what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2021-03-10

NuCom 11N Wireless Router 5.07.90 Remote Privilege Escalation
Posted Mar 10, 2021
Authored by LiquidWorm | Site zeroscience.mk

NuCom 11N Wireless Router version 5.07.90 suffers from a remote privilege escalation vulnerability. The non-privileged default user (user:user) can elevate his/her privileges by sending a HTTP GET request to the configuration backup endpoint and disclose the http super password (admin credentials) in Base64 encoded value. Once authenticated as admin, an attacker will be granted access to the additional and privileged pages.

tags | exploit, remote, web
SHA-256 | 15f7d770780a272b1cf912e00ef55dceb3b7e356ee9f9f50e32e3f4e546e0253
Red Hat Security Advisory 2021-0808-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0808-01 - The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-27803
SHA-256 | dc50cf765f11684732b17691caf208929a91dcd12047cda8be84caaf0a5ae5a2
Ubuntu Security Notice USN-4762-1
Posted Mar 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4762-1 - It was discovered that the OpenSSH ssh-agent incorrectly handled memory. A remote attacker able to connect to the agent could use this issue to cause it to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-28041
SHA-256 | 57b873eb3a79a6016c2c1850ac174d4ce1f24861ef1deba79a7e19040a68f8b4
Red Hat Security Advisory 2021-0799-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0799-01 - OpenShift Virtualization 2.6.0 provides a security and bug fix update.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10103, CVE-2018-10105, CVE-2018-14461, CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465, CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881, CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229, CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452, CVE-2018-20843, CVE-2019-11068, CVE-2019-13050
SHA-256 | c9e41b7e3b76af030f4b7bc32f022e0bf362d7f835c72461c837a49b336a0fe2
Microsoft Windows Containers Host Registry Privilege Escalation
Posted Mar 10, 2021
Authored by James Forshaw, Google Security Research

Microsoft Windows Containers Host Registry Virtual Registry Provider does not correctly handle relative opens leading to a process in a server silo being able to access the host registry leading to elevation of privilege.

tags | exploit, registry
systems | windows
advisories | CVE-2021-26864
SHA-256 | 3a9b2da40f527338ce39bbd5dce9bee31cef6c99a0ff4669322be1889064b788
Red Hat Security Advisory 2021-0794-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0794-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.104 and .NET Runtime 5.0.4. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
SHA-256 | a1245974cb3e5b09a8bafce420c1aa0cae3392e976bb1ac52384df5ff4696492
Red Hat Security Advisory 2021-0793-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0793-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.104 and .NET Runtime 5.0.4. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
SHA-256 | 59445dd55209645561799249c3504eafdde1dc3614f6e5a1ba4e2dc965819bfc
WEBIM 10.2.55 Cross Site Scripting
Posted Mar 10, 2021
Authored by AsCiI

WEBIM version 10.2.55 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 34365f3d75180ddf678eedef1c7d9c415bc78469e7781ef30261acb86a365f56
Red Hat Security Advisory 2021-0787-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0787-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.522 and .NET Core Runtime 2.1.26. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
SHA-256 | c0483ca0b32d7ad4ff7247d6f61173bf5f522c729582780b24d81935aa902a23
Red Hat Security Advisory 2021-0789-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0789-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.113 and .NET Core Runtime 3.1.13. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
SHA-256 | c3a9502d0439fb8fc27369293fa15b35dcb7b71696b48192c7e8365dcffdd182
Microsoft Windows Containers Privilege Escalation
Posted Mar 10, 2021
Authored by James Forshaw, Google Security Research

The standard user ContainerUser in a Windows Container has elevated privileges and High integrity level which results in making it administrator equivalent even though it should be a restricted user.

tags | exploit
systems | windows
advisories | CVE-2021-26891
SHA-256 | b317a2978a717df92a18c59b704df44df5773c6029128d2cc21c45a42ecce392
Microsoft Windows Containers AppSilo Object Manager Privilege Escalation
Posted Mar 10, 2021
Authored by James Forshaw, Google Security Research

Microsoft Windows has an issue with containers where the kernel incorrectly chooses the wrong silo when looking up the root object manager directory leading to elevation of privilege.

tags | exploit, kernel, root
systems | windows
advisories | CVE-2021-26865
SHA-256 | 61ec9b60807f6d6645a727c024eefbec09106b0d698526164dadbe9308577687
Red Hat Security Advisory 2021-0788-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0788-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.522 and .NET Core Runtime 2.1.26. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
SHA-256 | 601aa1c3212d9eb8eea8244c56a990d74ff65819993beafe6215bb799c29b0d2
Red Hat Security Advisory 2021-0790-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0790-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.113 and .NET Core Runtime 3.1.13. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
SHA-256 | f63b54de8e059db98b5121d359656826a7982d40810f302ba54a1243a4496c45
Ubuntu Security Notice USN-4761-1
Posted Mar 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4761-1 - Matheus Tavares discovered that Git incorrectly handled delay-capable clean/smudge filters when being used on case-insensitive filesystems. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-21300
SHA-256 | 2862a5d57fdf9124f9b200582cb31794ad9fc9721ccbe477d6d00f636c34fc81
Atlassian JIRA 8.11.1 User Enumeration
Posted Mar 10, 2021
Authored by Dolev Farhi

Atlassian JIRA version 8.11.1 suffers from a user enumeration vulnerability.

tags | exploit
advisories | CVE-2020-14181
SHA-256 | 6584245530e79f39f2415efeba748683f667c83104fcd83cfe44d6c6ab433980
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close