what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2021-09-14

OpenDNSSEC 2.1.10
Posted Sep 14, 2021
Site opendnssec.org

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Changes: Fixed exit code signer daemon to not always report failure. Fixed immediate resalting after migration from 1.4. Resolved conflict when deleting keys from HSM whilst also performing step in key roll process. Added warning on ods-kaspcheck for NSEC iteration count that is deemed too high. Provided RedHat/CentOS spec file in contrib directory.
tags | tool
systems | unix
SHA-256 | c0a8427de241118dccbf7abc508e4dd53fb75b45e9f386addbadae7ecc092756
Ubuntu Security Notice USN-5077-1
Posted Sep 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5077-1 - Maik Münch and Stephen Roettger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use this issue to gain read access to arbitrary files, possibly containing sensitive information.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2021-3709
SHA-256 | 8ceee0393cec4ea564414a8beb7ae5cb9f26c40d07fd0fdcbc65bc35cfb30b0b
Red Hat Security Advisory 2021-3534-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3534-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.9 serves as a replacement for Red Hat Single Sign-On 7.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-28491, CVE-2020-35509, CVE-2021-28170, CVE-2021-29425, CVE-2021-3513, CVE-2021-3597, CVE-2021-3632, CVE-2021-3637, CVE-2021-3644, CVE-2021-3690
SHA-256 | c46bdad703dcc26f6f326ad50ed84ba22b6c1eae40ebaaa4f28523e0035a4a75
Kernel Live Patch Security Notice LSN-0081-1
Posted Sep 14, 2021
Authored by Benjamin M. Romer

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host’s physical memory. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Various other vulnerabilities were also addressed.

tags | advisory, kernel, vulnerability
systems | linux
advisories | CVE-2021-22555, CVE-2021-33909, CVE-2021-3653, CVE-2021-3656
SHA-256 | 051e461652f3d7e1d5f1bd5ab2e8d9f2f9a398877fa90de84818f4955d1a2074
DMA Softlab Radius Manager 4.4.0 Session Management / Cross Site Scripting
Posted Sep 14, 2021
Authored by bnu1s

DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-29011, CVE-2021-29012
SHA-256 | cd1280c0a733c7ae32690915156fcd9e503592c3a27e1b316f1186f9264593bd
Red Hat Security Advisory 2021-3527-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3527-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.9 serves as a replacement for Red Hat Single Sign-On 7.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2020-28491, CVE-2020-35509, CVE-2021-3513, CVE-2021-3632, CVE-2021-3637
SHA-256 | da4fac932c9c8f1037a515fb223b4f0e0f550ba68ed3c7e876625d2a658df14c
Ulfius Web Framework Remote Memory Corruption
Posted Sep 14, 2021
Authored by Jeremy Brown

Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially remote code execution with privileges of the running process.

tags | exploit, remote, web, code execution
advisories | CVE-2021-40540
SHA-256 | bcece9074fff2d52274f17c6d4979214834ae5a855709f997bd265bfd66f6259
Red Hat Security Advisory 2021-3529-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3529-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.9 serves as a replacement for Red Hat Single Sign-On 7.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2020-28491, CVE-2020-35509, CVE-2021-3513, CVE-2021-3632, CVE-2021-3637
SHA-256 | 9e1f2347d7e91fda5d978e5f2bdeb09b6682e5286d9065736dc5945d549212b1
Red Hat Security Advisory 2021-3516-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3516-01 - These are CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP2 code base. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-28170, CVE-2021-29425, CVE-2021-3597, CVE-2021-3644, CVE-2021-3690
SHA-256 | 864848f192b5e325f0720ddc7aa228f033358f8d6e4a48c850b74f908fb52333
Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload
Posted Sep 14, 2021
Authored by Ricardo Jose Ruiz Fernandez

Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 have a web interface called AlphaWeb XE that allows for a remote shell upload.

tags | exploit, remote, web, shell
advisories | CVE-2021-40845
SHA-256 | db3e0721685ee34c318d514cffb76f972c85d297a6080f1d2a9693cb1d01d628
Red Hat Security Advisory 2021-3528-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3528-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.9 serves as a replacement for Red Hat Single Sign-On 7.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2020-28491, CVE-2020-35509, CVE-2021-3513, CVE-2021-3632, CVE-2021-3637
SHA-256 | 63fae7a242bc6445a713fa5eb6665a480e22edea0c12f32f5aaf5a8a3224ce6a
Red Hat Security Advisory 2021-3522-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3522-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-8648, CVE-2021-22555, CVE-2021-32399, CVE-2021-3347
SHA-256 | 278d2ed0c28bf6ba05340a155eedabad14fb059810dc71e27737038d8af09c83
Red Hat Security Advisory 2021-3523-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3523-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22555, CVE-2021-32399, CVE-2021-3347
SHA-256 | bdb0a589be9a82bc80e26fb172ccb2ff8eb347e0cd4360a09c342425bdded3fb
Facebook ParlAI 1.0.0 Code Execution / Deserialization
Posted Sep 14, 2021
Authored by Abhiram V

Facebook ParlAI version 1.0.0 suffers from a deserialization vulnerability that can allow for code execution.

tags | exploit, code execution
advisories | CVE-2021-24040
SHA-256 | 9da634b02b722fa3af05ba67e9c19879fb1f0cd3947fbdb6dd88459cdf7aac56
Purchase Order Management System 1.0 Shell Upload
Posted Sep 14, 2021
Authored by Aryan Chehreghani

Purchase Order Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | adbec2ba2a2b77b4a8198e5ede57e1dc118d478d21f0f9e1393f1c542e410439
Active WebCam 11.5 Unquoted Service Path
Posted Sep 14, 2021
Authored by Salman Asad

Active WebCam version 11.5 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 519c9c46fc0095e44a9bf04b7728357cce3f079549e491411eb144b1eded576c
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close