This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload (RAU) component of Telerik UI ASP.NET AJAX that is identified as CVE-2019-18935. In order to do so the module must upload a mixed mode .NET assembly DLL which is then loaded through the deserialization flaw. Uploading the file requires knowledge of the cryptographic keys used by RAU. The default values used by this module are related to CVE-2017-11317, which once patched randomizes these keys. It is also necessary to know the version of Telerik UI ASP.NET that is running. This version number is in the format YYYY.#(.###)? where YYYY is the year of the release (e.g. 2020.3.915).
1681e42767479128abf9e29c90cc76efRed Hat Security Advisory 2020-4273-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection and traversal vulnerabilities.
72d8c356c9cc0a19caa3b0627e759fafRed Hat Security Advisory 2020-4265-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include cross site scripting and information leakage vulnerabilities.
fc5f3d735091b90521ba11e138019899Ubuntu Security Notice 4593-1 - Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.
e2d87527b97b4f6bcee00e01fde7e52aGentoo Linux Security Advisory 202010-6 - Ark was found to allow arbitrary file overwrite, possibly allowing arbitrary code execution. Versions less than 20.04.3-r2 are affected.
0bb741fdae06e4dfc77ed8440d31aa75Gentoo Linux Security Advisory 202010-5 - Multiple vulnerabilities have been found in LibRaw, the worst of which may allow attackers to execute arbitrary code. Versions less than 0.20.0 are affected.
76e91535a6c1e9a6c0ee52a16e658865WordPress Colorbox Lightbox plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
ef40174eaa8a07fa5a7be5da053c7ba3Red Hat Security Advisory 2020-4276-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
8f02e2974c6f914cdd056bd8c84237caAn unauthenticated remote code execution vulnerability was found in the LISTSERV Maestro software, versions 9.0-8 and below. This vulnerability stems from a known issue in struts, CVE-2010-1870, that allows for code execution via OGNL Injection. This vulnerability has been confirmed to be exploitable in both the Windows and Linux version of the software and has existed in the LISTSERV Maestro software since at least version 8.1-5. As a result, a specially crafted HTTP request can be constructed that executes code in the context of the web application. Exploitation of this vulnerability does not require authentication and can lead to root level privilege on any system running the LISTServ Maestro services.
a3168454ee163a5555ee9cdd35609b72Ubuntu Security Notice 4592-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.
ea8ffa29056c97fd916af3807500cfd8Red Hat Security Advisory 2020-4290-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a use-after-free vulnerability.
960dd358dbfac272d13833dcae92bb78WordPress Rest Google Maps plugin versions prior to 7.11.18 suffer from a remote SQL injection vulnerability.
099630f13baa8394edaff5afba8207caGentoo Linux Security Advisory 202010-4 - Multiple vulnerabilities have been found in libxml2, the worst of which could result in a Denial of Service condition. Versions less than 2.9.10 are affected.
c8ff946a0249d14be03810a74d523804This Metasploit module attempts to create a new login session by invoking the su command of a valid username and password. If the login is successful, a new session is created via the specified payload. Because su forces passwords to be passed over stdin, this module attempts to invoke a pseudo-terminal with python, python3, or script.
9ca7ce56dad3e9758e96d3f376c0f96fRed Hat Security Advisory 2020-4291-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
5b276d0f7b184fae79a9c8e8244ea5eaVisitor Management System in PHP version 1.0 suffers from an authenticated remote SQL injection vulnerability.
8033f7aca5a8c9fe62862c58e36e983eUser Registration and Login and User Management System with admin panel version 2.1 suffers from a persistent cross site scripting vulnerability.
f2d57da28dcedaf4b1bfdcb6fcc10c77Red Hat Security Advisory 2020-4286-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
ca2183424ce189f07dabb3e9fde5d6f6Gentoo Linux Security Advisory 202010-3 - An information disclosure vulnerability in libjpeg-turbo allow remote attackers to obtain sensitive information. Versions 2.0.4-r1 are affected.
c41e8764f72fbfba8fd43336c2c227d5WordPress HS Brand Logo Slider plugin version 2.1 suffers from a remote shell upload vulnerability.
247365fd8094a2f47aef67d768cb364fRed Hat Security Advisory 2020-4289-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.
51c6fb98b1d3707da3d7531842005a5dUbuntu Security Notice 4591-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.
5d0eee3a0d51a48fdc43a1f3e9d24038Ultimate Project Manager CRM PRO versions 2.0.5 and below suffer from a remote SQL injection vulnerability.
0218911dc1316838cdde1cba109f6620Apache Struts 2 DefaultActionMapper Prefixes OGNL remote code execution exploit.
4bacfb503bb7a49d5262f888693bb1b8Red Hat Security Advisory 2020-4287-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and information leakage vulnerabilities.
0e9b2a44406e1502eb1daf6f63e7d8d9
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed