exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2021-12-01

Packet Storm New Exploits For November, 2021
Posted Dec 1, 2021
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 137 exploits added to Packet Storm in November, 2021.

tags | exploit
SHA-256 | 17fff5ce91cd2385028fa864df1fd7fa8336400d28b124a54ec241a1307df8e0
Red Hat Security Advisory 2021-4801-06
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4801-06 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.38. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695, CVE-2021-21696, CVE-2021-21697, CVE-2021-21698
SHA-256 | f43af822fb6c34adec12aba2a891d8c695e324e8bd9710a1cc6fa69484444d0b
Ubuntu Security Notice USN-5164-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5164-1 - It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-37159
SHA-256 | 072ff6f683be42c2ac77574912b10db9bfbf82619215f8bc77f155e6839ad298
Ubuntu Security Notice USN-5165-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5165-1 - It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface implementation. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-3760, CVE-2021-3772, CVE-2021-42327, CVE-2021-42739, CVE-2021-43056, CVE-2021-43267, CVE-2021-43389
SHA-256 | a0b01b9f4766a141e1c20c5d99e1ca222d00d4498a726851cff5f6c91eb4780c
Ubuntu Security Notice USN-5163-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5163-1 - Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information. It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2021-3655, CVE-2021-37159
SHA-256 | 590c525353cbc5914fc5f14ac97053443f5506f7b87bbe5ee0f01bcb23c98f50
Red Hat Security Advisory 2021-4861-06
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4861-06 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.6.0 serves as a replacement for Red Hat JBoss Web Server 5.5.0. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-30640, CVE-2021-33037, CVE-2021-42340
SHA-256 | 7dbd69f0e97fd21832d1b2e2ba993f10af54561063a247a7e25f83c53a04b080
Red Hat Security Advisory 2021-4866-02
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4866-02 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-20254
SHA-256 | b9ae55385b475855b606725be732883b6e3057717b093be3a4a2c09200b86949
Red Hat Security Advisory 2021-4859-03
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4859-03 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
SHA-256 | 9eca0fe1572c0cc25417bdd1268807d6c3d53aaa967475e6b3beab6652c90708
Red Hat Security Advisory 2021-4875-04
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4875-04 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-20317
SHA-256 | 7182b04b0c95c9c305f359918990a1f42023f58b97531d86592fbe56852dacb5
Red Hat Security Advisory 2021-4871-05
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4871-05 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-20317
SHA-256 | b512fabc2f0ea31c77c3c04ecd89595372d88866b57e93e61ded1e641a083c9d
Red Hat Security Advisory 2021-4863-06
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4863-06 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.6.0 serves as a replacement for Red Hat JBoss Web Server 5.5.0. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-30640, CVE-2021-33037, CVE-2021-42340
SHA-256 | 58f5a47585e63d5de90a2072fe361e8c539c5a335cf05e959d27f16c183a5619
MilleGPG5 5.7.2 Luglio 2021 Privilege Escalation
Posted Dec 1, 2021
Authored by Alessandro Salzano

MilleGPG5 version 5.7.2 Luglio 2021 suffers from a local privilege escalation vulnerability.

tags | exploit, local
SHA-256 | b7b977700841f66627568e41cfc1b520820a9a3b6e18b4e6476a601f3b1579ec
NSS Signature Validation Memory Corruption
Posted Dec 1, 2021
Authored by Tavis Ormandy, Google Security Research

NSS (Network Security Services), Mozilla project's cross-platform security library, suffers from a memory corruption flaw when validating ECDSA signatures.

tags | exploit
advisories | CVE-2021-43527
SHA-256 | a1b02e73db5dff5112196a0630115a92894c1a5c5871dfbfe6cb9a06a3c35921
Ubuntu Security Notice USN-5162-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5162-1 - Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information. It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3655, CVE-2021-42252, CVE-2021-43057
SHA-256 | 01b7c0559708029a8e272ddba1ab88c8f94f384b8dbf7832fdffea0c12204e66
Advanced Comment System 1.0 Remote Command Execution
Posted Dec 1, 2021
Authored by Nicole Daniella Murillo Mejias

Advanced Comment System version 1.0 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | c0a3ae4e6c5fc614a3b3493700cabba833cdc0542577e6cbd73ffbd226a7b2b9
Ubuntu Security Notice USN-5161-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5161-1 - Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information. It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3655, CVE-2021-42252
SHA-256 | 35333c4428527b3f750e7ef00956677d52b5e606751d753665346da51586f3a3
Online Enrollment Management System In PHP And PayPal 1.0 Cross Site Scripting
Posted Dec 1, 2021
Authored by Tushar Jadhav

Online Enrollment Management System in PHP and PayPal version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, php, xss
advisories | CVE-2021-40577
SHA-256 | 58b09da437a9db3ee5522fd14065907371363210d686eb9837c10907ebae0b69
Red Hat Security Advisory 2021-4851-01
Posted Dec 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4851-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.9.1 serves as a replacement for Red Hat AMQ Broker 7.9.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-37136, CVE-2021-37137
SHA-256 | 896841434a724157b334639f2d7ec99a622b7df9099ab77595f12f506035218e
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close