what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

Files Date: 2021-12-01

Packet Storm New Exploits For November, 2021
Posted Dec 1, 2021
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 137 exploits added to Packet Storm in November, 2021.

tags | exploit
MD5 | f7adc68e7698ff155d8c1d9d4c92e32b
Red Hat Security Advisory 2021-4801-06
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4801-06 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.38. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695, CVE-2021-21696, CVE-2021-21697, CVE-2021-21698
MD5 | 77c6143caa183f9cd29d3f77ddb15542
Ubuntu Security Notice USN-5164-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5164-1 - It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-37159
MD5 | 6ccccfa63f87b8046f886da63dc7344f
Ubuntu Security Notice USN-5165-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5165-1 - It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface implementation. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-3760, CVE-2021-3772, CVE-2021-42327, CVE-2021-42739, CVE-2021-43056, CVE-2021-43267, CVE-2021-43389
MD5 | 9b62ebc65593eec8e7ee5817b3b82e23
Ubuntu Security Notice USN-5163-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5163-1 - Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information. It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2021-3655, CVE-2021-37159
MD5 | b435df38ae55595db8f1bcd795db1127
Red Hat Security Advisory 2021-4861-06
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4861-06 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.6.0 serves as a replacement for Red Hat JBoss Web Server 5.5.0. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-30640, CVE-2021-33037, CVE-2021-42340
MD5 | 9e1f2867f4a8906a688a30c4fa4039f3
Red Hat Security Advisory 2021-4866-02
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4866-02 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-20254
MD5 | 84b686bb7ac7146def29ff0253869abc
Red Hat Security Advisory 2021-4859-03
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4859-03 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
MD5 | 3c972678d538c65396d6b464bf63dfb0
Red Hat Security Advisory 2021-4875-04
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4875-04 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-20317
MD5 | 9ed039333ab5407c451da8ca1300823e
Red Hat Security Advisory 2021-4871-05
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4871-05 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-20317
MD5 | 147335cf34038760a268fc3519fd9681
Red Hat Security Advisory 2021-4863-06
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4863-06 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.6.0 serves as a replacement for Red Hat JBoss Web Server 5.5.0. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-30640, CVE-2021-33037, CVE-2021-42340
MD5 | 610a400f74cdf7a058f2afa29813f8e5
MilleGPG5 5.7.2 Luglio 2021 Privilege Escalation
Posted Dec 1, 2021
Authored by Alessandro Salzano

MilleGPG5 version 5.7.2 Luglio 2021 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | bae19c3fdd730b768e9c0c4e6e3245f4
NSS Signature Validation Memory Corruption
Posted Dec 1, 2021
Authored by Tavis Ormandy, Google Security Research

NSS (Network Security Services), Mozilla project's cross-platform security library, suffers from a memory corruption flaw when validating ECDSA signatures.

tags | exploit
advisories | CVE-2021-43527
MD5 | 5166911d2f1f55ae05e8bf3fb9914042
Ubuntu Security Notice USN-5162-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5162-1 - Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information. It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3655, CVE-2021-42252, CVE-2021-43057
MD5 | 168949d5bd28d8a0c87dc3d7bb453348
Advanced Comment System 1.0 Remote Command Execution
Posted Dec 1, 2021
Authored by Nicole Daniella Murillo Mejias

Advanced Comment System version 1.0 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 842196b79ae25188b19919d1c8170b75
Ubuntu Security Notice USN-5161-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5161-1 - Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information. It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3655, CVE-2021-42252
MD5 | adcd67f9c4539f1d01ba2e73bf9972aa
Online Enrollment Management System In PHP And PayPal 1.0 Cross Site Scripting
Posted Dec 1, 2021
Authored by Tushar Jadhav

Online Enrollment Management System in PHP and PayPal version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, php, xss
advisories | CVE-2021-40577
MD5 | ff524c4791aa81b60bb626960fd08822
Red Hat Security Advisory 2021-4851-01
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4851-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.9.1 serves as a replacement for Red Hat AMQ Broker 7.9.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-37136, CVE-2021-37137
MD5 | f8cee9baab59d70a4a54c5f4b9ce785b
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    23 Files
  • 27
    Jan 27th
    24 Files
  • 28
    Jan 28th
    14 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close