what you don't know can hurt you
Showing 1 - 25 of 36 RSS Feed

Files Date: 2021-01-25

Red Hat Security Advisory 2021-0247-01
Posted Jan 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0247-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

tags | advisory, java, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-25633, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782, CVE-2020-27822
SHA-256 | 954c22895d4d43ebc7d04d74068c41bcf58a94e529087f70a90b02dc5e11ba55
Red Hat Security Advisory 2021-0246-01
Posted Jan 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0246-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

tags | advisory, java, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-25633, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782, CVE-2020-27822
SHA-256 | cb45a9116f8565d6f731c13f91dd2417232bc99f8563e15b672f5d1af7cd6ff8
Ubuntu Security Notice USN-4703-1
Posted Jan 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4703-1 - It was discovered that Mutt incorrectly handled certain email messages. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-3181
SHA-256 | a8e070d6a48c80ff7fcd6b821fcefc34bd5ab2b5204669329c6e90e703427ea8
Red Hat Security Advisory 2021-0248-01
Posted Jan 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0248-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

tags | advisory, java, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-25633, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782, CVE-2020-27822
SHA-256 | a7b3363c6b6f72bc7fece5a7e48270da6996930ad03e880fbc61c2e56c9ade57
Red Hat Security Advisory 2021-0250-01
Posted Jan 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0250-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

tags | advisory, java, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-25633, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782, CVE-2020-27822
SHA-256 | 8bd49d64300ed4dc398964092fdea60bbe46f9adb4fa265e603cee33d0b13966
Red Hat Security Advisory 2021-0245-01
Posted Jan 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0245-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25684, CVE-2020-25685, CVE-2020-25686
SHA-256 | 7326769caf10d825eb5619b9f2d8672b070282d65b70e5a85363a2d1c93e45d0
Red Hat Security Advisory 2021-0240-01
Posted Jan 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0240-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25684, CVE-2020-25685, CVE-2020-25686
SHA-256 | c2e3eb73bcb1335246ba4b75aa396d2cda0e351c17f60e52b2aed87cda2e30f6
Backdoor.Win32.DarkKomet.bhfh MVID-2021-0052 Insecure Permissions
Posted Jan 25, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.DarkKomet.bhfh malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 5e23e8cebf4b554d1022781b135685531641bd1e0e5de1411aa270ba43da00e1
AIDE 0.17
Posted Jan 25, 2021
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Updated man pages. Removed outdated aide.conf.in. Limited number of nested includes. Updates to documentation and various bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 4fd88d1d5ddc70c698c6519ebbc05c8d32c3f6d8137bbfdefeaebaafd6db867b
Logwatch 7.5.5
Posted Jan 25, 2021
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 138f181dea49470e1ef2d39af11b851aef0156500601312ce4de25d3a199b1c1
MobileIron MDM Hessian-Based Java Deserialization Remote Code Execution
Posted Jan 25, 2021
Authored by Orange Tsai, wvu, iamnoooob, rootxharsh | Site metasploit.com

This Metasploit module exploits an ACL bypass in MobileIron MDM products to execute a Groovy gadget against a Hessian-based Java deserialization endpoint.

tags | exploit, java
advisories | CVE-2020-15505
SHA-256 | 5c0db542beea98b42c60393d60ff136e823dca9b8c1933fb194541ebcc3d1e48
PEAR Archive_Tar Arbitrary File Write
Posted Jan 25, 2021
Authored by gwillcox-r7, xorathustra | Site metasploit.com

This Metasploit module takes advantages of Archive_Tar versions prior to 1.4.11 which fail to validate file stream wrappers contained within filenames to write an arbitrary file containing user controlled content to an arbitrary file on disk. Note that the file will be written to disk with the permissions of the user that PHP is running as, so it may not be possible to overwrite some files if the PHP user is not appropriately privileged.

tags | exploit, arbitrary, php
advisories | CVE-2020-28949
SHA-256 | 1019e130477e9832a8566af946e7e3daa33b70f86ad034baced9732c7dae0aa5
Ubuntu Security Notice USN-4702-1
Posted Jan 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4702-1 - It was discovered that Pound incorrectly handled certain HTTP requests A remote attacker could use it to retrieve some sensitive information.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2016-10711
SHA-256 | 764349a16affc5eb25fe8be6d94c456a3a2f76aa015e49b535ff3dafb6e2b44e
Gentoo Linux Security Advisory 202101-21
Posted Jan 25, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-21 - A vulnerability was discovered in Flatpak which could allow a remote attacker to execute arbitrary code. Versions less than 1.10.0 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2021-21261
SHA-256 | 0f52f21604dd7699a13ff158d15c36ff328cdf5dd109074a48b60ae127bfac04
Backdoor.Win32.Wollf.16 MVID-2021-0051 Hardcoded Password
Posted Jan 25, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Wollf.16 malware creates and runs a service named contime.exe with SYSTEM integrity and listens on port 5240. The malware uses a weak hardcoded password of 12345678 which can easily be viewed in the binary using strings utility.

tags | exploit
systems | windows
SHA-256 | 4dfcf5cb5dd13d22e26f7d3ce2548607b9ec1c758f0824815af486ad3a4a2471
Gentoo Linux Security Advisory 202101-20
Posted Jan 25, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-20 - Multiple vulnerabilities have been found in glibc, the worst of which could result in the arbitrary execution of code. Versions less than 2.32-r5 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10228, CVE-2020-1752, CVE-2020-29562, CVE-2020-29573, CVE-2020-6096
SHA-256 | f9d7b067bff5300d10cd9382d78f5a1a078a78b23e30e2db4e9367a4dc4fc94f
Trojan.Win32.Xocry.ff MVID-2021-0050 Insecure Permissions
Posted Jan 25, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Xocry.ff malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 7bda2dbba86039eb606a73724fa19c849bab2a25e44765358766844dd291d300
Library System 1.0 SQL Injection
Posted Jan 25, 2021
Authored by Aitor Herrero

Library System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dccca2fe13671d5be3c8231e8b0a465a87cc9fd8ee62bb09336f50f1a2859c15
Gentoo Linux Security Advisory 202101-19
Posted Jan 25, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-19 - Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in the arbitrary execution of code. Versions less than 8.272_p10 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803, CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659
SHA-256 | 4d07fb0767afc6913a559d71eb5226f3e2f7bb87f722ae38142d273174288bcb
Backdoor.Win32.Jokerdoor MVID-2021-0048 Insecure Permissions
Posted Jan 25, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Jokerdoor malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | db95627960c8ccdcbcae6793109d46acaf7844f1e8ea542444c771e2eeff1db1
Gentoo Linux Security Advisory 202101-18
Posted Jan 25, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-18 - Multiple vulnerabilities have been found in Python, the worst of which could result in the arbitrary execution of code. Versions less than 2.7.18-r6:2.7 are affected.

tags | advisory, arbitrary, vulnerability, python
systems | linux, gentoo
advisories | CVE-2020-26116, CVE-2021-3177
SHA-256 | 9578a9d0cb15ff763a3edfd7d48c68aa6ccf79ebf8c12ef6a8f43cc834f10a97
Gentoo Linux Security Advisory 202101-17
Posted Jan 25, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-17 - Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.83 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687
SHA-256 | d74f76a7c852d4e7f3291ec2d0874f62ca39a4044f320676208797e0e34e79a6
Linux/x64 Bindshell With Password Shellcode
Posted Jan 25, 2021
Authored by Guillem Alminyana

142 bytes small Linux/x64 shellcode that binds a password protected shell to TCP 0.0.0.0:4444.

tags | shell, tcp, shellcode
systems | linux
SHA-256 | 333530589c154018011a1ee45adb6102c069fc8e7b0ef4eaecdb98fd693c95d6
Backdoor.Win32.Noknok.50 MVID-2021-0047 Insecure Permissions
Posted Jan 25, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Noknok.50 malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 27533fadc8ad93fdb0a876fb5a6b6c8a2361769534eaa4152f4ed79a725f2d18
Gentoo Linux Security Advisory 202101-16
Posted Jan 25, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-16 - A vulnerability in KDE Connect could lead to a Denial of Service condition. Versions less than 20.04.3-r1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2020-26164
SHA-256 | 28150263cbcf4073e2472dad002e5eed9eb5d879878ef381fc5ebdcf450222b0
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close