exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

Files Date: 2022-05-13

Konica Minolta bizhub MFP Printer Terminal Sandbox Escape
Posted May 13, 2022
Authored by W. Schober, Johannes Kruchem | Site sec-consult.com

Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities.

tags | exploit, root, vulnerability
advisories | CVE-2022-29586, CVE-2022-29587, CVE-2022-29588
SHA-256 | 57e210f71bf42a3b11e36e7813fbbb82fccbd07555cd2d876285ea9c410da45c
Red Hat Security Advisory 2022-2236-01
Posted May 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2236-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-24070
SHA-256 | 5ba43fd966028b550bd0b0e32415a9ad193c6abc0e8f4051a4810a3133f63413
Red Hat Security Advisory 2022-1699-01
Posted May 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1699-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.50.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-4083, CVE-2022-0492, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21496, CVE-2022-24769, CVE-2022-25636
SHA-256 | fbbfbdf0a9151383c4fd51b75bed69402cdeb86e35b863354d293fba3587a9fd
Ubuntu Security Notice USN-5419-1
Posted May 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5419-1 - It was discovered that Rsyslog improperly handled certain invalid input. An attacker could use this issue to cause Rsyslog to crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-16881
SHA-256 | 9b932c5bd024a7f4d15dbe45fcd972c8a1508eba46c88889bb93109549ff87ae
Ubuntu Security Notice USN-5420-1
Posted May 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5420-1 - It was discovered that Vorbis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-14160
SHA-256 | a33060407453b19aa7187d7422d0a895fbe372f01e612751c0d342a6bec706ca
COOPER: Testing The Binding Code Of Scripting Languages With Cooperative Mutation
Posted May 13, 2022
Authored by Purui Su, Hong Hu, Yanhao Wang, Peng Xu | Site huhong789.github.io

Scripting languages like JavaScript are being integrated into commercial software to support easy file modification. For example, Adobe Acrobat accepts JavaScript to dynamically manipulate PDF files. To bridge the gap between the high-level scripts and the low-level languages (like C/C++) used to implement the software, a binding layer is necessary to transfer data and transform representations. However, due to the complexity of two sides, the binding code is prone to inconsistent semantics and security holes, which lead to severe vulnerabilities. Existing efforts for testing binding code merely focus on the script side, and thus miss bugs that require special program native inputs. In this paper, the researchers propose cooperative mutation, which modifies both the script code and the program native input to trigger bugs in binding code.

tags | paper, javascript, vulnerability
SHA-256 | 5f9d0ad09e9e62d12e246894db4172788cd3662fb32d618c99f88dda19d6b911
COOPER Analysis Tool
Posted May 13, 2022
Authored by Purui Su, Hong Hu, Yanhao Wang, Peng Xu | Site github.com

Cooper utilizes cooperative mutation to test the binding code of scripting languages to find memory-safe issues. Cooperative mutation simultaneously modifies the script code and the related document objects to explore various code paths of the binding code. To support cooperative mutation, the authors infer the relationship between script code and document objects to guide the two-dimensional mutation. They applied their tool Cooper on three popular commercial PDF tools, Adobe Acrobat, Foxit Reader, and Microsoft Word. Cooper detected 134 previously unknown bugs, which resulted in 33 CVE entries and 22K bug bounties.

tags | tool
systems | unix
SHA-256 | 2b1855049e54d63e476c65196cd445f22b388370ab838980e67d3919d5943a51
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close