Red Hat Security Advisory 2021-0247-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.
954c22895d4d43ebc7d04d74068c41bcf58a94e529087f70a90b02dc5e11ba55Red Hat Security Advisory 2021-0246-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.
cb45a9116f8565d6f731c13f91dd2417232bc99f8563e15b672f5d1af7cd6ff8Ubuntu Security Notice 4703-1 - It was discovered that Mutt incorrectly handled certain email messages. An attacker could possibly use this issue to cause a denial of service.
a8e070d6a48c80ff7fcd6b821fcefc34bd5ab2b5204669329c6e90e703427ea8Red Hat Security Advisory 2021-0248-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.
a7b3363c6b6f72bc7fece5a7e48270da6996930ad03e880fbc61c2e56c9ade57Red Hat Security Advisory 2021-0250-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.
8bd49d64300ed4dc398964092fdea60bbe46f9adb4fa265e603cee33d0b13966Red Hat Security Advisory 2021-0245-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
7326769caf10d825eb5619b9f2d8672b070282d65b70e5a85363a2d1c93e45d0Red Hat Security Advisory 2021-0240-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
c2e3eb73bcb1335246ba4b75aa396d2cda0e351c17f60e52b2aed87cda2e30f6Backdoor.Win32.DarkKomet.bhfh malware suffers from an insecure permissions vulnerability.
5e23e8cebf4b554d1022781b135685531641bd1e0e5de1411aa270ba43da00e1AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
4fd88d1d5ddc70c698c6519ebbc05c8d32c3f6d8137bbfdefeaebaafd6db867bLogwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.
138f181dea49470e1ef2d39af11b851aef0156500601312ce4de25d3a199b1c1This Metasploit module exploits an ACL bypass in MobileIron MDM products to execute a Groovy gadget against a Hessian-based Java deserialization endpoint.
5c0db542beea98b42c60393d60ff136e823dca9b8c1933fb194541ebcc3d1e48This Metasploit module takes advantages of Archive_Tar versions prior to 1.4.11 which fail to validate file stream wrappers contained within filenames to write an arbitrary file containing user controlled content to an arbitrary file on disk. Note that the file will be written to disk with the permissions of the user that PHP is running as, so it may not be possible to overwrite some files if the PHP user is not appropriately privileged.
1019e130477e9832a8566af946e7e3daa33b70f86ad034baced9732c7dae0aa5Ubuntu Security Notice 4702-1 - It was discovered that Pound incorrectly handled certain HTTP requests A remote attacker could use it to retrieve some sensitive information.
764349a16affc5eb25fe8be6d94c456a3a2f76aa015e49b535ff3dafb6e2b44eGentoo Linux Security Advisory 202101-21 - A vulnerability was discovered in Flatpak which could allow a remote attacker to execute arbitrary code. Versions less than 1.10.0 are affected.
0f52f21604dd7699a13ff158d15c36ff328cdf5dd109074a48b60ae127bfac04Backdoor.Win32.Wollf.16 malware creates and runs a service named contime.exe with SYSTEM integrity and listens on port 5240. The malware uses a weak hardcoded password of 12345678 which can easily be viewed in the binary using strings utility.
4dfcf5cb5dd13d22e26f7d3ce2548607b9ec1c758f0824815af486ad3a4a2471Gentoo Linux Security Advisory 202101-20 - Multiple vulnerabilities have been found in glibc, the worst of which could result in the arbitrary execution of code. Versions less than 2.32-r5 are affected.
f9d7b067bff5300d10cd9382d78f5a1a078a78b23e30e2db4e9367a4dc4fc94fTrojan.Win32.Xocry.ff malware suffers from an insecure permissions vulnerability.
7bda2dbba86039eb606a73724fa19c849bab2a25e44765358766844dd291d300Library System version 1.0 suffers from a remote SQL injection vulnerability.
dccca2fe13671d5be3c8231e8b0a465a87cc9fd8ee62bb09336f50f1a2859c15Gentoo Linux Security Advisory 202101-19 - Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in the arbitrary execution of code. Versions less than 8.272_p10 are affected.
4d07fb0767afc6913a559d71eb5226f3e2f7bb87f722ae38142d273174288bcbBackdoor.Win32.Jokerdoor malware suffers from an insecure permissions vulnerability.
db95627960c8ccdcbcae6793109d46acaf7844f1e8ea542444c771e2eeff1db1Gentoo Linux Security Advisory 202101-18 - Multiple vulnerabilities have been found in Python, the worst of which could result in the arbitrary execution of code. Versions less than 2.7.18-r6:2.7 are affected.
9578a9d0cb15ff763a3edfd7d48c68aa6ccf79ebf8c12ef6a8f43cc834f10a97Gentoo Linux Security Advisory 202101-17 - Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.83 are affected.
d74f76a7c852d4e7f3291ec2d0874f62ca39a4044f320676208797e0e34e79a6142 bytes small Linux/x64 shellcode that binds a password protected shell to TCP 0.0.0.0:4444.
333530589c154018011a1ee45adb6102c069fc8e7b0ef4eaecdb98fd693c95d6Backdoor.Win32.Noknok.50 malware suffers from an insecure permissions vulnerability.
27533fadc8ad93fdb0a876fb5a6b6c8a2361769534eaa4152f4ed79a725f2d18Gentoo Linux Security Advisory 202101-16 - A vulnerability in KDE Connect could lead to a Denial of Service condition. Versions less than 20.04.3-r1 are affected.
28150263cbcf4073e2472dad002e5eed9eb5d879878ef381fc5ebdcf450222b0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed