what you don't know can hurt you
Showing 1 - 25 of 683 RSS Feed

Operating System: Mac OS X

Red Hat Security Advisory 2022-0896-01
Posted Mar 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0896-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat, osx
advisories | CVE-2021-3999, CVE-2022-23218, CVE-2022-23219
SHA-256 | 94618bd1923ee16e9583843b26014c8d1ab90b9651bcd564e5b4ba54a6d69eef
Red Hat Security Advisory 2021-4358-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4358-03 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2021-27645, CVE-2021-33574, CVE-2021-35942
SHA-256 | 16dc38d5ed172ddc59367e5e6576ecbccd33c10e1ecf8067de90c8efc671ea91
Red Hat Security Advisory 2021-3315-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3315-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat, osx
advisories | CVE-2020-10029, CVE-2020-29573
SHA-256 | d8b0fd5d91f75085817be3fa427135ce7dc03a86a7f7db61d372bea0b8dc1b67
Red Hat Security Advisory 2021-2998-01
Posted Aug 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2998-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat, osx
advisories | CVE-2020-10029, CVE-2020-29573
SHA-256 | f7fbd1ef46d16b5fecfa79230fbbc15a0895a7ad0c1c0046d498521d421355d0
Red Hat Security Advisory 2021-2813-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2813-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat, osx
advisories | CVE-2020-29573
SHA-256 | 6e2f08f13b0c0650452f1425202f7cd20cc874085bbe98b1854221c5da493431
Red Hat Security Advisory 2021-1585-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1585-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2016-10228, CVE-2019-25013, CVE-2019-9169, CVE-2020-27618, CVE-2021-3326
SHA-256 | 7af8433f99ee9ccb11d01bf9304070a6478ae2e39b94a2a4c098bf8fabd749f0
Ubuntu Security Notice USN-4954-1
Posted May 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4954-1 - Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the POSIX regex implementation in the GNU C Library did not properly parse alternatives. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, osx, ubuntu
advisories | CVE-2009-5155, CVE-2020-6096
SHA-256 | 0d97bdfb094448b62a9b461045f71712af4a4388f17038f2bff95ef14f66f9a8
Nagios XI 5.7.3 Remote Code Execution
Posted Apr 21, 2021
Authored by Chris Lyne, Erik Wynter | Site metasploit.com

This Metasploit module exploits an OS command injection vulnerability in includes/components/nxti/index.php that enables an authenticated user with admin privileges to achieve remote code execution as the apache user. Valid credentials for a Nagios XI admin user are required. This module has been successfully tested against Nagios XI 5.7.3 running on CentOS 7.

tags | exploit, remote, php, code execution
systems | linux, osx, centos
advisories | CVE-2020-5792
SHA-256 | 02c732ecdeb46edeb55c3d07feeea7f934380ef9d317001de2070079b9dae17d
Nagios XI Remote Code Execution
Posted Apr 15, 2021
Authored by Haboob Team, Erik Wynter | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the /admin/monitoringplugins.php page of Nagios XI versions prior to 5.8.0 when uploading plugins. Successful exploitation allows an authenticated admin user to achieve remote code execution as the apache user by uploading a malicious plugin. Valid credentials for a Nagios XI admin user are required. This module has been successfully tested against Nagios versions XI 5.3.0 and 5.7.5, both running on CentOS 7.

tags | exploit, remote, php, code execution
systems | linux, osx, centos
advisories | CVE-2020-35578
SHA-256 | 1c6d22c62a86e7b5f3dedccebd30589cc4a30d490a6e2f222d47174bbda1bf57
Nagios XI getprofile.sh Remote Command Execution
Posted Apr 14, 2021
Authored by Erik Wynter, Jak Gibb | Site metasploit.com

This Metasploit module exploits a vulnerability in the getprofile.sh script of Nagios XI versions prior to 5.6.6 in order to upload a malicious check_ping plugin and thereby execute arbitrary commands. For Nagios XI 5.2.0 through 5.4.13, the commands are run as the nagios user. For versions 5.5.0 through 5.6.5, the commands are run as root. Note that versions prior to 5.2.0 will still be marked as being vulnerable however this module does not presently support exploiting these targets. The module uploads a malicious check_ping plugin to the Nagios XI server via /admin/monitoringplugins.php and then executes this plugin by issuing a HTTP GET request to download a system profile from the server. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. This may not work if Nagios XI is running in a restricted Unix environment, so in that case the target must be set to Linux (cmd). The module then writes the payload to the malicious plugin while avoiding commands that may not be supported. Valid credentials for a user with administrative privileges are required. This module was successfully tested on Nagios XI 5.3.0 and Nagios 5.6.5, both running on CentOS 7. For vulnerable versions before 5.5.0, it may take a significant amount of time for the payload to get back (up to 5 minutes). If exploitation fails against an older system, it is recommended to increase the WfsDelay setting (default is 300 seconds).

tags | exploit, web, arbitrary, root, php
systems | linux, unix, osx, centos
advisories | CVE-2019-15949
SHA-256 | e333bc1f3434e1dcf5429b3717a70090c1f771194a0104e33385aa561adb6f05
Red Hat Security Advisory 2021-0348-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0348-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include buffer over-read and buffer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat, osx
advisories | CVE-2019-25013, CVE-2020-10029, CVE-2020-29573
SHA-256 | cef81ff8ec4257da6fdec58d2191db6724579fef2efd89b47732b8c23ece742a
Red Hat Security Advisory 2020-5351-01
Posted Dec 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5351-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | d01e435eb049222a5e9c647d82b2617a240ba72ada4c072e36979a234b1d5095
Red Hat Security Advisory 2020-5352-01
Posted Dec 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5352-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | 97941d426bc52f5dfa03abf40264a65a805aa3931d34f78c4e9052bf6a679574
Red Hat Security Advisory 2020-4444-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4444-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2020-10029, CVE-2020-1751, CVE-2020-1752
SHA-256 | 37cad4f15ed87aa0f841fe0fb1f9b66f9b1c76d5c5a9b57f07addf4008ac6b9e
Red Hat Security Advisory 2020-3861-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3861-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2019-19126
SHA-256 | 050e385775d17b4f4722486aa5f1e9ec5ab20fc7759045295d95e981569db327
Red Hat Security Advisory 2020-2210-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2210-01 - KornShell is a Unix shell which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | 85778f72ae62371bd221f5640a7c707bf70178faaf417114e0402a1da7603aaa
Red Hat Security Advisory 2020-1828-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1828-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2019-19126
SHA-256 | 859d2cdad2897f6735be6cfb11a58a419b5d1a78e28f5daa57d40626030dfe9e
Red Hat Security Advisory 2020-1333-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1333-01 - KornShell is a Unix shell developed by AT+T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | 96a067fecec2836eda0cd5e4a2232e9531620efb5ceff259de1c772e98d0635d
Red Hat Security Advisory 2020-1332-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1332-01 - KornShell is a Unix shell developed by AT+T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | e5c75d600477e9b087450bb8699274001aaf564423f0cf307cdd74fd71e23e04
Nagios XI Authenticated Remote Command Execution
Posted Mar 10, 2020
Authored by Erik Wynter, Jak Gibb | Site metasploit.com

This Metasploit module exploits a vulnerability in Nagios XI versions before 5.6.6 in order to execute arbitrary commands as root. The module uploads a malicious plugin to the Nagios XI server and then executes this plugin by issuing an HTTP GET request to download a system profile from the server. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. This may not work if Nagios XI is running in a restricted Unix environment, so in that case the target must be set to Linux (cmd). The module then writes the payload to the malicious plugin while avoiding commands that may not be supported. Valid credentials for a user with administrative privileges are required. This module was successfully tested on Nagios XI 5.6.5 running on CentOS 7. The module may behave differently against older versions of Nagios XI.

tags | exploit, web, arbitrary, root
systems | linux, unix, osx, centos
advisories | CVE-2019-15949
SHA-256 | ff7c4c4f60a8d9d91f4dea43c87e96d04fac8cbc379e059ccb3fb23c944c18ab
Red Hat Security Advisory 2020-0568-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0568-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability was addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | 5de0bbb6699431ef7e8cbd8a14c69a7099f6565c7ff8b2acdd2da3274058a2e7
Red Hat Security Advisory 2020-0559-01
Posted Feb 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0559-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability was addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | 64c17b647c891f788aefe5d1afd7b9c7671a05ebe40337091ae8e25e9ed73e93
Red Hat Security Advisory 2020-0515-01
Posted Feb 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0515-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | 2165f36718e13869f3c15d9471d466b6a7d8f240f4aa6561f69327fe3404ab3e
Red Hat Security Advisory 2020-0431-01
Posted Feb 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0431-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | 3f802c294b8f8fddd40b350160f80dee7808cfc53835bb711f47c188bc802448
Red Hat Security Advisory 2019-3513-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3513-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2016-10739
SHA-256 | 24a996370f7b68b922856cbb7d2da1f1a44c06fc17dd526896c6f50cd62311ab
Page 1 of 28
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close