exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 201 - 219 of 219 RSS Feed

Files Date: 2023-11-13 to 2023-11-14

Red Hat Security Advisory 2023-6128-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6128-01 - Red Hat OpenShift Container Platform release 4.12.41 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-5625
SHA-256 | c5abc4195a2e27672709038c69162ac8c6a18aaa3b3d54343d762777e6c43359
Red Hat Security Advisory 2023-6126-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6126-01 - Red Hat OpenShift Container Platform release 4.12.41 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-39325
SHA-256 | 33e4066b9dddf885244a8521110e339542272b5046add8ec1e46667947c8474f
Red Hat Security Advisory 2023-6125-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6125-01 - Red Hat OpenShift Container Platform release 4.12.41 is now available with updates to packages and images that fix several bugs.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-39325
SHA-256 | 443d1cc86e932af73569356064831c9a268be25e952f55e6bf1b18b603abe4a0
Red Hat Security Advisory 2023-5993-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5993-01 - An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-40217
SHA-256 | 18077809e6aad0578775c9c33434fe720964e55eb3e44ca783d877de07212561
Red Hat Security Advisory 2023-5990-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5990-01 - An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-40217
SHA-256 | 097c258c87b42b84394f60a3c315752fd3ae145aa4c09de613e226b540dba6e1
Red Hat Security Advisory 2023-5009-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5009-01 - Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include cross site scripting, denial of service, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2022-27664
SHA-256 | 4bd9d418ca1afc7dd7c2b633e9f732c5af874c8c5edcc0d61332275d793b24ac
Red Hat Security Advisory 2023-5008-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5008-01 - Red Hat build of MicroShift release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-1260
SHA-256 | 9fefbbf9e065b70581393b4186f06f86947608476662c3f80f679d3d2e79198e
Red Hat Security Advisory 2023-5007-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5007-01 - Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2021-20329
SHA-256 | 53110c227a6abebd28980c3b2fe32f22c0e8a82ba376add71f3ea141adb3909c
Red Hat Security Advisory 2023-5005-02
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5005-02 - Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-39325
SHA-256 | 06b7029d2336493b31693127311f24180e8dcb54ccdd80d55daa12944a58fd12
Red Hat Security Advisory 2023-3367-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3367-01 - Red Hat OpenShift Container Platform release 4.13.2 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-41723
SHA-256 | 418331edc6acd70c12caf03817f3d39696ead58c5080850945ff5f3c51981c40
Red Hat Security Advisory 2023-2135-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2135-01 - An update is now available for Red Hat Process Automation Manager. Issues addressed include server-side request forgery and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2022-3782
SHA-256 | cfef97f452f1b0eab2669e8cae7ec9cd2e617e713b4848b57b53c2e809676515
Red Hat Security Advisory 2023-1334-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1334-01 - An update is now available for Red Hat Process Automation Manager. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2017-12629
SHA-256 | 42178efe060122383f4782f9f40b034b23d506a17432553a6f56bdfe831f11c0
Ubuntu Security Notice USN-6464-1
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6464-1 - Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31083, CVE-2023-3772, CVE-2023-38430, CVE-2023-38432, CVE-2023-3863, CVE-2023-3865, CVE-2023-3866, CVE-2023-3867, CVE-2023-4132, CVE-2023-4134, CVE-2023-44466
SHA-256 | 5d36859870429796a0315a6b5f9275dba8f9003e640e3bff729044abb499c962
EnBw SENEC Legacy Storage Box Information Disclosure
Posted Nov 13, 2023
Authored by Ph0s, R0ckE7

EnBw SENEC Legacy Storage Box versions 1 through 3 suffer from a log disclosure vulnerability.

tags | exploit
advisories | CVE-2023-39168
SHA-256 | ade31f04954509943d85a27a7b0ba57f107f53a58f2a7b407c2bd4f0697e21e4
Ubuntu Security Notice USN-6462-1
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6462-1 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-0597, CVE-2023-31083, CVE-2023-3772, CVE-2023-4132
SHA-256 | e35c00e54afdaf6fa41cf3726741036ae7a9fc376ca95ccc4451805eb74ea686
Ubuntu Security Notice USN-6461-1
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6461-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31085, CVE-2023-34324, CVE-2023-39189, CVE-2023-4244, CVE-2023-42754, CVE-2023-4921, CVE-2023-5345
SHA-256 | f8740a5eb1f34579bfa81fa7e581cd1a70b404dfe0f903ddc342a4642aaedf3f
Ubuntu Security Notice USN-6463-1
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6463-1 - It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker Guest Operations privileges could possibly use this issue to escalate privileges. Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A local attacker could possibly use this issue to hijack /dev/uinput and simulate user inputs.

tags | advisory, remote, local
systems | linux, ubuntu
advisories | CVE-2023-34058, CVE-2023-34059
SHA-256 | a4da15fc219bf81c75561d0fc1ba953d4a02dafa38a0ac2d8968573aed6c9a0c
Ubuntu Security Notice USN-6453-2
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6453-2 - USN-6453-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-5367, CVE-2023-5380
SHA-256 | 89f1be48ed5cce8b06a6488cd2af46b1ad1433239e258f605714fac81856c050
Passive SSH Key Compromise Via Lattices
Posted Nov 13, 2023
Authored by Nadia Heninger, Keegan Ryan, Kaiwen He, George Arnold Sullivan

This whitepaper demonstrates that a passive network attacker can opportunistically obtain private RSA host keys from an SSH server that experiences a naturally arising fault during signature computation. In prior work, this was not believed to be possible for the SSH protocol because the signature included information like the shared Diffie-Hellman secret that would not be available to a passive network observer. The paper shows that for the signature parameters commonly in use for SSH, there is an efficient lattice attack to recover the private key in case of a signature fault. The authors provide a security analysis of the SSH, IKEv1, and IKEv2 protocols in this scenario, and use their attack to discover hundreds of compromised keys in the wild from several independently vulnerable implementations.

tags | paper, cryptography, protocol
SHA-256 | 481aab67e2963f899f4d0981c2be3f03e3ff14965119cb78e929b36c27b58597
Page 9 of 9
Back56789Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close