what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2020-10-21

Ubuntu Security Notice USN-4588-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4588-1 - It was discovered that FlightGear could write arbitrary files if received a special nasal script. A remote attacker could exploit this with a crafted file to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9956
SHA-256 | c849dce35bc30e77824edd6793dcda3546a7b9b04695fd4ce5ec5f5e155e8a5c
Ubuntu Security Notice USN-4586-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4586-1 - It was discovered that PHP ImageMagick extension didn't check the address used by an array. An attacker could use this issue to cause PHP ImageMagick to crash, resulting in a denial of service.

tags | advisory, denial of service, php
systems | linux, ubuntu
advisories | CVE-2019-11037
SHA-256 | c4d79844145543c3922e2a6f5e1895cf559ec6472507132c0c38ea683219d774
Ubuntu Security Notice USN-4587-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4587-1 - Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn't check malloc return values. A remote attacker could use these issues to cause a denial of service or possibly execute arbitrary code. Josef Gajdusek discovered that iTALC had heap-based buffer overflow vulnerabilities. A remote attacker could used these issues to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-6051, CVE-2014-6055, CVE-2018-20019, CVE-2018-20020, CVE-2018-20023, CVE-2018-20024, CVE-2018-20748, CVE-2018-20750, CVE-2019-15681
SHA-256 | 852e2ad5f87cab236b79c9a3c921691e530d13ce804213bb2268c40edc71dc2c
nfstream 6.2.0
Posted Oct 21, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Complete rework of multi CPUs scaling. Added src_mac, src_oui, dst_mac, dst_oui flow features. Added MDNS and DHCP plugins. Added configurable anonymization. Added Python3.9 support. Fixed overflow in the performance report counters. Fixed CAPWAP tunnels decoding. nDPI maintenance update.
tags | tool, python
systems | unix
SHA-256 | 892447905e68f785ecdd26555a153712c8e50b29f65da72a7bfb4bc780a8f600
BigBlueButton 2.2.25 File Disclosure / Server-Side Request Forgery
Posted Oct 21, 2020
Site redteam-pentesting.de

RedTeam Pentesting discovered a vulnerability in the BigBlueButton web conferencing system version 2.2.25 that allows participants of a conference with permissions to upload presentations to read arbitrary files from the file system and perform server-side requests. This leads to administrative access to the BigBlueButton instance.

tags | exploit, web, arbitrary
advisories | CVE-2020-25820
SHA-256 | 41eaaa438c053a1afcdc56d2cd1717b2db4bf402566f20e2d848123cbaf0cbf1
Ubuntu Security Notice USN-4596-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4596-1 - It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting in a denial of service. It was discovered that Tomcat did not properly release the HTTP/1.1 processor after the upgrade to HTTP/2. An attacker could possibly use this to generate an OutOfMemoryException, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2020-11996, CVE-2020-13934, CVE-2020-13935, CVE-2020-9484
SHA-256 | 586eca4f5ac4ca20d495e510bd4240f87e2caec95b0525e93efdd8b31a455a34
Red Hat Security Advisory 2020-4295-01
Posted Oct 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4295-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720
SHA-256 | 941f7c5e5b5f41c94aa5d9cb3177c72753229956c9ef97758409a2ce95e87220
Bludit 3.9.2 Bruteforce Mitigation Bypass
Posted Oct 21, 2020
Authored by Mayank Deshmukh | Site github.com

Bludit versions 3.9.2 and below bruteforce mitigation bypass exploit. Please visit the related homepage for deep dive details on usage.

tags | exploit, bypass
advisories | CVE-2019-17240
SHA-256 | 699d0927648d79172070e30dfd20c5f391423d6b8791f6bb95db49e6c2114867
Tiki Wiki CMS Groupware 21.1 Authentication Bypass
Posted Oct 21, 2020
Authored by Maximilian Barz

Tiki Wiki CMS Groupware version 21.1 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2020-15906
SHA-256 | fdb2d2af820d67ef635b8e0f61fc2a454ea62824eead6548a4ec9d5306effdbc
Libtaxii 1.1.117 / OpenTaxi 0.2.0 Server-Side Request Forgery
Posted Oct 21, 2020
Authored by Owais Mehtab, Vijay Kota

Libtaxii versions 1.1.117 and below and OpenTaxi versions 0.2.0 and below suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2020-27197
SHA-256 | 8674687fefdfd4e76168ac6e6b51d5b714ae9665cf070c865c3957dbd13ddf63
Red Hat Security Advisory 2020-4264-01
Posted Oct 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4264-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-12652, CVE-2017-18190, CVE-2018-20843, CVE-2019-11068, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12450, CVE-2019-12749, CVE-2019-14822, CVE-2019-14866, CVE-2019-14973, CVE-2019-15903, CVE-2019-16935, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-17546, CVE-2019-18197, CVE-2019-19126, CVE-2019-19956, CVE-2019-20386, CVE-2019-20388, CVE-2019-2974, CVE-2019-5094, CVE-2019-5188, CVE-2019-5482
SHA-256 | 7805f03df9c390692d08feead451abb3bf3b927c8c3392ce18ac74af42634150
Ubuntu Security Notice USN-4595-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4595-1 - It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-7729
SHA-256 | 869eb629f4f11b6553cabb4ed59cae9e222d47c0f4577e1be2fd8499d58f4b47
GOautodial 4.0 Shell Upload
Posted Oct 21, 2020
Authored by Balzabu

GOautodial version 4.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 0085f0c395aedb6eeb4cdbcd8c5646045e41ace8ab6b82ba53f5ef1df3119143
Ubuntu Security Notice USN-4594-1
Posted Oct 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4594-1 - It was discovered that Quassel incorrectly handled Qdatastream protocol. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that Quassel incorrectly handled certain login requests. A remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, ubuntu
advisories | CVE-2018-1000178, CVE-2018-1000179
SHA-256 | 455fd8d476412d476d20a8af81d6f7521e1ec0f7a8917720040db77c55e04834
School Faculty Scheduling System 1.0 SQL Injection
Posted Oct 21, 2020
Authored by Jyotsna Adhana

School Faculty Scheduling System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 7f7430970e932d434b301925cd6542b96ae4108450f192f06b87e005ffef1397
School Faculty Scheduling System 1.0 Cross Site Scripting
Posted Oct 21, 2020
Authored by Jyotsna Adhana

School Faculty Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5b0e209318f5530eaa84ee220a3be30ef6be875921a5e5021415a5b002e43403
Red Hat Security Advisory 2020-4299-01
Posted Oct 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4299-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection, denial of service, and double free vulnerabilities.

tags | advisory, denial of service, vulnerability, python
systems | linux, redhat
advisories | CVE-2019-18874, CVE-2019-20907, CVE-2020-14422, CVE-2020-26116, CVE-2020-26137
SHA-256 | 68d399ed7e240bb3ab98c139304e5b93c1566ee5d259b9c3fa61f7327e6d6b4b
Hrsale 2.0.0 Local File Inclusion
Posted Oct 21, 2020
Authored by Sosecure

Hrsale version 2.0.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | f2bc6f68dc2b4bd21fb631c93a8683313c5d45427901f02a6f6ede52fb900613
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close