what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2021-07-27 to 2021-07-28

Ubuntu Security Notice USN-5023-1
Posted Jul 27, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5023-1 - It was discovered that Aspell incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-25051
SHA-256 | 156bc1c098663f9088bc5c9b80c634b1d8421bedcb765fe98e6cf34acbf961fa
Red Hat Security Advisory 2021-2914-01
Posted Jul 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2914-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547
SHA-256 | 4749a8dac7c32bbf30a18979d2fb85f48edd20feb6f2a9937618408bebf6b369
Jira Ehcache RMI Missing Authentication
Posted Jul 27, 2021
Authored by Atlassian

Jira Data Center, Jira Core Data Center, Jira Software Data Center, and Jira Service Management Data Center exposed a Ehcache RMI network service which attackers, who can connect to the service, on port 40001 and potentially 40011, could execute arbitrary code of their choice in Jira through deserialization due to a missing authentication vulnerability. While Atlassian strongly suggests restricting access to the Ehcache ports to only Data Center instances, fixed versions of Jira will now require a shared secret in order to allow access to the Ehcache service. Various versions of Jira Data Center, Jira Core Data Center, Jira Software Data Center, and Jira Service Management Data Center are affected.

tags | advisory, arbitrary
advisories | CVE-2020-36239
SHA-256 | 1d1e7afd06b6338674555bdc5902d12019ece6717146ea1deddafa1c4ec2dfff
Red Hat Security Advisory 2021-2763-01
Posted Jul 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2763-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Ansible is a SSH-based configuration management, deployment, and task execution system. The openshift-ansible packages contain Ansible code and playbooks for installing and upgrading OpenShift Container Platform 3.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-33909, CVE-2021-33910
SHA-256 | dd5bf4b47619cb7cf6a4d8e1c487c6dc69a9bf1975a74bdb6e734c3924fcf545
PHP 7.3.15-3 PHP_SESSION_UPLOAD_PROGRESS Session Data Injection
Posted Jul 27, 2021
Authored by Faisal Alhadlaq

PHP version 7.3.15-3 suffers from a PHP_SESSION_UPLOAD_PROGRESS session data injection vulnerability.

tags | exploit, php
SHA-256 | 0d7b754de6ea28230085a820164b59d8636ad39721aaac177baa5ce7b9713c5d
WordPress Social Warfare 3.5.2 Remote Code Execution
Posted Jul 27, 2021
Authored by Raed Ahsan

WordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019.

tags | exploit, remote, code execution
advisories | CVE-2019-9978
SHA-256 | b785ce9bbb7301394cd05d0cd3354c1e425e2b69c30d276978e785ec476f8252
Ubuntu Security Notice USN-5022-1
Posted Jul 27, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5022-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.26 in Ubuntu 20.04 LTS and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-2339, CVE-2021-2354, CVE-2021-2370, CVE-2021-2384, CVE-2021-2390, CVE-2021-2417, CVE-2021-2425, CVE-2021-2437
SHA-256 | cb94354dd5f73441e1f7bbee5d5add0d9286fbf64dba06f3c307de072e01fa92
Exploiting PHP_SESSION_UPLOAD_PROGRESS
Posted Jul 27, 2021
Authored by Faisal Alhadlaq

This whitepaper discusses chain session upload progress to remote code execution when taking advantage of local file inclusion.

tags | paper, remote, local, code execution, file inclusion
SHA-256 | 3c9df4f24a784d6c632f742ca3902c18462336b6f1ee4031041e932d800f8a5d
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close