exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-09-15

ModSecurity 3.0.x Denial Of Service
Posted Sep 15, 2020
Authored by Christian Folini

ModSecurity version 3.0.x suffers from a denial of service vulnerability due to the handling of regular expression matching. ModSecurity version 3.0.x is affected by a denial of service vulnerability due to the global matching of regular expressions. The combination of a non-anchored regular expression and the ModSecurity capture action can be exploited via a specially crafted payload.

tags | advisory, denial of service
advisories | CVE-2020-15598
SHA-256 | df79f2392e827d107f0ec05ae4fe67b4b9956f6a18d720baf532bbded9256ab4
Ubuntu Security Notice USN-4500-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4500-1 - It was discovered that bsdiff mishandled certain input. If a user were tricked into opening a malicious file, an attacker could cause bsdiff to crash or potentially execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9862
SHA-256 | ad79f2339f758eb6de120943827cf5912e41e6e5269955e5c50c38008853d145
Ubuntu Security Notice USN-4498-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4498-1 - It was discovered that Loofah does not properly sanitize JavaScript in sanitized output. An attacker could possibly use this issue to perform XSS attacks.

tags | advisory, javascript
systems | linux, ubuntu
advisories | CVE-2019-15587
SHA-256 | 88d4e83dbb53e89c4500d9d0e93cd5f4caff49dfd2b7395e75e7ae1611a739c6
Ubuntu Security Notice USN-4499-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4499-1 - It was discovered that MilkyTracker did not properly handle certain input. If a user were tricked into opening a malicious file, an attacker could cause MilkyTracker to crash or potentially execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14464
SHA-256 | ce73b6a694072285fb74e4e0fb23e56ada9f32aac639e5e89ba32c1ada7fcc25
Ubuntu Security Notice USN-4497-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4497-1 - It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJPEG did not properly handle certain input. If OpenJPEG were supplied with specially crafted input, it could be made to crash or potentially execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9112, CVE-2019-12973
SHA-256 | 74e3c9ec57d378bfed6df67fdfda72eebec0620c3bf0135a0ad613d960d815e5
Red Hat Security Advisory 2020-3757-01
Posted Sep 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3757-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-2911, CVE-2019-2914, CVE-2019-2938, CVE-2019-2946, CVE-2019-2957, CVE-2019-2960, CVE-2019-2963, CVE-2019-2966, CVE-2019-2967, CVE-2019-2968, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2993, CVE-2019-2997, CVE-2019-2998, CVE-2019-3004, CVE-2019-3009, CVE-2019-3011, CVE-2019-3018, CVE-2020-14539, CVE-2020-14540, CVE-2020-14547, CVE-2020-14550, CVE-2020-14553, CVE-2020-14559, CVE-2020-14567, CVE-2020-14568
SHA-256 | 38d88d4582fd8e4b4af72cbfff99013cc4f4e4f40fa1d110cb89951a4a135182
Ubuntu Security Notice USN-4496-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4496-1 - It was discovered that Apache XML-RPC does not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-17570
SHA-256 | 0d11bb361d9214af8b8e07592fe8af5981b3411a2ea5248352424c6214828223
TOR Virtual Network Tunneling Tool 0.4.4.5
Posted Sep 15, 2020
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.4.4.5 is the first stable release in the 0.4.4.x series. This series improves their guard selection algorithms, adds v3 onion balance support, improves the amount of code that can be disabled when running without relay support, and includes numerous small bugfixes and enhancements. It also lays the ground for some IPv6 features that they will be developing more in the next (0.4.5) series.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | a45ca00afe765e3baa839767c9dd6ac9a46dd01720a3a8ff4d86558c12359926
ThinkAdmin 6 Arbitrary File Read
Posted Sep 15, 2020
Authored by Hzllaga

ThinkAdmin version 6 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
advisories | CVE-2020-25540
SHA-256 | fe42cf04f2cdc9bb862216f8963016b2fe0628e81ef14d9bc2127976f892f768
Tailor MS 1.0 Cross Site Scripting
Posted Sep 15, 2020
Authored by Bobby Cooke, hyd3sec

Tailor MS version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e5d3f596826a09594cd3da84dcda261dea5ea9721eb1dcd54f95e306795f8d75
Red Hat Security Advisory 2020-3756-01
Posted Sep 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3756-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2020-14352
SHA-256 | a0672f9c6434ac91b420476fae2e94c3bde749deb7e9eccd76c148d2fa5e4b8a
Red Hat Security Advisory 2020-3755-01
Posted Sep 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3755-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-2911, CVE-2019-2914, CVE-2019-2938, CVE-2019-2946, CVE-2019-2957, CVE-2019-2960, CVE-2019-2963, CVE-2019-2966, CVE-2019-2967, CVE-2019-2968, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2993, CVE-2019-2997, CVE-2019-2998, CVE-2019-3004, CVE-2019-3009, CVE-2019-3011, CVE-2019-3018, CVE-2020-14539, CVE-2020-14540, CVE-2020-14547, CVE-2020-14550, CVE-2020-14553, CVE-2020-14559, CVE-2020-14567, CVE-2020-14568
SHA-256 | 8088018e49ab602ff0af5b3d632c13312fe2641a979d34c831b2c4024601772b
Ubuntu Security Notice USN-4495-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4495-1 - It was discovered that Apache Log4j does not properly deserialize untrusted data. An attacker could possibly use this issue to remotely execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-17571
SHA-256 | d53f82097b8b22273ce0af7583c015d35c35509bef10c5df372286782ec1f909
Ubuntu Security Notice USN-4494-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4494-1 - It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-12695
SHA-256 | d3875434bb5b4c21a1998c33ca3377de59ad32d63e34614ddb94c1795d6e9839
Red Hat Security Advisory 2020-3749-01
Posted Sep 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3749-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2020-14352
SHA-256 | f2a8493e6bfb74fbfb4e576afd201300cc783d8e0cc85a1e307d449e5d20c98d
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close