Backdoor.Win32.Onalf malware has a backdoor running on TCP/2020 that does not require any authentication.
8413023933171cccf3cf8f346fc00dc6Backdoor.Win32.Zxman malware has a backdoor running on TCP/2048 that does not require any authentication.
e59d2f563516bdcc00be9a6bd0fe9c3eRed Hat Security Advisory 2021-0079-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.374. Issues addressed include crlf injection and man-in-the-middle vulnerabilities.
889d390eab1057d92e07376a987128afUbuntu Security Notice 4697-2 - USN-4697-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. Various other issues were also addressed.
710757898267e7364668015c59fe295cUbuntu Security Notice 4689-3 - It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
770df623c2eb7e3a6a906c87fae96947Ubuntu Security Notice 4701-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, or execute arbitrary code. It was discovered that the proxy.onRequest API did not catch view-source URLs. If a user were tricked in to installing an extension with the proxy permission and opening View Source, an attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
d5be7805a4212cf046f8575dfc0f5c39Red Hat Security Advisory 2021-0034-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include XML injection, crlf injection, and information leakage vulnerabilities.
e62587459bb9d69e6473529a4b2a2763Backdoor.Win32.Whisper.b malware suffers from a remote stack corruption vulnerability.
4bd5113d73f55e63e170f6485cf89911Oracle Business Intelligence Enterprise Edition version 11.1.1.7.140715 suffers from a persistent cross site scripting vulnerability.
c448226654355b79bade72089c37c5baBackdoor.Win32.Whirlpool.10 malware suffers from a remote stack buffer overflow vulnerability.
c3d3b273680f8c02a4ca076c42f19836Backdoor.Win32.Zombam.geq malware suffers from a remote buffer overflow vulnerability.
0e05a63a804977c46a87862508e94e15Voting System version 1.0 suffers from a remote shell upload vulnerability.
914e629a4a5d9a24d137afe82a7997e2Ubuntu Security Notice 4700-1 - Alexandre D'Hondt discovered that PyXDG did not properly sanitize input. An attacker could exploit this with a crafted .menu file to execute arbitrary code.
c2db4cbb17bceeecfeb5154b0698a988Church Rota version 2.6.4 suffers from an authenticated remote shell upload vulnerability.
e841fbff38c5cede21d193f544b6a04e113 bytes small Linux/x86 Socat bind shellcode.
bb6b9dc9e8fde4989a5257fab4161276
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed