what you don't know can hurt you
Showing 1 - 25 of 53 RSS Feed

Files Date: 2021-07-21

Sage X3 Administration Service Authentication Bypass / Command Execution
Posted Jul 21, 2021
Authored by Aaron Herndon, Jonathan Peterson | Site metasploit.com

This Metasploit module leverages an authentication bypass exploit within Sage X3 AdxSrv's administration protocol to execute arbitrary commands as SYSTEM against a Sage X3 Server running an available AdxAdmin service.

tags | exploit, arbitrary, protocol
advisories | CVE-2020-7387, CVE-2020-7388
MD5 | 56f22a3bdc2508979a5572081c2596b4
WordPress Backup Guard Authenticated Remote Code Execution
Posted Jul 21, 2021
Authored by Ron Jost, Nguyen Van Khanh | Site metasploit.com

This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in Wordpress plugin Backup Guard versions prior to 1.6.0. This is due to an incorrect check of the uploaded file extension which should be of SGBP type. Then, the uploaded payload can be triggered by a call to /wp-content/uploads/backup-guard/<random_payload_name>.php.

tags | exploit, arbitrary, shell, php, file upload
advisories | CVE-2021-24155
MD5 | a13b79ee96d9f6b0f86db446a8c091a9
Ubuntu Security Notice USN-5020-1
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5020-1 - It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to conduct port scans and service banner extractions. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Various other issues were also addressed.

tags | advisory, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2021-31799, CVE-2021-31810, CVE-2021-32066
MD5 | b2e949441f11b0559bbbb899cab3d9d3
Sequoia: A Deep Root In Linux's Filesystem Layer
Posted Jul 21, 2021
Authored by Qualys Security Advisory

Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer. They successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation; other Linux distributions are certainly vulnerable, and probably exploitable. A basic proof of concept (a crasher) is attached to this advisory.

tags | exploit, kernel, local, root, proof of concept
systems | linux, debian, fedora, ubuntu
advisories | CVE-2021-33909, CVE-2021-33910
MD5 | 2739ab8c7448e7ea41f28d5e97efa32a
Ampache 4.4.2 Cross Site Scripting
Posted Jul 21, 2021
Authored by Daniel Bishtawi | Site netsparker.com

Ampache version 4.4.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ac4b9b998efcfeeb7354128b30e3711c
Red Hat Security Advisory 2021-2737-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2737-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-33034, CVE-2021-33909
MD5 | dc650fda9eb24d2e8e4eb35cdfb55489
Ubuntu Security Notice USN-4336-2
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4336-2 - USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2226, CVE-2016-4490, CVE-2016-6131, CVE-2017-12451, CVE-2017-12455, CVE-2017-12459, CVE-2017-14128, CVE-2017-14529, CVE-2017-14939, CVE-2017-15022, CVE-2017-15938, CVE-2017-16827, CVE-2017-17080, CVE-2017-17125, CVE-2017-7209, CVE-2017-7225, CVE-2017-7300, CVE-2017-8393, CVE-2017-8397, CVE-2017-9039, CVE-2017-9044, CVE-2017-9746, CVE-2017-9750, CVE-2017-9754, CVE-2018-1000876, CVE-2018-10535, CVE-2018-12699
MD5 | 299412ebfe15130fcd2ba6fb07826c11
Red Hat Security Advisory 2021-2845-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2845-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2341, CVE-2021-2369, CVE-2021-2388
MD5 | b0e0c00d4f4746408fd16332eda62b05
Red Hat Security Advisory 2021-2774-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2774-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2341, CVE-2021-2369, CVE-2021-2388
MD5 | 0082ce47eacfab657f12cd52aa240a3a
Red Hat Security Advisory 2021-2775-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2775-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2341, CVE-2021-2369, CVE-2021-2388
MD5 | 054421615a733323842c1c0194f12034
Red Hat Security Advisory 2021-2776-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2776-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2341, CVE-2021-2369, CVE-2021-2388
MD5 | 4156776e64e208f62748b2b735729009
Red Hat Security Advisory 2021-2784-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2784-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2341, CVE-2021-2369, CVE-2021-2388
MD5 | d1aecb7daca0705008ae6e202e5ff028
Red Hat Security Advisory 2021-2782-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2782-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2341, CVE-2021-2369, CVE-2021-2388
MD5 | 2e89a8eb2d82a51a8774e664cb0e376e
Red Hat Security Advisory 2021-2781-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2781-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2341, CVE-2021-2369, CVE-2021-2388
MD5 | 91e37f92bc28a38904d764a1947cbb74
Red Hat Security Advisory 2021-2783-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2783-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2341, CVE-2021-2369, CVE-2021-2388
MD5 | a6c376d124e6dcf4781a3f744715da00
Ubuntu Security Notice USN-5019-1
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5019-1 - It was discovered that an assert could be triggered in the NVIDIA graphics drivers. A local attacker could use this to cause a denial of service. It was discovered that the NVIDIA graphics drivers permitted an out-of-bounds array access. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2021-1093, CVE-2021-1094, CVE-2021-1095
MD5 | 9b14b7386bfe0d3b7c97a0be131a2b1c
Red Hat Security Advisory 2021-2725-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2725-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-20934, CVE-2020-11668, CVE-2021-33033, CVE-2021-33034, CVE-2021-33909
MD5 | bd043dccfb945c15c0bc8a939167efc4
Red Hat Security Advisory 2021-2726-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2726-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-20934, CVE-2020-11668, CVE-2021-33033, CVE-2021-33034, CVE-2021-33909
MD5 | 1981db6158a874e1e43d242fc6b6dbe6
Red Hat Security Advisory 2021-2728-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2728-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-33034, CVE-2021-33909
MD5 | 9349041e3d5b8031f15916a77cdb3030
Red Hat Security Advisory 2021-2729-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2729-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-33034, CVE-2021-33909
MD5 | cd74e6e698b161497de73db8f2dcc30a
Red Hat Security Advisory 2021-2717-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2717-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-33910
MD5 | ea3888a7628ccfa42953bbc62f784b1f
Red Hat Security Advisory 2021-2716-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2716-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-32399, CVE-2021-33909
MD5 | e032e75e755f3431ab35b7b608eda040
Red Hat Security Advisory 2021-2720-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2720-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-33034, CVE-2021-33909
MD5 | ef7872c7b9b199ff3f091fc1abafaf16
Red Hat Security Advisory 2021-2731-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2731-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-33034, CVE-2021-3347, CVE-2021-33909
MD5 | 00c6ab3bd73470f7029f662af7896824
Red Hat Security Advisory 2021-2796-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2796-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a null pointer vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-3514
MD5 | 266a4690dab2023bab828ad7a03f55a1
Page 1 of 3
Back123Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close