exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files Date: 2023-02-06

Debian Security Advisory 5339-1
Posted Feb 6, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5339-1 - Ikeda Soji reported that libhtml-stripscripts-perl, a Perl module for removing scripts from HTML, is prone to a regular expression denial of service, due to catastrophic backtracking for HTML content with specially crafted style attributes.

tags | advisory, denial of service, perl
systems | linux, debian
advisories | CVE-2023-24038
SHA-256 | bf8cb8b66ff079009ce37d09bcafe99b7218495bbb1c7dae58b492f0c5bb6b15
Apache Tomcat On Ubuntu Log Init Privilege Escalation
Posted Feb 6, 2023
Authored by h00die, Dawid Golunski | Site metasploit.com

This Metasploit module targets a vulnerability in Tomcat versions 6, 7, and 8 on Debian-based distributions where these older versions provide a vulnerable tomcat init script that allows local attackers who have already gained access to the tomcat account to escalate their privileges from the tomcat user to root and fully compromise the target system.

tags | exploit, local, root
systems | linux, debian
advisories | CVE-2016-1240
SHA-256 | 0ac41921eb75c8008e9f94786db836a9f76e614d54c6925c606eecf1de5fb188
Ubuntu Security Notice USN-5842-1
Posted Feb 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5842-1 - Mark Esler and David Fernandez Gonzalez discovered that EditorConfig Core C incorrectly handled memory when handling certain inputs. An attacker could possibly use this issue to cause applications using EditorConfig Core C to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-0341
SHA-256 | 91d72bd30044e467e8564947c64ad93c38ac37b57cd995da0d690e3fe2408a28
Android Binder VMA Management Security Issues
Posted Feb 6, 2023
Authored by Jann Horn, Google Security Research

Android Binder VMA management suffers from multiple security issues.

tags | exploit
advisories | CVE-2023-20928
SHA-256 | ab667a607662e113616863f74924dec25552f0f3627b28b830dcd1cef1dc0df9
GNUnet P2P Framework 0.19.3
Posted Feb 6, 2023
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: This is a bugfix release for gnunet 0.19.2. It now detects MySQL's strange, version-dependent my_bool type on configure. Added pkg-config definitions for gnunet messenger.
tags | tool, web, udp, tcp, peer2peer
systems | unix
SHA-256 | 82b7d5fe12d481387c37d2fbf032bb605c2e4d5976079a1947943243e5ba7a25
Ubuntu Security Notice USN-5824-1
Posted Feb 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5824-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-45403, CVE-2022-45405, CVE-2022-45406, CVE-2022-45408, CVE-2022-45410, CVE-2022-45411, CVE-2022-45412, CVE-2022-45414, CVE-2022-45416, CVE-2022-45420, CVE-2022-45421, CVE-2022-46871, CVE-2022-46872, CVE-2022-46874
SHA-256 | 81782ffc0ab62b78ae676ec823ae25c5a4f536fbe51970837da19909f9a4ca01
Windows Kernel Registry Virtualization Memory Corruption
Posted Feb 6, 2023
Authored by Google Security Research, mjurczyk

Microsoft Windows suffers from a kernel memory corruption due to an insufficient handling of predefined keys in registry virtualization.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-21675
SHA-256 | ded3419927998aaa3da4fea3f80263227d729920c448e2a3cf6f50b41f8c867d
Ubuntu Security Notice USN-5825-2
Posted Feb 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5825-2 - USN-5825-1 fixed vulnerabilities in PAM. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. It was discovered that PAM did not correctly restrict login from an IP address that is not resolvable via DNS. An attacker could possibly use this issue to bypass authentication.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-28321
SHA-256 | 7f177f2fcd2276c915de560cfcdaae5a44f2f39f4cf639638eb1f5c64b2cd35b
Ubuntu Security Notice USN-5816-2
Posted Feb 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5816-2 - USN-5816-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Tom Schuster discovered that Firefox was not performing a validation check on GTK drag data. An attacker could potentially exploits this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-23597, CVE-2023-23598, CVE-2023-23599, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23604, CVE-2023-23606
SHA-256 | ac080c4b3790efbaf876e4fa1ba3505424a80943ca230f29f3ed885731cb5053
Page 1 of 1

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By