exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2021-07-27 to 2021-07-28

Ubuntu Security Notice USN-5023-1
Posted Jul 27, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5023-1 - It was discovered that Aspell incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-25051
SHA-256 | 156bc1c098663f9088bc5c9b80c634b1d8421bedcb765fe98e6cf34acbf961fa
Red Hat Security Advisory 2021-2914-01
Posted Jul 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2914-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547
SHA-256 | 4749a8dac7c32bbf30a18979d2fb85f48edd20feb6f2a9937618408bebf6b369
Jira Ehcache RMI Missing Authentication
Posted Jul 27, 2021
Authored by Atlassian

Jira Data Center, Jira Core Data Center, Jira Software Data Center, and Jira Service Management Data Center exposed a Ehcache RMI network service which attackers, who can connect to the service, on port 40001 and potentially 40011, could execute arbitrary code of their choice in Jira through deserialization due to a missing authentication vulnerability. While Atlassian strongly suggests restricting access to the Ehcache ports to only Data Center instances, fixed versions of Jira will now require a shared secret in order to allow access to the Ehcache service. Various versions of Jira Data Center, Jira Core Data Center, Jira Software Data Center, and Jira Service Management Data Center are affected.

tags | advisory, arbitrary
advisories | CVE-2020-36239
SHA-256 | 1d1e7afd06b6338674555bdc5902d12019ece6717146ea1deddafa1c4ec2dfff
Red Hat Security Advisory 2021-2763-01
Posted Jul 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2763-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Ansible is a SSH-based configuration management, deployment, and task execution system. The openshift-ansible packages contain Ansible code and playbooks for installing and upgrading OpenShift Container Platform 3.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-33909, CVE-2021-33910
SHA-256 | dd5bf4b47619cb7cf6a4d8e1c487c6dc69a9bf1975a74bdb6e734c3924fcf545
PHP 7.3.15-3 PHP_SESSION_UPLOAD_PROGRESS Session Data Injection
Posted Jul 27, 2021
Authored by Faisal Alhadlaq

PHP version 7.3.15-3 suffers from a PHP_SESSION_UPLOAD_PROGRESS session data injection vulnerability.

tags | exploit, php
SHA-256 | 0d7b754de6ea28230085a820164b59d8636ad39721aaac177baa5ce7b9713c5d
WordPress Social Warfare 3.5.2 Remote Code Execution
Posted Jul 27, 2021
Authored by Raed Ahsan

WordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019.

tags | exploit, remote, code execution
advisories | CVE-2019-9978
SHA-256 | b785ce9bbb7301394cd05d0cd3354c1e425e2b69c30d276978e785ec476f8252
Ubuntu Security Notice USN-5022-1
Posted Jul 27, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5022-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.26 in Ubuntu 20.04 LTS and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-2339, CVE-2021-2354, CVE-2021-2370, CVE-2021-2384, CVE-2021-2390, CVE-2021-2417, CVE-2021-2425, CVE-2021-2437
SHA-256 | cb94354dd5f73441e1f7bbee5d5add0d9286fbf64dba06f3c307de072e01fa92
Exploiting PHP_SESSION_UPLOAD_PROGRESS
Posted Jul 27, 2021
Authored by Faisal Alhadlaq

This whitepaper discusses chain session upload progress to remote code execution when taking advantage of local file inclusion.

tags | paper, remote, local, code execution, file inclusion
SHA-256 | 3c9df4f24a784d6c632f742ca3902c18462336b6f1ee4031041e932d800f8a5d
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close