gem_execbuffer2_ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-20669, CVE-2019-19947, CVE-2019-20810, CVE-2020-10732, CVE-2020-10766, CVE-2020-10767, CVE-2020-10768, CVE-2020-10781, CVE-2020-12655, CVE-2020-12656, CVE-2020-12771, CVE-2020-13974, CVE-2020-15393, CVE-2020-24394
MD5 | 3eab8c5a9aa035dc793457aedf9c3e72
Ubuntu Security Notice USN-4483-1
Posted Sep 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4483-1 - Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service. Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-20810, CVE-2020-10757, CVE-2020-10766, CVE-2020-10767, CVE-2020-10768, CVE-2020-10781, CVE-2020-12655, CVE-2020-12656, CVE-2020-12771, CVE-2020-13974, CVE-2020-14356, CVE-2020-15393, CVE-2020-24394
MD5 | 956d025e726890073a04c74a86361f70
Ubuntu Security Notice USN-4484-1
Posted Sep 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4484-1 - It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-14356
MD5 | 846be0f234570fd41203c5e1a5fd5655
Ubuntu Security Notice USN-4482-1
Posted Sep 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4482-1 - Fabian Vogt discovered that Ark incorrectly handled symbolic links in tar archive files. An attacker could use this to construct a malicious tar archive that, when opened, would create files outside the extraction directory.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-24654
MD5 | 1c5791fe104e014135e1e276edeec3b2
Red Hat Security Advisory 2020-3600-01
Posted Sep 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3600-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2020-14365
MD5 | dabedd16e82458c90bb0a6be1c036650
Red Hat Security Advisory 2020-3602-01
Posted Sep 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3602-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2020-14365
MD5 | 2e68a031de72083869a7bd6c4c96c46c
Red Hat Security Advisory 2020-3601-01
Posted Sep 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3601-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2020-14365
MD5 | bd80a94180a8fc95a088f03fd265c37a
Red Hat Security Advisory 2020-3580-01
Posted Sep 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3580-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8557
MD5 | b9a6b3a8536931da0a9970960c339fc5
Red Hat Security Advisory 2020-3579-01
Posted Sep 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3579-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8557
MD5 | 1eecfa5bf66777e39dc8f690fa6cca35
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close