This whitepaper discusses BRAKTOOTH, a family of new security vulnerabilities in commercial BT stacks that range from denial of service (DoS) via firmware crashes and deadlocks in commodity hardware to arbitrary code execution (ACE) in certain IoTs.
83e56767b319b5f79741b2ed5ec789faThis Metasploit module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder and exploits multiple authenticated arbitrary command execution vulnerabilities within the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions 1.12.0.27 and below as well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as the root user.
92b73b5927fb8541093395f2793bd346Backdoor.Win32.MoonPie.40 malware suffers from bypass and code execution vulnerabilities.
7286027878b606377863d3d65933a272WPanel version 4.3.1 authenticated remote code execution exploit.
98f907af7b13f3c7d59def1f5f35ac5dLinux kernels from 5.7-rc1 prior to 5.13-rc4, 5.12.4, 5.11.21, and 5.10.37 are vulnerable to a bug in the eBPF verifier's verification of ALU32 operations in the scalar32_min_max_and function when performing AND operations, whereby under certain conditions the bounds of a 32 bit register would not be properly updated. This can be abused by attackers to conduct an out of bounds read and write in the Linux kernel and therefore achieve arbitrary code execution as the root user. The target system must be compiled with eBPF support and not have kernel.unprivileged_bpf_disabled set, which prevents unprivileged users from loading eBPF programs into the kernel. Note that if kernel.unprivileged_bpf_disabled is enabled this module can still be utilized to bypass protections such as SELinux, however the user must already be logged as a privileged user such as root.
6ead3e5e5296fe145b5eb92da7ae8088Confluence Server version 7.12.4 unauthenticated OGNL injection remote code execution exploit.
0340434a86c779c9694e3699eb42446fTraffic Offense Management System version 1.0 remote code execution exploit that leverages a remote SQL vulnerability.
b273c6fcac7e557727fa0ed573991ad0Red Hat Security Advisory 2021-3365-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include a code execution vulnerability.
50dcd1431c236a477839e4b01f0ace72Ubuntu Security Notice 5054-1 - Felix Wilhelm discovered a buffer overflow flaw in the mod_proxy_uwsgi module. An attacker could use this vulnerability to provoke an information disclosure or potentially remote code execution.
020feed894a3c2eeaf34898ceb9a2a21BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an authenticated remote code execution vulnerability.
12410f10bd52d3cf3699a47fcca71d3bBackdoor.Win32.Hupigon.aejq malware suffers from bypass and code execution vulnerabilities.
5dad3a4f5ae4950a7afef65689f3849eGit clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to remote code execution while cloning a repository. Usage of clean / smudge filters through Git LFS and a case-insensitive file system changes the checkout order of repository files which enables the placement of a Git hook in the .git/hooks directory. By default, this Metasploit module writes a post-checkout script so that the payload will automatically be executed upon checkout of the repository.
b389779a9c5da6a81739bfdce3bfb340Red Hat Security Advisory 2021-3336-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include code execution and memory leak vulnerabilities.
2123481367856498a2969f1d72ed5139Backdoor.Win32.Delf.wr malware suffers from bypass and code execution vulnerabilities.
2bf0712acd2e8a34bf4e09296b35e733Red Hat Security Advisory 2021-3295-01 - libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Issues addressed include buffer overflow and code execution vulnerabilities.
2a22c006ed367354015bef163b7b222aRed Hat Security Advisory 2021-3298-01 - libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Issues addressed include buffer overflow and code execution vulnerabilities.
7237d8e2c83d6dec42eb5e0b986e0584Backdoor.Win32.Delf.um malware suffers from bypass and code execution vulnerabilities.
301c46cd59e9b97621f8c1ce759887dfBackdoor.Win32.Antilam.11 malware suffers from a code execution vulnerability.
79dfd5329300e92b79d0e8815a7d5227Strapi CMS version 3.0.0-beta.17.4 authenticated remote code execution exploit.
24052d1b097427f8b6282a7680d8abbcRed Hat Security Advisory 2021-3297-01 - libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Issues addressed include buffer overflow and code execution vulnerabilities.
b2ad76e09d5eceb25aec631cac795e32Red Hat Security Advisory 2021-3254-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, code execution, cross site scripting, denial of service, information leakage, integer overflow, and traversal vulnerabilities.
70a4248bf0bf2e0433ba6e3b6f69dd2bStrapi version 3.0.0-beta.17.7 authenticated remote code execution exploit.
14652910b1bea391615b3abe532186d4Red Hat Security Advisory 2021-3235-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, bypass, code execution, out of bounds write, and privilege escalation vulnerabilities.
a0f931b8ffa1b934372d05413683bd39Red Hat Security Advisory 2021-3252-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, code execution, denial of service, and traversal vulnerabilities.
64d7bbcc756663f32879557072f66329Red Hat Security Advisory 2021-3253-01 - libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Issues addressed include buffer overflow and code execution vulnerabilities.
050993a2f945877792bcd85bb9e1eeee
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed