what you don't know can hurt you
Showing 1 - 25 of 682 RSS Feed

Operating System: Mac OS X

Red Hat Security Advisory 2021-4358-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4358-03 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2021-27645, CVE-2021-33574, CVE-2021-35942
MD5 | 6d6c0da7f1b32be93dbe2685dbd58893
Red Hat Security Advisory 2021-3315-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3315-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat, osx
advisories | CVE-2020-10029, CVE-2020-29573
MD5 | b2b4570789d9b7cfe84e1e04c3c1f46a
Red Hat Security Advisory 2021-2998-01
Posted Aug 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2998-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat, osx
advisories | CVE-2020-10029, CVE-2020-29573
MD5 | e15d50eba62b798635e31f2dad29c36f
Red Hat Security Advisory 2021-2813-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2813-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat, osx
advisories | CVE-2020-29573
MD5 | 871020c7b2012dccd40c91ae4a588dd5
Red Hat Security Advisory 2021-1585-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1585-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer over-read vulnerability.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2016-10228, CVE-2019-25013, CVE-2019-9169, CVE-2020-27618, CVE-2021-3326
MD5 | 502fd63d95535f98b78e35ea0a6586e3
Ubuntu Security Notice USN-4954-1
Posted May 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4954-1 - Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the POSIX regex implementation in the GNU C Library did not properly parse alternatives. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, osx, ubuntu
advisories | CVE-2009-5155, CVE-2020-6096
MD5 | bf1be2fa5ed0acab1c981917d5b783b4
Nagios XI 5.7.3 Remote Code Execution
Posted Apr 21, 2021
Authored by Chris Lyne, Erik Wynter | Site metasploit.com

This Metasploit module exploits an OS command injection vulnerability in includes/components/nxti/index.php that enables an authenticated user with admin privileges to achieve remote code execution as the apache user. Valid credentials for a Nagios XI admin user are required. This module has been successfully tested against Nagios XI 5.7.3 running on CentOS 7.

tags | exploit, remote, php, code execution
systems | linux, osx, centos
advisories | CVE-2020-5792
MD5 | 2df6940f1d406eb594bb234456e3e6f5
Nagios XI Remote Code Execution
Posted Apr 15, 2021
Authored by Haboob Team, Erik Wynter | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the /admin/monitoringplugins.php page of Nagios XI versions prior to 5.8.0 when uploading plugins. Successful exploitation allows an authenticated admin user to achieve remote code execution as the apache user by uploading a malicious plugin. Valid credentials for a Nagios XI admin user are required. This module has been successfully tested against Nagios versions XI 5.3.0 and 5.7.5, both running on CentOS 7.

tags | exploit, remote, php, code execution
systems | linux, osx, centos
advisories | CVE-2020-35578
MD5 | 91ac1437912ce19fca5580399b1f6625
Nagios XI getprofile.sh Remote Command Execution
Posted Apr 14, 2021
Authored by Erik Wynter, Jak Gibb | Site metasploit.com

This Metasploit module exploits a vulnerability in the getprofile.sh script of Nagios XI versions prior to 5.6.6 in order to upload a malicious check_ping plugin and thereby execute arbitrary commands. For Nagios XI 5.2.0 through 5.4.13, the commands are run as the nagios user. For versions 5.5.0 through 5.6.5, the commands are run as root. Note that versions prior to 5.2.0 will still be marked as being vulnerable however this module does not presently support exploiting these targets. The module uploads a malicious check_ping plugin to the Nagios XI server via /admin/monitoringplugins.php and then executes this plugin by issuing a HTTP GET request to download a system profile from the server. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. This may not work if Nagios XI is running in a restricted Unix environment, so in that case the target must be set to Linux (cmd). The module then writes the payload to the malicious plugin while avoiding commands that may not be supported. Valid credentials for a user with administrative privileges are required. This module was successfully tested on Nagios XI 5.3.0 and Nagios 5.6.5, both running on CentOS 7. For vulnerable versions before 5.5.0, it may take a significant amount of time for the payload to get back (up to 5 minutes). If exploitation fails against an older system, it is recommended to increase the WfsDelay setting (default is 300 seconds).

tags | exploit, web, arbitrary, root, php
systems | linux, unix, osx, centos
advisories | CVE-2019-15949
MD5 | c535c12509a747d756650bedc5b31fca
Red Hat Security Advisory 2021-0348-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0348-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include buffer over-read and buffer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat, osx
advisories | CVE-2019-25013, CVE-2020-10029, CVE-2020-29573
MD5 | e85163612008c3d9c255694571499d78
Red Hat Security Advisory 2020-5351-01
Posted Dec 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5351-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | d0c0e105a1db23827e75ce7072db41b9
Red Hat Security Advisory 2020-5352-01
Posted Dec 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5352-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | 12b6bb5f09185927f265dbab3a4e04a4
Red Hat Security Advisory 2020-4444-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4444-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2020-10029, CVE-2020-1751, CVE-2020-1752
MD5 | 842ac2d95b79f7d7ded97e72c2ab14da
Red Hat Security Advisory 2020-3861-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3861-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2019-19126
MD5 | ac8eec1dd3f9741cc0d02537b4820c5b
Red Hat Security Advisory 2020-2210-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2210-01 - KornShell is a Unix shell which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | fd8c80347cd4ed97e92d1050f4903caf
Red Hat Security Advisory 2020-1828-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1828-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2019-19126
MD5 | 0d4f1c8267ab665f6c5a036ee39a3eb4
Red Hat Security Advisory 2020-1333-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1333-01 - KornShell is a Unix shell developed by AT+T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | 129fab33e89337166620907e653bddf2
Red Hat Security Advisory 2020-1332-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1332-01 - KornShell is a Unix shell developed by AT+T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | 4326e13a6cfed935ccfe0b0a3331ba4c
Nagios XI Authenticated Remote Command Execution
Posted Mar 10, 2020
Authored by Erik Wynter, Jak Gibb | Site metasploit.com

This Metasploit module exploits a vulnerability in Nagios XI versions before 5.6.6 in order to execute arbitrary commands as root. The module uploads a malicious plugin to the Nagios XI server and then executes this plugin by issuing an HTTP GET request to download a system profile from the server. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. This may not work if Nagios XI is running in a restricted Unix environment, so in that case the target must be set to Linux (cmd). The module then writes the payload to the malicious plugin while avoiding commands that may not be supported. Valid credentials for a user with administrative privileges are required. This module was successfully tested on Nagios XI 5.6.5 running on CentOS 7. The module may behave differently against older versions of Nagios XI.

tags | exploit, web, arbitrary, root
systems | linux, unix, osx, centos
advisories | CVE-2019-15949
MD5 | 27aeb9dcadc656869ca4d5c1b08a9963
Red Hat Security Advisory 2020-0568-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0568-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability was addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | 35d10dc44cb1ac3d834aec47733e7e57
Red Hat Security Advisory 2020-0559-01
Posted Feb 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0559-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability was addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | d07ac3d3894450b7c9cc812217316506
Red Hat Security Advisory 2020-0515-01
Posted Feb 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0515-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | f0227d20c5796614746307fea644d248
Red Hat Security Advisory 2020-0431-01
Posted Feb 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0431-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | bd6b017de7b7f5daa19514165ab71658
Red Hat Security Advisory 2019-3513-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3513-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2016-10739
MD5 | 3a0c50a3173d887d3063c7245f1a049e
Red Hat Security Advisory 2019-2118-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2118-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2016-10739
MD5 | 1bfd6b71db21ffef736dcab49b602842
Page 1 of 28
Back12345Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close