what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2021-03-10

NuCom 11N Wireless Router 5.07.90 Remote Privilege Escalation
Posted Mar 10, 2021
Authored by LiquidWorm | Site zeroscience.mk

NuCom 11N Wireless Router version 5.07.90 suffers from a remote privilege escalation vulnerability. The non-privileged default user (user:user) can elevate his/her privileges by sending a HTTP GET request to the configuration backup endpoint and disclose the http super password (admin credentials) in Base64 encoded value. Once authenticated as admin, an attacker will be granted access to the additional and privileged pages.

tags | exploit, remote, web
MD5 | 3e5b31a9ca75c80c897dddb08355d3a0
Red Hat Security Advisory 2021-0808-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0808-01 - The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-27803
MD5 | 0ccefc938067864451216ef4127ddb5e
Ubuntu Security Notice USN-4762-1
Posted Mar 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4762-1 - It was discovered that the OpenSSH ssh-agent incorrectly handled memory. A remote attacker able to connect to the agent could use this issue to cause it to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-28041
MD5 | 0e90f1e3a51fa95bece293da11297ac1
Red Hat Security Advisory 2021-0799-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0799-01 - OpenShift Virtualization 2.6.0 provides a security and bug fix update.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10103, CVE-2018-10105, CVE-2018-14461, CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465, CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881, CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229, CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452, CVE-2018-20843, CVE-2019-11068, CVE-2019-13050
MD5 | 63f5f12b88a749de92419dad2fbf225a
Microsoft Windows Containers Host Registry Privilege Escalation
Posted Mar 10, 2021
Authored by James Forshaw, Google Security Research

Microsoft Windows Containers Host Registry Virtual Registry Provider does not correctly handle relative opens leading to a process in a server silo being able to access the host registry leading to elevation of privilege.

tags | exploit, registry
systems | windows
advisories | CVE-2021-26864
MD5 | 6305bd287c8bfb28100d961cbddfdabb
Red Hat Security Advisory 2021-0794-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0794-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.104 and .NET Runtime 5.0.4. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
MD5 | 79f06c07f04dcea566b956e77378cc57
Red Hat Security Advisory 2021-0793-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0793-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.104 and .NET Runtime 5.0.4. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
MD5 | 8ceb2c5bf64172395ae1ecd119c44f85
WEBIM 10.2.55 Cross Site Scripting
Posted Mar 10, 2021
Authored by AsCiI

WEBIM version 10.2.55 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a3ec375b8ed0d10585f9993b568e369a
Red Hat Security Advisory 2021-0787-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0787-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.522 and .NET Core Runtime 2.1.26. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
MD5 | d4160e745549f391c0982895a0f1ae64
Red Hat Security Advisory 2021-0789-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0789-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.113 and .NET Core Runtime 3.1.13. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
MD5 | 402a73ccbb2e3fca73188af7fdbfe7b4
Microsoft Windows Containers Privilege Escalation
Posted Mar 10, 2021
Authored by James Forshaw, Google Security Research

The standard user ContainerUser in a Windows Container has elevated privileges and High integrity level which results in making it administrator equivalent even though it should be a restricted user.

tags | exploit
systems | windows
advisories | CVE-2021-26891
MD5 | 70e9e9e164d2ee60daaa05a5afd67fe4
Microsoft Windows Containers AppSilo Object Manager Privilege Escalation
Posted Mar 10, 2021
Authored by James Forshaw, Google Security Research

Microsoft Windows has an issue with containers where the kernel incorrectly chooses the wrong silo when looking up the root object manager directory leading to elevation of privilege.

tags | exploit, kernel, root
systems | windows
advisories | CVE-2021-26865
MD5 | d249fdb9dab1efdef449b7c32504cdc9
Red Hat Security Advisory 2021-0788-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0788-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.522 and .NET Core Runtime 2.1.26. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
MD5 | b850c1cc513aa413b93bde3bdc75800c
Red Hat Security Advisory 2021-0790-01
Posted Mar 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0790-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.113 and .NET Core Runtime 3.1.13. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-26701
MD5 | eb95407c71b76cb32b97316dde18195c
Ubuntu Security Notice USN-4761-1
Posted Mar 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4761-1 - Matheus Tavares discovered that Git incorrectly handled delay-capable clean/smudge filters when being used on case-insensitive filesystems. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-21300
MD5 | 7a9a215b27ae633fcf542a2b4f854615
Atlassian JIRA 8.11.1 User Enumeration
Posted Mar 10, 2021
Authored by Dolev Farhi

Atlassian JIRA version 8.11.1 suffers from a user enumeration vulnerability.

tags | exploit
advisories | CVE-2020-14181
MD5 | 0714aa88ecffa84268491301c15d682a
Page 1 of 1
Back1Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    1 Files
  • 18
    Apr 18th
    1 Files
  • 19
    Apr 19th
    19 Files
  • 20
    Apr 20th
    18 Files
  • 21
    Apr 21st
    30 Files
  • 22
    Apr 22nd
    18 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close