what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2023-03-17

Open Web Analytics 1.7.3 Remote Code Execution
Posted Mar 17, 2023
Authored by Jacob Ebben, Dennis Pfleger | Site metasploit.com

Open Web Analytics (OWA) versions prior to 1.7.4 allow an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes.

tags | exploit, remote, web
advisories | CVE-2022-24637
SHA-256 | f257222aebae82bd8174357b1116bd0d590938b4d5b592db27830a87036b04c1
Debian Security Advisory 5356-2
Posted Mar 17, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5356-2 - One of the security fixes released as DSA 5356 introduced a regression in the processing of specific WAV files. Updated sox packages are available to correct this issue.

tags | advisory
systems | linux, debian
SHA-256 | e1babfd23fbc696770c5e3ea11e225dd0d9ca59dab909793c30fb2526b1cfa4f
Shannon Baseband NrmmMsgCodec Intra-Object Overflow
Posted Mar 17, 2023
Authored by Ivan Fratric, Google Security Research

There is an intra-object overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the Service Area List message (IEI = 0x27).

tags | exploit, overflow, protocol
advisories | CVE-2023-26075
SHA-256 | ca27ff3f40a5cef1422ff326c82c6ac37d4d2a24ac33342144bc8a5c84aa2848
Ubuntu Security Notice USN-5959-1
Posted Mar 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5959-1 - It was discovered that Kerberos incorrectly handled memory when processing KDC data, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or have other unspecified impacts.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-36222
SHA-256 | d9f3d92945cbc3be219bd04ebd7aac3aa31d1cac83d0d62d9ee82f4e45c4d1b0
Riello UPS Restricted Shell Bypass
Posted Mar 17, 2023
Authored by Ricardo Jose Ruiz Fernandez

Riello UPS systems can have their restricted configuration shell bypassed to gain full underlying operating system access.

tags | exploit, shell, bypass
SHA-256 | 6ef7e8370834a1f65507385ad2f9fb981e57f39aa18bf52ca3a727aaa3955839
Ubuntu Security Notice USN-5962-1
Posted Mar 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5962-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-3169, CVE-2022-3344, CVE-2022-3435, CVE-2022-3521, CVE-2022-3545, CVE-2022-4139, CVE-2022-4379, CVE-2022-45869, CVE-2022-47518, CVE-2022-47519, CVE-2022-47520, CVE-2022-47521, CVE-2023-0179, CVE-2023-0461
SHA-256 | 564ea90f0a9cb872d9edcccc127c68905719afec80e7f2bbba3ccb3fe0d567d9
Shannon Baseband NrmmMsgCodec Access Category Definitions Heap Buffer Overflow
Posted Mar 17, 2023
Authored by Ivan Fratric, Google Security Research

There is a heap buffer overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the Operator-defined access category definitions message (IEI = 0x76).

tags | exploit, overflow, protocol
advisories | CVE-2023-26074
SHA-256 | 0d9b32ed9b931576486f7e7630f9b8e393f008ff2bccc77a8e30f84a45f1e0f0
BSidesLjubljana 2023 Call For Papers
Posted Mar 17, 2023
Site 0x7e7.bsidesljubljana.si

B-Sides Ljubljana will be held June 16, 2023 in Ljubljana, Slovenia.

tags | paper, conference
SHA-256 | a8a7fd33b3af62a91c8455b5929954ee7b0ebda0b1976fcd6027df433714ce33
Debian Security Advisory 5375-1
Posted Mar 17, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5375-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or spoofing.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, debian
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 943bb672c5f5a142c518592167667218e9e53d058b0660c6d0458c7636cb77ca
Shannon Baseband NrmmMsgCodec Extended Emergency Number List Heap Buffer Overflow
Posted Mar 17, 2023
Authored by Ivan Fratric, Google Security Research

There is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the "Extended emergency number list" message (IEI = 0x7A).

tags | exploit, overflow, protocol
advisories | CVE-2023-26073
SHA-256 | ba04bb179ad4db118c637bfe6c329d2d3ebef7e310034bd5a8af11fa0123adc3
Ubuntu Security Notice USN-5961-1
Posted Mar 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5961-1 - It was discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Chiba of Topsec Alpha Lab discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10753, CVE-2021-32435
SHA-256 | b2dd20769972bbb693dff57a5249e0e6efe673b60728f67b614a4ce8f92ba882
Shannon Baseband NrmmMsgCodec Emergency Number List Heap Buffer Overflow
Posted Mar 17, 2023
Authored by Ivan Fratric, Google Security Research

There is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the "Emergency number list" message (IEI = 0x34).

tags | exploit, overflow, protocol
advisories | CVE-2023-26072
SHA-256 | ff7c534a4bbc11dc3cd3ac7fb2571e8b2fc9cddf789fa05fff2fc30be17f2aca
Microsoft User Account Control Nuances
Posted Mar 17, 2023
Authored by Stefan Kanthak

This write up is an overview of how Microsoft's attempts to manage elevated access to executables via registry entries has added over complexity that still allows for escalation.

tags | advisory, registry
SHA-256 | b1516a79355be52fa5902480223a989e031dabbe42f666f261b68eb25bbb8331
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close