Ubuntu Security Notice 4677-2 - USN-4677-1 fixed a vulnerability in p11-kit. This update provides the corresponding update for Ubuntu 14.04 ESM. David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
f0cd253812e585b78a6df0d24f050a4cIPS Community Suite versions 4.5.4 and below suffer from a remote SQL injection vulnerability in the Downloads REST API.
dbfe43c17c45eb62df239a2a07b7e8dbThis Metasploit module exploit BITS behavior which tries to connect to the local Windows Remote Management server (WinRM) every times it starts. The module launches a fake WinRM server which listen on port 5985 and triggers BITS. When BITS starts, it tries to authenticate to the Rogue WinRM server, which allows to steal a SYSTEM token. This token is then used to launch a new process as SYSTEM user. In the case of this exploit, notepad.exe is launched as SYSTEM. Then, it writes shellcode in its previous memory space and trigger its execution. As this exploit uses reflective dll injection, it does not write any file on the disk. Vulnerable operating systems are Windows 10 and Windows servers where WinRM is not running. Lab experiments has shown that Windows 7 does not exhibit the vulnerable behavior.
c3736b57f1257197d426a69fdf409d38WinAVR version 20100110 suffers from an insecure folder permissions vulnerability.
428d966806f4ae15ed0728e4203aed21Ubuntu Security Notice 4682-1 - It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
071a6f4ed83c58b35aaeadaa4f78066aNewgen Correspondence Management System (corms) eGov version 12.0 suffers from an insecure direct object reference vulnerability.
bbc08f228aff63db79a074191ab587d5Ubuntu Security Notice 4681-1 - Ryan Hall discovered that the Intel 700 Series Ethernet Controllers driver in the Linux kernel did not properly deallocate memory in some conditions. A local attacker could use this to cause a denial of service. It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
91670808904d9a205af1af1baa6a1ec2WordPress Litespeed Cache plugin version 3.6 suffers from a cross site scripting vulnerability.
af1857458cade17103a6192aa43d0c94Zerologon is a vulnerability in Microsoft's Netlogon Remote Procedural Call (MS-NRPC) protocol. Specifically, this vulnerability occurs due to an incorrect implementation of the AES-128 Counter Feedback mode of operation. This vulnerability was given a CVSS score of 10 by Microsoft and can be carried out by anyone with a foothold in the network. This paper aims to explain the detail and working of MS-NRPC protocol, its vulnerability, and finally cover how to exploit it, something which the original paper by Secura left out.
941b59db31d2ceb9c4233ac44fa7d62aResponsive E-Learning System version 1.0 suffers from a persistent cross site scripting vulnerability.
0edd9eacab7dc088ea519d8be32fdaceResponsive E-Learning System version 1.0 suffers from a remote shell upload vulnerability.
34fb807bfbcc5b76646c356f0de6c804Red Hat Security Advisory 2021-0028-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a buffer overflow vulnerability.
0f1582cc1394bfa1362cd67f38867105WordPress WP24 Domain Check plugin version 1.6.2 suffers from a persistent cross site scripting vulnerability.
a21c4943747c5ddaf7b0c8d4d6b38314Ubuntu Security Notice 4680-1 - It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
d9396f87744b985c8e687f3925ea532cExpense Tracker version 1.0 suffers from a persistent cross site scripting vulnerability.
f50443d37ac5248774fffa035e66629dUbuntu Security Notice 4679-1 - It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information. Kiyin discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.
1ace1ae8d4759419772bc1a1bdf880c4IPeakCMS version 3.5 suffers from a blind remote SQL injection vulnerability.
fd41ea112ebec6f86b624347ff915c4eIObit Uninstaller version 10 Pro suffers from an unquoted service path vulnerability.
05b823bd4601150440f2c83603c5df78Ubuntu Security Notice 4678-1 - It was discovered that the AMD Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. Jann Horn discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations. A local attacker could use this to expose sensitive information or possibly escalate privileges. Various other issues were also addressed.
b3036de92a3edb42e7057a8095180d7cdirsearch version 0.4.1 suffers from a CSV injection vulnerability.
47356fd06c423a7a4a4e4fc4ab7e4400Advanced Webhost Billing System version 3.7.0 suffers from a cross site request forgery vulnerability.
322e1cc37285fbfcaf5ed1c2abb3cf49
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed