This Metasploit module exploits the "custom script" feature of ADSelfService Plus. The feature was removed in build 6122 as part of the patch for CVE-2022-28810. For purposes of this module, a "custom script" is arbitrary operating system command execution. This module uses an attacker provided "admin" account to insert the malicious payload into the custom script fields. When a user resets their password or unlocks their account, the payload in the custom script will be executed. The payload will be executed as SYSTEM if ADSelfService Plus is installed as a service, which we believe is the normal operational behavior. This is a passive module because user interaction is required to trigger the payload. This module also does not automatically remove the malicious code from the remote target. Use the "TARGET_RESET" operation to remove the malicious custom script when you are done.
d91150e34529bee9dd92e87b3f063460c0b5e994a412c286b68d6cb26a58d358This Metasploit module exploits a vulnerability in the Linux Kernel's watch_queue event notification system. It relies on a heap out-of-bounds write in kernel memory. The exploit may fail on the first attempt so multiple attempts may be needed. Note that the exploit can potentially cause a denial of service if multiple failed attempts occur, however this is unlikely.
b59181d9b536ad31ebdc6b3f83985c65e49fbe3242468f7709e7bb7a2d4b1e5fSuricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
0d4197047c84ba070dfc6b1d9f9ee92f52a71403bfac0e29b2554bb21fe00754The USR IOT industrial router is vulnerable to hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the device. Affected versions include 1.0.36 and 1.2.7.
f2b44867a9d3fc671d927368e7311aaf4147f3f58be89622912f7a0f06ebb5ccRed Hat Security Advisory 2022-1476-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide some security fixes and bug fixes. Issues addressed include an information leakage vulnerability.
518f87bfae6ff4f29f3572832aa384efe8f2162ebac11f7d53caab2d6df42933Red Hat Security Advisory 2022-1363-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.29.
30914537bd445536eae1b895b50a29b6a65239fc2cd90499d42aba67482218e9Ubuntu Security Notice 5385-1 - Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious UDF image that, when mounted and operated on, could cause a denial of service.
078b4bddc3740f5822d9df11ccc4d99af4944adc91979ccb11b22595a7e4421fUbuntu Security Notice 5384-1 - It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious UDF image that, when mounted and operated on, could cause a denial of service. Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A local attacker could use this to expose sensitive information.
d25729c26aa6f3072b6df3d355310603cca00b0fefee36dc20228b42c073c6e7Ubuntu Security Notice 5383-1 - David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service.
eecfaed66553cc5d738b54db0a55d0888c30e53ef8fb77f43aa53fd8250d7fb9Ubuntu Security Notice 5381-1 - David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the block layer subsystem in the Linux kernel did not properly initialize memory in some situations. A privileged local attacker could use this to expose sensitive information.
5521aa1035974337ae1e3f0cd143ee5be242228148ef7a60d1483b460cb9394dUbuntu Security Notice 5382-1 - Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly handle input devices with specially crafted names. A local attacker with physical access could use this to cause libinput to crash or expose sensitive information.
f08d4ef205f75f59b226bfdbcc3b09a6618226dc11691db0bc2ffa91bc859bfcRed Hat Security Advisory 2022-1389-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 11 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 and includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, buffer overflow, bypass, null pointer, and use-after-free vulnerabilities.
543450d6c14d4c09bcf5947c484b86e571d3712934810fc7815f183da6554438Red Hat Security Advisory 2022-1443-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
c1ef43de266fdbb25e4b31fd1ddb906d2e6d7d3e669e3bc2c45996ec3ed25ae8Red Hat Security Advisory 2022-1390-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 11 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 and includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, buffer overflow, bypass, null pointer, and use-after-free vulnerabilities.
ad0fd16dc55990a0a43914c90f2049b89914071377efc58825ef7d913c3134dbRed Hat Security Advisory 2022-1478-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
29508ea7d81918a307f5f939b77f510ed2ce34ec56b7ae84f65c8a6c771bce2eRed Hat Security Advisory 2022-1455-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and privilege escalation vulnerabilities.
875d0e42f4b97c80ca5787d522296033e722015e393e57c94404ccc7805a955eRed Hat Security Advisory 2022-1444-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
030f73f59ceec843fff4ad5015c9f7354e3e1f7755929361d1e33eb16752d0cbRed Hat Security Advisory 2022-1441-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
8c1a1b1056127f92a47e27307b0a440c77d8c99be6b13cef33331c950ff16255Red Hat Security Advisory 2022-1469-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 serves as a replacement for Red Hat Single Sign-On 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
1989a8f9d487c3a1064cc5cafb97cf1f0e4ebcec1d13d1c92293737241db656eRed Hat Security Advisory 2022-1463-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
cab797a2ac15ee52c67a0723db572558f460b5f925255de17e7c645f3569c4aeRed Hat Security Advisory 2022-1445-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.
27e8d6fb511014866f15ba6951ab023f4c23de32da54456e4809ffc31b067ac7Red Hat Security Advisory 2022-1336-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.
b2ff7d602c1d3735b0dcab4bb88d36576bcb1e2972286394282157ef0e417486Red Hat Security Advisory 2022-1440-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
65d16f470e0fdbd78b16b232dd5e982a298a5b3f722e28492936c557dc8e5a72Red Hat Security Advisory 2022-1462-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
03deb4214a9d8154326adb253d71b220bd4e9668793a94401ccb07c15551cb10Red Hat Security Advisory 2022-1442-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
021513c7cd438c66e462d1545777cfd6ec7329fabf53fb0aba8bcdf5c82fa7da
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed