This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload (RAU) component of Telerik UI ASP.NET AJAX that is identified as CVE-2019-18935. In order to do so the module must upload a mixed mode .NET assembly DLL which is then loaded through the deserialization flaw. Uploading the file requires knowledge of the cryptographic keys used by RAU. The default values used by this module are related to CVE-2017-11317, which once patched randomizes these keys. It is also necessary to know the version of Telerik UI ASP.NET that is running. This version number is in the format YYYY.#(.###)? where YYYY is the year of the release (e.g. 2020.3.915).
1681e42767479128abf9e29c90cc76ef
Red Hat Security Advisory 2020-4273-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection and traversal vulnerabilities.
72d8c356c9cc0a19caa3b0627e759faf
Red Hat Security Advisory 2020-4265-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include cross site scripting and information leakage vulnerabilities.
fc5f3d735091b90521ba11e138019899
Ubuntu Security Notice 4593-1 - Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.
e2d87527b97b4f6bcee00e01fde7e52a
Gentoo Linux Security Advisory 202010-6 - Ark was found to allow arbitrary file overwrite, possibly allowing arbitrary code execution. Versions less than 20.04.3-r2 are affected.
0bb741fdae06e4dfc77ed8440d31aa75
Gentoo Linux Security Advisory 202010-5 - Multiple vulnerabilities have been found in LibRaw, the worst of which may allow attackers to execute arbitrary code. Versions less than 0.20.0 are affected.
76e91535a6c1e9a6c0ee52a16e658865
WordPress Colorbox Lightbox plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
ef40174eaa8a07fa5a7be5da053c7ba3
Red Hat Security Advisory 2020-4276-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
8f02e2974c6f914cdd056bd8c84237ca
An unauthenticated remote code execution vulnerability was found in the LISTSERV Maestro software, versions 9.0-8 and below. This vulnerability stems from a known issue in struts, CVE-2010-1870, that allows for code execution via OGNL Injection. This vulnerability has been confirmed to be exploitable in both the Windows and Linux version of the software and has existed in the LISTSERV Maestro software since at least version 8.1-5. As a result, a specially crafted HTTP request can be constructed that executes code in the context of the web application. Exploitation of this vulnerability does not require authentication and can lead to root level privilege on any system running the LISTServ Maestro services.
a3168454ee163a5555ee9cdd35609b72
Ubuntu Security Notice 4592-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.
ea8ffa29056c97fd916af3807500cfd8
Red Hat Security Advisory 2020-4290-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a use-after-free vulnerability.
960dd358dbfac272d13833dcae92bb78
WordPress Rest Google Maps plugin versions prior to 7.11.18 suffer from a remote SQL injection vulnerability.
099630f13baa8394edaff5afba8207ca
Gentoo Linux Security Advisory 202010-4 - Multiple vulnerabilities have been found in libxml2, the worst of which could result in a Denial of Service condition. Versions less than 2.9.10 are affected.
c8ff946a0249d14be03810a74d523804
This Metasploit module attempts to create a new login session by invoking the su command of a valid username and password. If the login is successful, a new session is created via the specified payload. Because su forces passwords to be passed over stdin, this module attempts to invoke a pseudo-terminal with python, python3, or script.
9ca7ce56dad3e9758e96d3f376c0f96f
Red Hat Security Advisory 2020-4291-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
5b276d0f7b184fae79a9c8e8244ea5ea
Visitor Management System in PHP version 1.0 suffers from an authenticated remote SQL injection vulnerability.
8033f7aca5a8c9fe62862c58e36e983e
User Registration and Login and User Management System with admin panel version 2.1 suffers from a persistent cross site scripting vulnerability.
f2d57da28dcedaf4b1bfdcb6fcc10c77
Red Hat Security Advisory 2020-4286-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
ca2183424ce189f07dabb3e9fde5d6f6
Gentoo Linux Security Advisory 202010-3 - An information disclosure vulnerability in libjpeg-turbo allow remote attackers to obtain sensitive information. Versions 2.0.4-r1 are affected.
c41e8764f72fbfba8fd43336c2c227d5
WordPress HS Brand Logo Slider plugin version 2.1 suffers from a remote shell upload vulnerability.
247365fd8094a2f47aef67d768cb364f
Red Hat Security Advisory 2020-4289-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.
51c6fb98b1d3707da3d7531842005a5d
Ubuntu Security Notice 4591-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.
5d0eee3a0d51a48fdc43a1f3e9d24038
Ultimate Project Manager CRM PRO versions 2.0.5 and below suffer from a remote SQL injection vulnerability.
0218911dc1316838cdde1cba109f6620
Apache Struts 2 DefaultActionMapper Prefixes OGNL remote code execution exploit.
4bacfb503bb7a49d5262f888693bb1b8
Red Hat Security Advisory 2020-4287-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and information leakage vulnerabilities.
0e9b2a44406e1502eb1daf6f63e7d8d9