what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2021-07-07

Ubuntu Security Notice USN-5008-1
Posted Jul 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5008-1 - Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. It was discovered that Avahi incorrectly handled certain hostnames. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, unix, ubuntu
advisories | CVE-2021-3468, CVE-2021-3502
MD5 | 5db45203baefabb1f31e4332da1e0620
Ubuntu Security Notice USN-5006-1
Posted Jul 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5006-1 - It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled parsing URLs with passwords. A remote attacker could possibly use this issue to cause PHP to mis-parse the URL and produce wrong data. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, php
systems | linux, ubuntu
advisories | CVE-2020-7068, CVE-2020-7071, CVE-2021-21702, CVE-2021-21704, CVE-2021-21705
MD5 | d2eaebcf41b9edfd36340798eb2ac873
Gentoo Linux Security Advisory 202107-10
Posted Jul 7, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-10 - A bug in TCG TPM2 Software Stack may result in information disclosure to a local attacker. Versions less than 2.4.3 are affected.

tags | advisory, local, info disclosure
systems | linux, gentoo
advisories | CVE-2020-24455
MD5 | ace381835ae63e109ca33eb3f4bd88d7
Red Hat Security Advisory 2021-2666-01
Posted Jul 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2666-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-26541, CVE-2021-33034
MD5 | c455013238a5a919ec61ca4df18658a0
Zeek 4.0.3
Posted Jul 7, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Updates added to skip input framework entries with missing but non-optional fields, address a segfault in input framework when reading unset fields, deprecate stepping-stone analyzer events, and more.
tags | tool, intrusion detection
systems | unix
MD5 | 39ec3bcfbe7f179ae042ad2cf424248d
Okta Access Gateway 2020.5.5 Authenticated Remote Root
Posted Jul 7, 2021
Authored by Jeremy Brown

Okta Access Gateway version 2020.5.5 suffers from multiple authenticated remote root command injection vulnerabilities.

tags | exploit, remote, root, vulnerability
advisories | CVE-2021-28113
MD5 | 117cdacc6c045a9f6239a8f7082bfc82
Red Hat Security Advisory 2021-2668-01
Posted Jul 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2668-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-33034
MD5 | 439e2e5c674514f9d95f1c09fe31ff99
Gentoo Linux Security Advisory 202107-13
Posted Jul 7, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-13 - Multiple vulnerabilities have been found in GLib, the worst of which could result in the arbitrary execution of code. Versions less than 2.66.8 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-27218, CVE-2021-27219, CVE-2021-28153
MD5 | b043804d72fb36a4554ed4fe5544f165
WordPress Plainview Activity Monitor 20161228 Remote Code Execution
Posted Jul 7, 2021
Authored by Beren Kuday Gorun

WordPress Plainview Activity Monitor plugin version 20161228 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-15877
MD5 | 93650ad2460fe99455fca01d973be3e8
Gentoo Linux Security Advisory 202107-12
Posted Jul 7, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-12 - Multiple vulnerabilities have been found in Schism Tracker, the worst of which could result in denial of service. Versions less than 20190805 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-14465, CVE-2019-14523
MD5 | 3998baec368ffe9b7d8c731930428e00
Red Hat Security Advisory 2021-2465-01
Posted Jul 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2465-01 - This release of Red Hat build of Eclipse Vert.x 4.1.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-29425
MD5 | 3692b261f716c60d26bb20aa3e23389d
Red Hat Security Advisory 2021-2663-01
Posted Jul 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2663-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2021-3583
MD5 | 1c1874f3f32d4e8afeaa23f7f38c7b28
Ubuntu Security Notice USN-5007-1
Posted Jul 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5007-1 - Eric Sesterhenn discovered that libuv incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information or cause a crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-22918
MD5 | 98201682668fc16cb77db6c23e0df0de
Gentoo Linux Security Advisory 202107-11
Posted Jul 7, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-11 - A vulnerability in OpenDoas could lead to privilege escalation. Versions less than 6.8.1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2019-25016
MD5 | ca216f267ad3fb13ecde3eff75762e55
Rocket.Chat 3.12.1 NoSQL Injection / Code Execution
Posted Jul 7, 2021
Authored by enox

Rocket.Chat 3.12.1 unauthenticated NoSQL injection to remote code execution exploit.

tags | exploit, remote, code execution, sql injection
advisories | CVE-2021-22911
MD5 | 336f01d88aabbefbeeffd8db49547f6c
Red Hat Security Advisory 2021-2664-01
Posted Jul 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2664-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2021-3583
MD5 | 35c09c520b1d02411a0ab980ae045ce9
Gentoo Linux Security Advisory 202107-09
Posted Jul 7, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-9 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 89.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-29959, CVE-2021-29960, CVE-2021-29961, CVE-2021-29966
MD5 | ecb2a8d609e1cf90ff2a049c90345e9a
Docker Dashboard Remote Command Execution
Posted Jul 7, 2021
Authored by Jeremy Brown

Docker Dashboard suffers from a remote command execution vulnerability. The fix is added in commit 79cdc41.

tags | exploit, remote
advisories | CVE-2021-27886
MD5 | 4c29691af5fd9c2080f1f24e78725fe6
Online Covid Vaccination Scheduler System 1.0 SQL Injection
Posted Jul 7, 2021
Authored by faisalfs10x

Online Covid Vaccination Scheduler System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2de8c8ebac058de7045deffc42bce069
Red Hat Security Advisory 2021-2658-01
Posted Jul 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2658-01 - The linuxptp packages provide Precision Time Protocol implementation for Linux according to IEEE standard 1588 for Linux. The dual design goals are to provide a robust implementation of the standard and to use the most relevant and modern Application Programming Interfaces offered by the Linux kernel.

tags | advisory, kernel, protocol
systems | linux, redhat
advisories | CVE-2021-3570
MD5 | 5c284f37d458cc171f02f1d8bdab4874
MikroTik RouterOS 6.x Reachable Assertion Failure / Null Pointer Dereference
Posted Jul 7, 2021
Authored by Qian Chen

MikroTik RouterOS version 6.x suffers from having multiple null pointer dereference vulnerabilities and a reachable assertion failure.

tags | advisory, vulnerability
MD5 | 70d880847a850e2dfd577e31c0397a89
Page 1 of 1
Back1Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close