exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42,974 RSS Feed

Operating System: Linux

Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation
Posted Oct 5, 2022
Authored by h00die, Maher Azzouzi | Site metasploit.com

This Metasploit module exploits a command injection within Enlightenment's enlightenment_sys binary. This is done by calling the mount command and feeding it paths which meet all of the system requirements, but execute a specific path as well due to a semi-colon being used. This module was tested on Ubuntu 22.04.1 X64 Desktop with enlightenment 0.25.3-1 (current at module write time).

tags | exploit
systems | linux, ubuntu
advisories | CVE-2022-37706
SHA-256 | 2d952d42924466b709a23b5f40edb0a8dcb5cde23f8d5e429d729b94fe696986
Ubuntu Security Notice USN-5656-1
Posted Oct 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5656-1 - Joseph Yasi discovered that JACK incorrectly handled the closing of a socket in certain conditions. An attacker could potentially use this issue to cause a crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13351
SHA-256 | 2938b332ff341cbc2af61547c5eedcae82d7415cb363eb4869942690c23880f5
Red Hat Security Advisory 2022-6782-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6782-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-42392, CVE-2021-43797, CVE-2022-0084, CVE-2022-0225, CVE-2022-0866, CVE-2022-2256, CVE-2022-2668
SHA-256 | 3f148abf3e1d7783fdbb7b295faf665cc66091c74ed2574ed8bb517021defb68
Red Hat Security Advisory 2022-6777-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6777-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-41318
SHA-256 | a38afbfa72d96b4ed3b0bfcc500f4af4ca4981c420591e17fdb42ff269ee0db8
Red Hat Security Advisory 2022-6780-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6780-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 7317da340d674c2d8ce692b5b36244ed740f2c4167017da30464bb42c6caf71f
Red Hat Security Advisory 2022-6779-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6779-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 705f768a61d4f507cee20f3b3f7b33cc30f2db1fc918abd572a54071fc080846
Red Hat Security Advisory 2022-6778-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6778-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 781202c28e5a3d8289433d15b4535b9c6ca36818f40069d8c5b9f982d754b0ed
Red Hat Security Advisory 2022-6776-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6776-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-41318
SHA-256 | f5d39ae350312fb0b464023fc94711cbd49472f95446009488173fbcf8643c4d
Red Hat Security Advisory 2022-6774-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6774-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-41318
SHA-256 | d27ae77679f02fb0a2e0c9b04ec7ff5bc8d98118773d54e2faa74e9efd3b4cd2
Red Hat Security Advisory 2022-6775-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6775-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-41318
SHA-256 | cbad397e021455eccf78872f54eb02f133c168f7e386594ebd569fa42884637a
Red Hat Security Advisory 2022-6781-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6781-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-3080, CVE-2022-38177, CVE-2022-38178
SHA-256 | 4a082bb009ab8361bc3b0cc6e4d366ace8d79f220e2ab35018a9886dc46c6a63
Red Hat Security Advisory 2022-6787-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6787-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-42392, CVE-2021-43797, CVE-2022-0084, CVE-2022-0225, CVE-2022-0866, CVE-2022-2256, CVE-2022-2668
SHA-256 | 271756341073654fcee5cc794ed943b6caf607b6082cce3ac034db8a5cd1903a
Red Hat Security Advisory 2022-6783-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6783-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-42392, CVE-2021-43797, CVE-2022-0084, CVE-2022-0225, CVE-2022-0866, CVE-2022-2256, CVE-2022-2668
SHA-256 | c634291e814c5d71d9282254b7ea4a4726267ec9b38abf7abd26f66ed5f82571
Ubuntu Security Notice USN-5655-1
Posted Oct 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5655-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-2318, CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33743, CVE-2022-33744, CVE-2022-34494, CVE-2022-36946
SHA-256 | 3aaf61e627554b283ddaefe994cfe40ef2e17fd36cf71b9be833439e1bc03998
Ubuntu Security Notice USN-5654-1
Posted Oct 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5654-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-1729, CVE-2022-2503, CVE-2022-32296, CVE-2022-36946
SHA-256 | fcef8524d85c9359df4ccd3789bdc823a684d3646a9a354909cc72b92658548a
Ubuntu Security Notice USN-5614-2
Posted Oct 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5614-2 - USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3782
SHA-256 | 10e730b3dc2565c7df75f5b8c7912171f93bac717141d6b3dac8f64898adb02f
Ubuntu Security Notice USN-5651-2
Posted Oct 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5651-2 - USN-5651-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2022-40617
SHA-256 | 759a27511c8f487803c7aa104783c2c246c6fddf62edc3b8d14f204cff8a093e
Red Hat Security Advisory 2022-6763-01
Posted Oct 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6763-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-3080, CVE-2022-38177, CVE-2022-38178
SHA-256 | 90a7db70273f1bcf3f0dddfd37788d5e9c87a1b7559b29fdcbb1e860a02410b1
Ubuntu Security Notice USN-5651-1
Posted Oct 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5651-1 - Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2022-40617
SHA-256 | 307727d9f9df8f35a12cad1acef25cb191f668ed5401e4156a8ff7369ecdc831
Red Hat Security Advisory 2022-6764-01
Posted Oct 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6764-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 98299df0e775091d0cd425d53583bd53c962a02b6a59be2d5445c8a7d756d4e6
Ubuntu Security Notice USN-5653-1
Posted Oct 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5653-1 - Benjamin Balder Bach discovered that Django incorrectly handled certain internationalized URLs. A remote attacker could possibly use this issue to cause Django to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-41323
SHA-256 | 9243a60f7904a4b165533d79fb778a5eaf28db2dcb1af8c5196198b7945e326e
Ubuntu Security Notice USN-5652-1
Posted Oct 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5652-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-36946
SHA-256 | da237cf0c69ad0299d2d45386e0353a125c52434eb9c8e1c7b9ba1d5a9cfa13a
Red Hat Security Advisory 2022-6765-01
Posted Oct 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6765-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | c4fc34a4dbce658a7d6f43a15de99e7c144eb84230b265c294a7594060f9a520
Red Hat Security Advisory 2022-6766-01
Posted Oct 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6766-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include denial of service, information leakage, and open redirection vulnerabilities.

tags | advisory, denial of service, vulnerability, python
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2020-10735, CVE-2021-28861
SHA-256 | 47a2ab29057f9acc5a00ccedf39008056db417722a5523acfc41053f138f98b6
OpenSSH 9.1p1
Posted Oct 4, 2022
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release is focused on bug fixing. This release contains fixes for three minor memory safety problems. The portable OpenSSH project now signs commits and release tags using git's recent SSH signature support. 8 new features noted.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 19f85009c7e3e23787f0236fbb1578392ab4d4bf9f8ec5fe6bc1cd7e8bfdd288
Page 1 of 1,719
Back12345Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close