exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2021-12-02

CA Network Flow Analysis SQL Injection
Posted Dec 2, 2021
Authored by Ken Williams | Site www3.ca.com

CA Technologies is alerting customers to a vulnerability in CA Network Flow Analysis (NFA). A vulnerability exists that can allow an authenticated user to perform SQL injection attacks and access sensitive data. CA published solutions to address this vulnerability and recommends that all affected customers implement these solutions. The vulnerability occurs due to insufficient input validation. An authenticated user can potentially access sensitive data. CA Network Flow Analysis versions 9.3.8, 9.5, 10.0, 10.0.2, 10.0.3, 10.0.4, 10.0.5, 10.0.6, 10.0.7, and 21.2.1 are affected.

tags | advisory, sql injection
advisories | CVE-2021-44050
SHA-256 | ac424b7c3bbc5bd14124fdfa0a0135b53b40ccc7bbf324e6be554fb4183faa61
Red Hat Security Advisory 2021-4909-03
Posted Dec 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4909-03 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-43527
SHA-256 | 3397383fc870970d52fe5d7855da284f1519dc5618dd2bb32832dc74d682e887
Red Hat Security Advisory 2021-4907-04
Posted Dec 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4907-04 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-43527
SHA-256 | 7638ed55df041a5f9cf5bbc8a0bdf5e2d697e49941d80fb1ad20d6e81c50665c
Red Hat Security Advisory 2021-4902-06
Posted Dec 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4902-06 - The release of RHACS 3.67 provides the following new features, bug fixes, security patches and system changes: OpenShift Dedicated support RHACS 3.67 is thoroughly tested and supported on OpenShift Dedicated on Amazon Web Services and Google Cloud Platform. 1. Use OpenShift OAuth server as an identity provider If you are using RHACS with OpenShift, you can now configure the built-in OpenShift OAuth server as an identity provider for RHACS. Issues addressed include denial of service, information leakage, memory exhaustion, remote shell upload, and traversal vulnerabilities.

tags | advisory, remote, web, denial of service, shell, vulnerability
systems | linux, redhat
advisories | CVE-2018-20673, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14155, CVE-2020-16135, CVE-2020-24370, CVE-2020-27304, CVE-2021-20231, CVE-2021-20232, CVE-2021-20266, CVE-2021-22876, CVE-2021-22898, CVE-2021-22925, CVE-2021-23343, CVE-2021-23840, CVE-2021-23841, CVE-2021-27645, CVE-2021-28153
SHA-256 | 16dee4f5e0086cb542abff81a08f987124ff16a3f3637cd31b0568fd6f07ae13
Red Hat Security Advisory 2021-4903-05
Posted Dec 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4903-05 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-43527
SHA-256 | 1192ea57edc3916e9c826e79f6450877a9da40ea7cf7554d8f0620c781548999
Red Hat Security Advisory 2021-4904-05
Posted Dec 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4904-05 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-43527
SHA-256 | bc079ab6299283166cc1a45cdd92165e2824572ef9f6267da74fe88f03f3bf0b
Ubuntu Security Notice USN-5168-3
Posted Dec 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5168-3 - USN-5168-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-43527
SHA-256 | 8e46ac4b755901baf54368f8f979d7f0a588af3f6616c907f657e2c244dbb217
I2P 1.6.1
Posted Dec 2, 2021
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates.
tags | tool
systems | unix
SHA-256 | 719606c4cb510de4fe74f24bbfa53911a70531821fc1ee79a29e3d96eaa16733
Ubuntu Security Notice USN-5168-1
Posted Dec 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5168-1 - Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-43527
SHA-256 | 91fd5d7b423f92ad5a475e193f53008fd00315ad387d2f3615310d1d01b35939
Ubuntu Security Notice USN-5168-2
Posted Dec 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5168-2 - Tavis Ormandy discovered that NSS, included with Thunderbird, incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause Thunderbird to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-43527
SHA-256 | 2ba4e0a3f2328785f3fe60aa8fec22f213764273dcc7bb558f825a8c4fec28c0
Android vold Unsafe Mounting
Posted Dec 2, 2021
Authored by Jann Horn, Google Security Research

Android's vold's incremental-fs APIs trust paths from system_server for mounting. There is supposed to be privilege separation between vold (TCB) and system_server (privileged process). However, vold's IPC handlers related to incremental-fs (mountIncFs, unmountIncFs, bindMount) allow system_server to specify semi-arbitrary paths, allowing system_server to trigger mounting on directories that shouldn't be under system_server control.

tags | exploit, arbitrary
advisories | CVE-2022-20002
SHA-256 | 6308f611ecd07bd987f8455171c29a25eff87e81ccf2cc8daeca7812645ea262
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close