what you don't know can hurt you
Showing 26 - 50 of 13,594 RSS Feed

Local Files

Ubuntu Security Notice USN-4556-1
Posted Sep 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4556-1 - It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this to bypass email address validation. Various other issues were also addressed.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2005-1513, CVE-2005-1515, CVE-2020-3811, CVE-2020-3812
MD5 | acc8c2f4c28a224574408a5870713fdf
Ubuntu Security Notice USN-4552-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4552-1 - Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root.

tags | advisory, local, root, python
systems | linux, ubuntu
advisories | CVE-2019-16729
MD5 | 9b50a0e88882a3a241628e82fb4462d0
MSI Ambient Link Driver 1.0.0.8 Privilege Escalation
Posted Sep 28, 2020
Authored by Matteo Malvica

MSI Ambient Link Driver version 1.0.0.8 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2020-17382
MD5 | 8fea93f7ad33762f0a50b57fbff7e5a4
Ubuntu Security Notice USN-3968-3
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3968-3 - USN-3968-1 fixed several vulnerabilities in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and execute arbitrary commands. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7032
MD5 | 6044cf85ada96b50d32b99b140fb790d
Sifter 10_r2
Posted Sep 28, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Revision 2 of version 10. Includes separated categories and various additions.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 6bee73d58cd39101159e5cda8f2f4469
Ubuntu Security Notice USN-4538-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4538-1 - Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use this issue to install untrusted packages, contrary to expectations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-16121, CVE-2020-16122
MD5 | 9ab387948f7d20a426a21b86db0d000e
Ubuntu Security Notice USN-4537-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4537-1 - Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the presence of local files.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-15703
MD5 | 79d913f2fe0fa46f1fd8a7e378f21f45
Ubuntu Security Notice USN-4533-1
Posted Sep 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4533-1 - Veeti Veteläinen discovered that the LTSP Display Manager incorrectly handled user logins from unsupported shells. A local attacker could possibly use this issue to gain root privileges.

tags | advisory, shell, local, root
systems | linux, ubuntu
advisories | CVE-2019-20373
MD5 | f737de063aa0c72d9f092dd14307d74a
GoogleCloudPlatform OSConfig Privilege Escalation
Posted Sep 22, 2020
Authored by Imre Rad | Site github.com

Google's osconfig agent was vulnerable to local privilege escalation due to relying on a predictable path inside the /tmp directory. An unprivileged malicious process could abuse this flaw to win a race condition and take over the files managed by the high privileged agent process and thus execute arbitrary commands as the root user (full capabilities). Exploitation was possible only during an osconfig recipe being deployed.

tags | exploit, arbitrary, local, root
MD5 | 819b19459bc7ce2b7e573c7913774ecd
Ubuntu Security Notice USN-4530-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4530-1 - Wolfgang Schweer discovered that Debian-LAN did not properly handle ACLs for the Kerberos admin server. A local attacker could possibly use this issue to change the passwords of other users, leading to root privilege escalation.

tags | advisory, local, root
systems | linux, debian, ubuntu
advisories | CVE-2019-3467
MD5 | 1ed5ed1abd998bda2cba606ced76cd87
Ubuntu Security Notice USN-4526-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4526-1 - It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service. It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-18808, CVE-2019-19054, CVE-2019-19061, CVE-2019-19067, CVE-2019-19073, CVE-2019-9445, CVE-2020-12888, CVE-2020-14356, CVE-2020-16166
MD5 | 0555d89a453511c4928b0f3f4d89925f
Ubuntu Security Notice USN-4527-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4527-1 - It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. It was discovered that the Atheros HTC based wireless driver in the Linux kernel did not properly deallocate in certain error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19054, CVE-2019-20811, CVE-2019-9445, CVE-2019-9453, CVE-2020-0067, CVE-2020-25212
MD5 | b8cfb269928149f8575ac32ec308fbc1
Ubuntu Security Notice USN-4525-1
Posted Sep 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4525-1 - It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service. It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-18808, CVE-2019-19054, CVE-2020-12888, CVE-2020-16166, CVE-2020-25212
MD5 | a17d985165108ab74ad154daf6c8f23f
Ubuntu Security Notice USN-4518-1
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4518-1 - Matthias Gerstner discovered that xawtv incorrectly handled opening files. A local attacker could possibly use this issue to open and write to arbitrary files and escalate privileges.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-13696
MD5 | a56bcdc9f4abb93b414422cbad061641
Ubuntu Security Notice USN-4512-1
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4512-1 - It was discovered that the umount bash completion script shipped in util-linux incorrectly handled certain mountpoints. If a local attacker were able to create arbitrary mountpoints, another user could be tricked into executing arbitrary code when attempting to run the umount command with bash completion.

tags | advisory, arbitrary, local, bash
systems | linux, ubuntu
advisories | CVE-2018-7738
MD5 | fd698bcee448baf8032ab156756cd4d9
Ubuntu Security Notice USN-4508-1
Posted Sep 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4508-1 - It was discovered that StoreBackup did not properly manage lock files. A local attacker could use this issue to cause a denial of service or escalate privileges and run arbitrary code.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-7040
MD5 | 3a173c8e1adaa02f65abf5fc9ae3a802
TOR Virtual Network Tunneling Tool 0.4.4.5
Posted Sep 15, 2020
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.4.4.5 is the first stable release in the 0.4.4.x series. This series improves their guard selection algorithms, adds v3 onion balance support, improves the amount of code that can be disabled when running without relay support, and includes numerous small bugfixes and enhancements. It also lays the ground for some IPv6 features that they will be developing more in the next (0.4.5) series.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | b061b7c4ce6102fb7c800b73c8573388
Gentoo Linux Security Advisory 202009-08
Posted Sep 14, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202009-8 - An information disclosure vulnerability in GNOME Shell might allow local attackers to obtain sensitive information. Versions less than 3.34.5-r1 are affected.

tags | advisory, shell, local, info disclosure
systems | linux, gentoo
advisories | CVE-2020-17489
MD5 | 309e5318135523eb52d41ec01f1dface
Kernel Live Patch Security Notice LSN-0071-1
Posted Sep 10, 2020
Authored by Benjamin M. Romer

A security issue was fixed in the 4.15 kernel. This issue affects the 5.4 kernel as well, but a livepatch is not yet available. While work is continuing to develop livepatches for all affected kernels, due to the severity of the issue, they are releasing patches as they become ready. Or Cohen discovered that the AF_PACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2020-14386
MD5 | 4437085dab38579a25ce71c982fffd06
Audio Playback Recorder 3.2.2 Local Buffer Overflow
Posted Sep 9, 2020
Authored by Felipe Winsnes

Audio Playback Recorder version 3.2.2 SEH local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 6c86c3788101f270007fed2e137f6d33
Ubuntu Security Notice USN-4488-2
Posted Sep 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4488-2 - USN-4488-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update and also the update from USN-4490-1 for Ubuntu 14.04 ESM. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XRecordRegisterClients function. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2020-14345, CVE-2020-14346, CVE-2020-14347, CVE-2020-14361, CVE-2020-14362
MD5 | 2c21e36caf7b07e3cf7bab5cb7a9f1d9
Ubuntu Security Notice USN-4487-2
Posted Sep 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4487-2 - USN-4487-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-14344, CVE-2020-14363
MD5 | 7b5ef11330385584e46af64155d4486c
Ubuntu Security Notice USN-4490-1
Posted Sep 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4490-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSetNames function. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-14345
MD5 | 19cdf17747d7e092e4f8abf0216678ca
Ubuntu Security Notice USN-4489-1
Posted Sep 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4489-1 - Or Cohen discovered that the AF_PACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-14386
MD5 | 9038e89795f6761246dfe52d3c1c5711
Rapid7 Nexpose Installer 6.6.39 Local Privilege Escalation
Posted Sep 7, 2020
Authored by Angelo D'Amato | Site zeroscience.mk

Rapid7 Nexpose Installer version 6.6.39 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 74cc0768de07f3d4c7a3cadc787554ce
Page 2 of 544
Back12345Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    13 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close