exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files Date: 2023-07-13

Ubuntu Security Notice USN-6228-1
Posted Jul 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6228-1 - It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service. Wei Chen discovered that the InfiniBand RDMA communication manager implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-2124, CVE-2023-2176
SHA-256 | 8f8d865f126b85f6192802686006792982825aabae2c18b91344b0520edee04f
Ubuntu Security Notice USN-6227-1
Posted Jul 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6227-1 - Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service attacks, and arbitrary code execution.

tags | advisory, remote, denial of service, arbitrary, javascript, code execution
systems | linux, ubuntu
advisories | CVE-2023-37202
SHA-256 | f640fac519450266c1c770b5325b750304800d206c35f5e92462b3a60f72daed
pfSense Restore RRD Data Command Injection
Posted Jul 13, 2023
Authored by Emir Polat | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability in the "restore_rrddata()" function of pfSense prior to version 2.7.0 which allows an authenticated attacker with the "WebCfg - Diagnostics: Backup and Restore" privilege to execute arbitrary operating system commands as the "root" user. This module has been tested successfully on version 2.6.0-RELEASE.

tags | exploit, arbitrary, root
advisories | CVE-2023-27253
SHA-256 | aebb2b8cda994128d286f0b5a8a2c8b51efa5ec61f35fe1de15ab837e050e5a1
Wireshark Analyzer 4.0.7
Posted Jul 13, 2023
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: 2 vulnerabilities and 22 bugs have been fixed. Updated protocol support includes 9P, AMQP, BGP, CQL, DHCPFO, EAP, GlusterFS, GSM MAP, HTTP2, iSCSI, Kafka, Kerberos, NAN, NAS-5GS, OCP.1, OpenFlow 1.0, PDCP-NR, PEAP, PPPoE, RSL, RTCP, rtnetlink, and XMPP.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | a79f7b04cbff823e30452abf4bcb86773d8583eb62d5f71f16c09f019f8a8777
Ubuntu Security Notice USN-6226-1
Posted Jul 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6226-1 - It was discovered that SciPy did not properly manage memory operations during reference counting. An attacker could possibly use this issue to cause a denial of service. A use-after-free was discovered in SciPy when handling reference counts. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-25399, CVE-2023-29824
SHA-256 | 9d2dd1fa6cac4323e2fa67d03ab75e2f0c6c65f9af41d91cfb9e843b0eee55c2
Red Hat Security Advisory 2023-4071-01
Posted Jul 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4071-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.13.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208, CVE-2023-37211
SHA-256 | 415c9f57b0e965340a3db7f751a859273ccdc98c17b9a4f8ad95d01411be1e38
Red Hat Security Advisory 2023-4066-01
Posted Jul 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4066-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208, CVE-2023-37211
SHA-256 | 65df53a37c00390e86411c5ac0819ae395290de5b964807ad44432192f692613
Botan C++ Crypto Algorithms Library 3.1.1
Posted Jul 13, 2023
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Fixed two tests which were insufficiently serialized. This would cause sporadic test failures, particularly on machines with many cores.
tags | library
SHA-256 | 30c84fe919936a98fef5331f246c62aa2c0e4d2085b2d4511207f6a20afa3a6b
Ubuntu Security Notice USN-6225-1
Posted Jul 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6225-1 - It was discovered that Knot Resolver did not correctly handle certain client options. A remote attacker could send requests to malicious domains and cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-40188
SHA-256 | 8220e4a62a5327500b537f514d977f82276ff1c8308e60bf856fc2fd6cdd150a
Red Hat Security Advisory 2023-4062-01
Posted Jul 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4062-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208, CVE-2023-37211
SHA-256 | b6b913fba4587cad108af02878b1a02817ac40e8cb699ac334850662f5e3e1ff
BloodBank 1.0 Insecure Direct Object Reference
Posted Jul 13, 2023
Authored by indoushka

BloodBank version 1.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | 49470d99541f350858916b749302badf014dd973b92f8e2e73c67585b2537da0
Ubuntu Security Notice USN-6224-1
Posted Jul 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6224-1 - It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service. Wei Chen discovered that the InfiniBand RDMA communication manager implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-2124, CVE-2023-2176
SHA-256 | f593341af82820764290fe3e978ab346352c20e780a4e75238de18994e9a02e8
Red Hat Security Advisory 2023-4070-01
Posted Jul 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4070-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.13.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208, CVE-2023-37211
SHA-256 | acfc6011ff1533dde8175520fa8947e6f85d351be76f8e36ee4f52d88a0b8988
Bloly 1.3 Add Administrator
Posted Jul 13, 2023
Authored by indoushka

Bloly version 1.3 suffers from an add administrator vulnerability.

tags | exploit, add administrator
SHA-256 | a8d6a2e82d7525c317b78b6f2c58f326d2d746fcc375e7473b12fe832ea4cc1c
Red Hat Security Advisory 2023-4064-01
Posted Jul 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4064-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208, CVE-2023-37211
SHA-256 | 5d1968df27b56d1fa66930d04167ed39d72876a340081d1c13e3717dc0cd048e
Ubuntu Security Notice USN-6223-1
Posted Jul 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6223-1 - It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service. It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1670, CVE-2023-1859, CVE-2023-1998, CVE-2023-25012, CVE-2023-2985, CVE-2023-35788
SHA-256 | 6734417eac361fe013105bbc41e89886a385309d8bc7bdc98d05b21ba8977cd8
BKMobile CMS 1.5.0 SQL Injection
Posted Jul 13, 2023
Authored by indoushka

BKMobile CMS version 1.5.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 817cb279fd0f67796933e525ed7730badeb4b3e9a0e923001a4603ec42a86e0d
Red Hat Security Advisory 2023-4058-01
Posted Jul 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4058-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-33170
SHA-256 | 6492bd009a04e6e16595710053c2d611ef5fe922273eaa1c43bfa22a51e8ab3a
Red Hat Security Advisory 2023-4065-01
Posted Jul 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4065-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208, CVE-2023-37211
SHA-256 | defb74e67dceae8cd827500c34dea418d05ae8bf1290b92106f7fac52cd30147
Ubuntu Security Notice USN-6222-1
Posted Jul 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6222-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3108, CVE-2022-3707, CVE-2022-3903, CVE-2022-4129, CVE-2023-0458, CVE-2023-0459, CVE-2023-1073, CVE-2023-1074, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1118
SHA-256 | 94dbf49a52b22f22555588a1537c9f53427bb276aea89e1ea9e550c810bfd1d7
Ubuntu Security Notice USN-6221-1
Posted Jul 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6221-1 - It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that the virtual terminal device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-20321, CVE-2021-3753, CVE-2022-1184, CVE-2022-26373, CVE-2022-29901, CVE-2023-1990, CVE-2023-3111
SHA-256 | aad528fdb86e9bbeb6b879040fabb3eb8de4a6b4026eb87e0cb5da1c148cb4d8
Blogator Script 0.93 Insecure Settings
Posted Jul 13, 2023
Authored by indoushka

Blogator Script version 0.93 appears to leave default credentials installed after installation.

tags | exploit
SHA-256 | f4ba1f7c19926fbb767132bc8f10cd7d04f7c85da3aff64b4fac6348372312b2
Blackboard 2.0.2 Database Disclosure
Posted Jul 13, 2023
Authored by indoushka

Blackboard version 2.0.2 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 69cfd0715c11702d44f48382ee72a9c82a1e54680430fbedc52b9b31e7233b08
Red Hat Security Advisory 2023-4075-01
Posted Jul 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4075-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.13.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208, CVE-2023-37211
SHA-256 | 7fbd4c61fedb77c5903507aebcf08dcb3f3cb42370b7c1b04767d11d7d5d15b5
Red Hat Security Advisory 2023-4067-01
Posted Jul 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4067-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208, CVE-2023-37211
SHA-256 | 4c4d2056a439d1783d24796ce73369bd0648ddc9c9f231329ec2b38665f7f78e
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close