what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

Files Date: 2021-11-09

GNUnet P2P Framework 0.15.3
Posted Nov 9, 2021
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: Various updates.
tags | tool, web, udp, tcp, peer2peer
SHA-256 | d62669a8f41e078eaa220ce77a32f4f3f801e3099357ae8c705498fe73884ec5
Google Assistant Authentication Bypass
Posted Nov 9, 2021
Authored by David Schutz | Site feed.bugs.xdavidhu.me

Google Assistant suffered from an authentication bypass vulnerability allowing a webpage to execute commands without permission.

tags | exploit, bypass
SHA-256 | 44d6ff217c2fd30ef0ccfe6031bf0609f53f0c9e58b78928c61f0655706fb41a
Movable Type 7 r.5002 XMLRPC API Remote Command Injection
Posted Nov 9, 2021
Authored by Ghost from Nemesis, The Criminal One | Site nemesis.sh

This Metasploit module exploits a remote command injection vulnerability in Movable Type versions 7 r.5002 and below.

tags | exploit, remote
advisories | CVE-2021-20837
SHA-256 | ded7b47796fc44b921a8b1782fa3edc06aef8bea133da718be0a33ed547dd45b
Moodle Cross Site Scripting / Server-Side Request Forgery
Posted Nov 9, 2021
Authored by rekter0 | Site r0.haxors.org

Moodle versions 3.10 to 3.10.1, 3.9 to 3.9.4, 3.8 to 3.8.7, and 3.5 to 3.5.16 suffer from cross site scripting and server-side request forgery vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2021-20280
SHA-256 | 5ebbb3e3b937891a7993ff7cfa746f4eb1c07b7273456d6b43b919d3917226a0
Ubuntu Security Notice USN-5134-1
Posted Nov 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5134-1 - An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied credentials being leaked to the public registry, when using the docker login command with a private registry.

tags | advisory, registry, info disclosure
systems | linux, ubuntu
advisories | CVE-2021-41092
SHA-256 | 11a8fd969279dac2404fecd3abcaa6f718532bed6e35975931b2093909c3f708
Ubuntu Security Notice USN-5137-1
Posted Nov 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5137-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the Infiniband RDMA userspace connection manager implementation in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possible execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19449, CVE-2020-36385, CVE-2021-3428, CVE-2021-34556, CVE-2021-35477, CVE-2021-3739, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2021-42252
SHA-256 | 5fef8e7f5f28fbf71440acfa341c2c082504de263157b46ee9e4e00f76144514
Ubuntu Security Notice USN-5136-1
Posted Nov 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5136-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the FUSE user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19449, CVE-2020-36322, CVE-2020-36385, CVE-2021-3655, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2021-38199, CVE-2021-42252
SHA-256 | 28724fdbb83e4490e3fc8c3f933128c22cd04d060dad7537f8dd275bde2370b7
Ubuntu Security Notice USN-5135-1
Posted Nov 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5135-1 - It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3759
SHA-256 | 2c6a87c6a06aece5bfc4156be0a147b88565ff9ac97b71d06f275638eb364e39
Ubuntu Security Notice USN-5130-1
Posted Nov 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5130-1 - Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-29660, CVE-2020-29661
SHA-256 | b17505018c4425c9656c7d3f88f088126561b05c8d0305c63f206297d8335a5e
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close