exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-09-15 to 2020-09-16

ModSecurity 3.0.x Denial Of Service
Posted Sep 15, 2020
Authored by Christian Folini

ModSecurity version 3.0.x suffers from a denial of service vulnerability due to the handling of regular expression matching. ModSecurity version 3.0.x is affected by a denial of service vulnerability due to the global matching of regular expressions. The combination of a non-anchored regular expression and the ModSecurity capture action can be exploited via a specially crafted payload.

tags | advisory, denial of service
advisories | CVE-2020-15598
MD5 | 6c7a24af5770f5587eb8f7c4b25d2b7b
Ubuntu Security Notice USN-4500-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4500-1 - It was discovered that bsdiff mishandled certain input. If a user were tricked into opening a malicious file, an attacker could cause bsdiff to crash or potentially execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9862
MD5 | b37913b8d4b9440c2789a61ad4522b28
Ubuntu Security Notice USN-4498-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4498-1 - It was discovered that Loofah does not properly sanitize JavaScript in sanitized output. An attacker could possibly use this issue to perform XSS attacks.

tags | advisory, javascript
systems | linux, ubuntu
advisories | CVE-2019-15587
MD5 | 6eac9fcb798ddbf5f49ddfe1d19dc45c
Ubuntu Security Notice USN-4499-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4499-1 - It was discovered that MilkyTracker did not properly handle certain input. If a user were tricked into opening a malicious file, an attacker could cause MilkyTracker to crash or potentially execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14464
MD5 | e199f72f3bebcdbbe13c21e7f3ec3cd6
Ubuntu Security Notice USN-4497-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4497-1 - It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJPEG did not properly handle certain input. If OpenJPEG were supplied with specially crafted input, it could be made to crash or potentially execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9112, CVE-2019-12973
MD5 | 0a7348f18700c4718d1a51b1ec948ec8
Red Hat Security Advisory 2020-3757-01
Posted Sep 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3757-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-2911, CVE-2019-2914, CVE-2019-2938, CVE-2019-2946, CVE-2019-2957, CVE-2019-2960, CVE-2019-2963, CVE-2019-2966, CVE-2019-2967, CVE-2019-2968, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2993, CVE-2019-2997, CVE-2019-2998, CVE-2019-3004, CVE-2019-3009, CVE-2019-3011, CVE-2019-3018, CVE-2020-14539, CVE-2020-14540, CVE-2020-14547, CVE-2020-14550, CVE-2020-14553, CVE-2020-14559, CVE-2020-14567, CVE-2020-14568
MD5 | ef33d3bffba1c042279589f0163fa985
Ubuntu Security Notice USN-4496-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4496-1 - It was discovered that Apache XML-RPC does not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-17570
MD5 | 6330c73db46444a7913ad3b866d1ff4e
TOR Virtual Network Tunneling Tool 0.4.4.5
Posted Sep 15, 2020
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.4.4.5 is the first stable release in the 0.4.4.x series. This series improves their guard selection algorithms, adds v3 onion balance support, improves the amount of code that can be disabled when running without relay support, and includes numerous small bugfixes and enhancements. It also lays the ground for some IPv6 features that they will be developing more in the next (0.4.5) series.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | b061b7c4ce6102fb7c800b73c8573388
ThinkAdmin 6 Arbitrary File Read
Posted Sep 15, 2020
Authored by Hzllaga

ThinkAdmin version 6 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
advisories | CVE-2020-25540
MD5 | 32b0ce662805c15820a8b2d9289a212c
Tailor MS 1.0 Cross Site Scripting
Posted Sep 15, 2020
Authored by Bobby Cooke, hyd3sec

Tailor MS version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8b140ec9d3e79e50039c0fd163119144
Red Hat Security Advisory 2020-3756-01
Posted Sep 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3756-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2020-14352
MD5 | bf3a03b4d04b542c9043752ed62c5771
Red Hat Security Advisory 2020-3755-01
Posted Sep 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3755-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-2911, CVE-2019-2914, CVE-2019-2938, CVE-2019-2946, CVE-2019-2957, CVE-2019-2960, CVE-2019-2963, CVE-2019-2966, CVE-2019-2967, CVE-2019-2968, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2993, CVE-2019-2997, CVE-2019-2998, CVE-2019-3004, CVE-2019-3009, CVE-2019-3011, CVE-2019-3018, CVE-2020-14539, CVE-2020-14540, CVE-2020-14547, CVE-2020-14550, CVE-2020-14553, CVE-2020-14559, CVE-2020-14567, CVE-2020-14568
MD5 | acc9e0bafdd5eaba631d78f65d83bace
Ubuntu Security Notice USN-4495-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4495-1 - It was discovered that Apache Log4j does not properly deserialize untrusted data. An attacker could possibly use this issue to remotely execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-17571
MD5 | 49cf86003e5792eeed93a708ed87ef5d
Ubuntu Security Notice USN-4494-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4494-1 - It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-12695
MD5 | 9812b5ed9d7cae11c7449b6333755453
Red Hat Security Advisory 2020-3749-01
Posted Sep 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3749-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2020-14352
MD5 | 40afcd514e9c1921f23619338125d10f
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close