what you don't know can hurt you
Showing 1 - 24 of 24 RSS Feed

Files Date: 2021-03-25

Red Hat Security Advisory 2021-0992-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0992-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 733b0f1a6487f3ea89ed22f34470c0f7
Ubuntu Security Notice USN-4890-1
Posted Mar 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4890-1 - Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information. Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27170, CVE-2020-27171
MD5 | 99fda04e62a9dedd76b21402a376b8ad
Red Hat Security Advisory 2021-0996-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0996-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 485bd0846f543d3cc7f9a52abaf90a21
FortiLogger Arbitrary File Upload
Posted Mar 25, 2021
Authored by Berkan Er | Site metasploit.com

This Metasploit module exploits an unauthenticated arbitrary file upload in FortiLogger via an insecure POST request. It has been tested on versions prior to 5.2.0 in Windows 10 Enterprise.

tags | exploit, arbitrary, file upload
systems | windows
advisories | CVE-2021-3378
MD5 | e0599a186c02f74ac877f0ee7bf396ad
Ubuntu Security Notice USN-4889-1
Posted Mar 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4889-1 - Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
MD5 | 96a483ce597a7b17996c0efe3f5a9d19
OpenSSL Toolkit 1.1.1k
Posted Mar 25, 2021
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag. Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | c4e7d95f782b08116afa27b30393dd27
Linksys EA7500 2.0.8.194281 Cross Site Scripting
Posted Mar 25, 2021
Authored by MiningOmerta

Linksys EA7500 version 2.0.8.194281 suffers from a cross site scripting vulnerability due to an old jQuery version.

tags | exploit, xss
advisories | CVE-2012-6708
MD5 | d1b15373214ce318f643eaca0eb8ab6d
Backdoor.Win32.DarkKomet.gozu Insecure Permissions
Posted Mar 25, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.DarkKomet.gozu malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
MD5 | f888eb4ba2053726c10a02daa53af134
Ubuntu Security Notice USN-4888-1
Posted Mar 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4888-1 - Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue to cause the LDAP server to crash, resulting in a denial of service. Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain DN strings. A remote attacker could use this issue to cause the LDAP server to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-27840, CVE-2021-20277
MD5 | 68476cbff2be3b86caf597a6c57630f2
Red Hat Security Advisory 2021-0991-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0991-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 1731b7821447c2facdea627ff316d371
Red Hat Security Advisory 2021-0994-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0994-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 67797af2fb70a936c33eea7b4b553d95
Genexis Platinum-4410 P4410-V2-1.31A Cross Site Scripting
Posted Mar 25, 2021
Authored by Jithin KS

Genexis Platinum-4410 version P4410-V2-1.31A suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 847b81631254f6ce93688f5b359ee379
Worm.Win32.Ngrbot.acno Insecure Permissions
Posted Mar 25, 2021
Authored by malvuln | Site malvuln.com

Worm.Win32.Ngrbot.acno malware suffers from an insecure permissions vulnerability.

tags | exploit, worm
systems | windows
MD5 | b1fa08112e7ed4c8429cd2487b58add7
Red Hat Security Advisory 2021-0989-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0989-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | f746f33fe09674ebd846f4997a9116b9
Red Hat Security Advisory 2021-0993-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0993-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 4bf3d710a4f1ceafce1c197be71f9dca
Exploiting XXE Via File Uploads
Posted Mar 25, 2021
Authored by Neha Gupta

Whitepaper that discusses XXE exploitation via file uploads.

tags | paper, file upload
MD5 | 6297f76616d0df90e80a81841b4d2d54
Worm.Win32.Recyl.dp Insecure Permissions
Posted Mar 25, 2021
Authored by malvuln | Site malvuln.com

Worm.Win32.Recyl.dp malware suffers from an insecure permissions vulnerability.

tags | exploit, worm
systems | windows
MD5 | 2f1b36b68f5c41439b070966e75854b6
Red Hat Security Advisory 2021-0995-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0995-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 10a9a7a671e4c1aec2fd1223d491c4e1
Red Hat Security Advisory 2021-0990-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0990-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | bb311d79b5aeefbfec98a69bd3281455
Red Hat Security Advisory 2021-0988-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0988-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2015-8011, CVE-2020-14349, CVE-2020-14350
MD5 | 981fde6a7e44ef5f48311d14cd4c76d9
Ovidentia 6 SQL Injection
Posted Mar 25, 2021
Authored by Felipe Prates Donato

Ovidentia version 6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8bdd2ad015abdbdbdbec25c8fd93bac5
Red Hat Security Advisory 2021-0833-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0833-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.404. Issues addressed include denial of service and integer overflow vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-27813
MD5 | 0054f0a5dcb0f8e09a45161ad0b1d254
Dolibarr ERP/CRM 11.0.4 Bypass / Code Execution
Posted Mar 25, 2021
Authored by Andrea Gonzalez

Dolibarr ERP/CRM version 11.0.4 authenticated file upload restrictions bypass exploit that achieves remote code execution.

tags | exploit, remote, code execution, bypass, file upload
advisories | CVE-2020-14209
MD5 | fe74304105aaecf46ea3be88063bb592
Red Hat Security Advisory 2021-0986-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0986-01 - The release of Red Hat AMQ Online 1.7.0 serves as a replacement for earlier AMQ Online releases, and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include information leakage and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-20218, CVE-2021-21290, CVE-2021-21295
MD5 | 6b56f46d3725e7aaf7da8d302289fcd5
Page 1 of 1
Back1Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close