Ubuntu Security Notice 4677-2 - USN-4677-1 fixed a vulnerability in p11-kit. This update provides the corresponding update for Ubuntu 14.04 ESM. David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
0f81965684d8f02484642d9347705445de98996f27f247994ff2917bca625f11IPS Community Suite versions 4.5.4 and below suffer from a remote SQL injection vulnerability in the Downloads REST API.
91f17358440b97a2cdf9126200c78d2bfdc16a8200647806ddf3ac379ef0d629This Metasploit module exploit BITS behavior which tries to connect to the local Windows Remote Management server (WinRM) every times it starts. The module launches a fake WinRM server which listen on port 5985 and triggers BITS. When BITS starts, it tries to authenticate to the Rogue WinRM server, which allows to steal a SYSTEM token. This token is then used to launch a new process as SYSTEM user. In the case of this exploit, notepad.exe is launched as SYSTEM. Then, it writes shellcode in its previous memory space and trigger its execution. As this exploit uses reflective dll injection, it does not write any file on the disk. Vulnerable operating systems are Windows 10 and Windows servers where WinRM is not running. Lab experiments has shown that Windows 7 does not exhibit the vulnerable behavior.
67b5ac7fe880d91740fda6036d3554f5b4435e1a61d47cad34a80f769fb5752cWinAVR version 20100110 suffers from an insecure folder permissions vulnerability.
bd461cb26b2898736c8d9f1d366fcdde0344cb153d28f0bad1acad9d28e1dcceUbuntu Security Notice 4682-1 - It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
929eedf98a6ff84d025783200f1e6528d8460e295c66bc674e3b007bbd134135Newgen Correspondence Management System (corms) eGov version 12.0 suffers from an insecure direct object reference vulnerability.
98f68f10158d2b85702aaf19a10ea75f9cd5c62ee2cd0dae8f77f4dce7f17388Ubuntu Security Notice 4681-1 - Ryan Hall discovered that the Intel 700 Series Ethernet Controllers driver in the Linux kernel did not properly deallocate memory in some conditions. A local attacker could use this to cause a denial of service. It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
2f96e8a8762d330f30d1abc3e8d2122a2742ea875f60a0cb31f866198679dac4WordPress Litespeed Cache plugin version 3.6 suffers from a cross site scripting vulnerability.
d95b2c73ce26df6d9ebdf621de65525e7fcc105a0ce56a28a8d8da0447a4e04bZerologon is a vulnerability in Microsoft's Netlogon Remote Procedural Call (MS-NRPC) protocol. Specifically, this vulnerability occurs due to an incorrect implementation of the AES-128 Counter Feedback mode of operation. This vulnerability was given a CVSS score of 10 by Microsoft and can be carried out by anyone with a foothold in the network. This paper aims to explain the detail and working of MS-NRPC protocol, its vulnerability, and finally cover how to exploit it, something which the original paper by Secura left out.
1e8879b0c6ba12ad9930150a8a890fbd74b58b7738cb0d85c748a3c4e587a875Responsive E-Learning System version 1.0 suffers from a persistent cross site scripting vulnerability.
eb11923fe16e02e8ff7e6a4f535fc54d9ba39cca1630e3e37c6d3b9b97e93b23Responsive E-Learning System version 1.0 suffers from a remote shell upload vulnerability.
7919969d19dd9f9f093964e1ade6335bdd83b56742ccce3a643d34ae3e08aeb9Red Hat Security Advisory 2021-0028-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a buffer overflow vulnerability.
a2902d07a338b3ed662b4b065b3fecb0387e69949217160fd78948729dc9b9caWordPress WP24 Domain Check plugin version 1.6.2 suffers from a persistent cross site scripting vulnerability.
3b7692ce0a0a7b56e95ad1c79f29073c09364cb903f17b8a505c4e028c66a878Ubuntu Security Notice 4680-1 - It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
f8bb161739bd9ff04ef2e592dea7faf6d742ed985cb591f733ceddfc5a9eeca9Expense Tracker version 1.0 suffers from a persistent cross site scripting vulnerability.
0888e6d5ecca95c7a3b1abbf7e4bb7d91da9312e3856461d6fd19116f9c72081Ubuntu Security Notice 4679-1 - It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information. Kiyin discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.
e07a56f716a668c737472e102593ca166693a53044d142d9b71babb7156fc5f3IPeakCMS version 3.5 suffers from a blind remote SQL injection vulnerability.
b55c12362a468cd0019c17cd8af592262215a0de0726f9992ffa3562a30f9b26IObit Uninstaller version 10 Pro suffers from an unquoted service path vulnerability.
36dd956402aadbe2eadaad807f0e764620739cafd2837eb8249a1e0854c59d20Ubuntu Security Notice 4678-1 - It was discovered that the AMD Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. Jann Horn discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations. A local attacker could use this to expose sensitive information or possibly escalate privileges. Various other issues were also addressed.
76fb1e8b149a4027ee272b7b82dc8e68b76dba0c040151881c7eb20f5d207ee8dirsearch version 0.4.1 suffers from a CSV injection vulnerability.
b5022b4e0c55eb58ea15dfa45187d46bb7b978e2077731949fd1ca7ede34f7b9Advanced Webhost Billing System version 3.7.0 suffers from a cross site request forgery vulnerability.
bc3eb51d27d3ddf82da984c0a0e9b5fcfaa7e62708458fba473d13c34d055205
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed