This Metasploit module exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The vulnerability was introduced by Debian and Ubuntu Redis packages that insufficiently sanitized the Lua environment. The maintainers failed to disable the package interface, allowing attackers to load arbitrary libraries. On a typical redis deployment (not docker), this module achieves execution as the redis user. Debian/Ubuntu packages run Redis using systemd with the "MemoryDenyWriteExecute" permission, which limits some of what an attacker can do. For example, staged meterpreter will fail when attempting to use mprotect. As such, stageless meterpreter is the preferred payload. Redis can be configured with authentication or not. This module will work with either configuration (provided you provide the correct authentication details). This vulnerability could theoretically be exploited across a few architectures: i386, arm, ppc, etc. However, the module only supports x86_64, which is likely to be the most popular version.
25990c6dc1f07a86ea2e834b9c66c011d9af3d483f0592ec3011de6f791bfa0aZepp version 6.1.4-play suffers from a user account enumeration flaw in the password reset function.
dd2dc79c277146022bd841a6e3457f872018f219fbac2d90f8f9b9a7a5da6c35Ubuntu Security Notice 5391-1 - Nicolas Iooss discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code.
2b9f7839558bf9b6e3a4ce82cbaf448f90f226607ae4646b89d7394b329a6c7bnfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
11018a20c5c4a8ffe5475a7ea057d506b57d4c3b931d8a2018a96c1341de0d95Miele Benchmark Programming Tool versions 1.1.49 and 1.2.71 suffer from a privilege escalation vulnerability.
d9c54518c9774d14210fa309ae32ce7bf54eac2d1ed82cd249dec9506f8662c7Red Hat Security Advisory 2022-1628-01 - Red Hat Gluster Storage Web Administration includes a fully automated setup based on Ansible and provides deep metrics and insights into active Gluster storage pools by using the Grafana platform. Red Hat Gluster Storage Web Administration provides a dashboard view that allows an administrator to get a view of overall gluster health in terms of hosts, volumes, bricks, and other components of GlusterFS.
bd3810c82e8a7a890e00175095129c3671c5cd1622b5ec57ba988c6681ab6a22Backdoor.Win32.Agent.aegg malware suffers from a hardcoded credential vulnerability.
53f75d30a3e68a34d3ff3b8c12346375b8a937d60fb31ffaddd254aa7ebb9972Red Hat Security Advisory 2022-1420-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.665. Issues addressed include bypass and denial of service vulnerabilities.
f2340fc2bbf7645ca92dc392a5cf1627dd13be1d183cec44c7a680b9b1b0d3b1WordPress Booking Calendar plugin versions 9.1 and below suffer from PHP object injection and insecure deserialization vulnerabilities.
ca383548169d539c9e3c7a8fb2058f0828391d09365e432f7376f20ec13cc507Ubuntu Security Notice 5376-3 - USN-5376-1 fixed vulnerabilities in Git, some patches were missing to properly fix the issue. This update fixes the problem. 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands.
9d7d0de19b76529e6f6fc487733cbbfca809fd99e1398798824c69f44dd8bc66Trojan-Downloader.Win32.Agent malware suffers from an insecure permissions vulnerability.
ae8f3ba20d2bc86c8d5582c66c01389075677ff6a3c6b3d0b14a4c7de160bb24Red Hat Security Advisory 2022-1626-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.6 serves as a replacement for Red Hat AMQ Broker 7.8.5, and includes security and bug fixes, and enhancements.
cf23715c7a49b1b422a8dd3431c0faec96815dd29d9f97e6c4f6ca4a69adff20Backdoor.Win32.GF.j malware suffers from a remote command execution vulnerability.
b1a0b3788ebf3189fc9856839cbb6a4e7b4cb2713556227380bc4d05ab71f4a0Red Hat Security Advisory 2022-1627-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.9.4 serves as a replacement for Red Hat AMQ Broker 7.9.3, and includes security and bug fixes, and enhancements.
e7a268e7f07128928c027246058e455341baf0e5b1887f67be9e6741f0490effUbuntu Security Notice 5366-2 - USN-5366-1 fixed several vulnerabilities in FriBidi. This update provides the corresponding updates for Ubuntu 22.04 LTS. It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code.
5cf9dc1e7d716cd1a249fb1538d34458391878f7150a2b78505c68fe1b065014Red Hat Security Advisory 2022-1619-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a denial of service vulnerability.
507d396b68d53e2d0e4f376f9b0e14170cb7ccfa44aa7a787645d2e575356f85Backdoor.Win32.Cafeini.b malware suffers from a man-in-the-middle vulnerability.
6ea04b9be8a714b935c785d50f095eed0d536a8bdcc3b0eaaa74d588e9b19a41Red Hat Security Advisory 2022-1599-01 - The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux versions.
a2499ed7160013f1ee2e4c1a6adf10c535442893305554d50c0bc75a77cb7a1eUbuntu Security Notice 5390-1 - David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information.
bd2b4d4639a914ae1841189b40c77de561ecd56241b089b07005172c05226dffRed Hat Security Advisory 2022-1617-01 - The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux version.
b92c5c470253141d9dbd0cbf914e2b4ee25541ab54794b55abc514e26a866861Backdoor.Win32.Cafeini.b malware suffers from a hardcoded credential vulnerability.
74d97c59d1843d49d5346c7ce7c52a1e4b3dccd23ebe9e70b420b7da4561bcd4Red Hat Security Advisory 2022-1618-01 - The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux version.
be331d7bd79eccc07d4527053954333c185d7f14b5d07ed365eb50b655e8321bRed Hat Security Advisory 2022-1550-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.
7f5aa485e823f76744d9d8d8570200a07bf6a3de3fa6401208421b9e31d6cd66Red Hat Security Advisory 2022-1546-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
10138639163f878ed972fb49ef0f3a8004e8a728027c1114d9de149bb51da28aTrojan-Downloader.Win32.Small.ahlq malware suffers from an insecure permissions vulnerability.
350196a679952271a1b8644768524b4bf527b9e4f5ddeda4fe2c4c1f9b2934c4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed