exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2022-08-24

Zimbra Zip Path Traversal
Posted Aug 24, 2022
Authored by Ron Bowes, Volexity Threat Research, Yang_99s Nest | Site metasploit.com

This Metasploit module POSTs a ZIP file containing path traversal characters to the administrator interface for Zimbra Collaboration Suite. If successful, it plants a JSP-based backdoor within the web directory, then executes it. The core vulnerability is a path traversal issue in Zimbra Collaboration Suite's ZIP implementation that can result in the extraction of an arbitrary file to an arbitrary location on the host. This issue is exploitable on Zimbra Collaboration Suite Network Edition versions 9.0.0 Patch 23 and below as well as Zimbra Collaboration Suite Network Edition versions 8.8.15 Patch 30 and below.

tags | exploit, web, arbitrary
advisories | CVE-2022-27925, CVE-2022-37042
SHA-256 | d58f4c7d7dbb0ee3b34e5a5a98ecaa59aa1118d324973a875b3ee85a53d569d4
MIMEDefang Email Scanner 3.1
Posted Aug 24, 2022
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: A couple minor updates since the last release related to making more subs public and making md_authres headers parsable by Mail::DKIM versions 0.54 and below.
tags | tool
systems | windows, unix
SHA-256 | d0ce122a07a1792b3fba2feec8754c8624adc69af470f80f94a922d4346a9492
Ubuntu Security Notice USN-5578-1
Posted Aug 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5578-1 - It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine.

tags | advisory, root
systems | linux, ubuntu
advisories | CVE-2022-31676
SHA-256 | e367e2be317ae85a411eba17b71e309ef23883ae27447b892248c269ff0fc124
Ubuntu Security Notice USN-5576-1
Posted Aug 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5576-1 - It was discovered that Twisted incorrectly parsed some types of HTTP requests in its web server implementation. In certain proxy or multi-server configurations, a remote attacker could craft malicious HTTP requests in order to obtain sensitive information.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2022-24801
SHA-256 | 48a2aea1851b3f3b855909398651009b8f629d1f9834c8a4ee11c9214fb877ff
Ubuntu Security Notice USN-5577-1
Posted Aug 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5577-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33061, CVE-2021-33655
SHA-256 | 69d4360a8ebb8a22d9a2566544e9b78759027def50510b4fc09d1f602ebd8651
Red Hat Security Advisory 2022-6094-01
Posted Aug 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6094-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.28.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-23773, CVE-2022-23806, CVE-2022-24675, CVE-2022-28327
SHA-256 | 25d7a159d802aef017a9207fd1131dff0755aaad3bb8c005a5117526d9b4db18
Red Hat Security Advisory 2022-6102-01
Posted Aug 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6102-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-30629
SHA-256 | 8fc0a4054a5943fc370cc82bf01af9b797ac28ba785f04bf3ca89a2d812e610c
Red Hat Security Advisory 2022-6103-01
Posted Aug 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6103-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1012, CVE-2022-1292, CVE-2022-1586, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-30629, CVE-2022-30631, CVE-2022-32250
SHA-256 | 9ed4a54b3aed43ac3112247709b1be7d05294778451baf8ae63150805dcdde86
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close