Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
89fcdcc0eba329ca84d270df09d2bb89ae55f5024b0c3bddb817512fb2c907d3Ubuntu Security Notice 4269-1 - It was discovered that systemd incorrectly handled certain PIDFile files. A local attacker could possibly use this issue to trick systemd into killing privileged processes. This issue only affected Ubuntu 16.04 LTS. It was discovered that systemd incorrectly handled certain udevadm trigger commands. A local attacker could possibly use this issue to cause systemd to consume resources, leading to a denial of service. Various other issues were also addressed.
801a330186d2d0b57ba060621d63e9763e16344004da69650cf8fc1454009020Ubuntu Security Notice 4268-1 - It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could use this vulnerability to execute arbitrary commands as root.
fb1a4c6a7673d1e704ce5b14810da07fcd07eca7997ed43842b41e748c35f68anfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
276e62b019d9ddf89b56b83251e72160914945f874193e34854919443ee42e62Red Hat Security Advisory 2020-0378-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Issues addressed include a denial of service vulnerability.
e325a135b7467b9227486cb20387420c5511728dac11b4ac7498178c225e7891The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \\.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested successfully on Windscribe versions 1.80 and 1.81 on Windows 7 SP1 (x64).
7f200c24f141392d23225b9330afb247d5a945ace30e10996f31e175ed2e9dc9This Metasploit module exploits an authenticated remote code execution vulnerability in Wago PFC200.
e644a31ee3142610bca80adf663279d598540879469ec6f7a6af0fa7628a3816Ubuntu Security Notice 4263-2 - USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account. Various other issues were also addressed.
2e8986e72ddfa93d5be915aa5cdadfaa3bba5b67d5c5ef98260cdf49fce35fdcSocat version 1.7.3.4 heap-based overflow proof of concept exploit.
ea76f2c99e8e5b6adebb04f17444c94a60a9b41ec27f10b52807e410a2f26f3aRed Hat Security Advisory 2020-0431-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.
3f802c294b8f8fddd40b350160f80dee7808cfc53835bb711f47c188bc802448Ubuntu Security Notice 4266-1 - It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
ac062f6edb9292ca25a7e3888494aa164e19b77a3440890ac4d70afe04cf4547Red Hat Security Advisory 2020-0375-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and heap overflow vulnerabilities.
2771ec56a1f0cdfd7ba4c8445cd02a7bde8636e5735411475b0569947ef740f2Kronos WebTA version 4.0 suffers from cross site scripting and authenticated remote privilege escalation vulnerabilities.
65fefe87417d3f24f93505f6a2d0b0861b7653921bcaeb169587b91355306baeVerodin Director Web Console version 3.5.4.0 remote authenticated password disclosure proof of concept exploit.
64c5c3dad0e1734a2a2d694fc84ba6acdb52e85df43750c90a10d29c8e57d888Red Hat Security Advisory 2020-0374-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and heap overflow vulnerabilities.
109afefb19126c43d7ea9a360f7c9f6f419aad8d5207ac254a40d2179d15cf87Ubuntu Security Notice 4265-2 - USN-4265-1 fixed several vulnerabilities in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code. Various other issues were also addressed.
57693934af71cbf8f73c4502ce102a0dc12d22f24ab5a503dac709bb9ac3541bAVideo Platform version 8.1 suffers from an information disclosure vulnerability that allows for user enumeration.
0be44102dcefa7d92f71d105ca104461782d75773b24c639b3473a1ed84e31ceRed Hat Security Advisory 2020-0366-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a buffer overflow vulnerability.
5314db8d5b4027b9ffd78348452ce53792e5d0ad186dc12d43dd568bffb5542aRed Hat Security Advisory 2020-0406-01 - The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Issues addressed include unbounded memory growth.
b75e2e7f5013af928a3171a30ff45ec52fcfef6e871c3c46ffb1d556479dffdeAVideo Platform version 8.1 suffers from a cross site request forgery vulnerability.
06fe28aee68501ef47ba17ef49650509561048eb09385f0f64c56e4af3948357xglance-bin local root privilege escalation exploit that has been tested on Linux RHEL 7.x/8.x systems.
d27e4f2ed6ba8d5e7e900a787e939d59f6386be68ee424e030c1c37dbe438c85This python script is a fuzzer for the ISO-8385 financial protocol. It is compatible with sulley and bofuzz and is now part of the official bofuzz release.
d1cd712ddf8adaf71b93d57c4b8957aa1038bc884f3451a6f085124d3115cc0dArmis has discovered five critical, zero-day vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over devices.
5e3050fbeb1f22ebf589d261aab1741e8ff40e062b5d1b2a93dee1b7c870f8c4HiSilicon DVR/NVR with hi3520d firmware suffers from having a remote backdoor account vulnerability.
fb9c5743e89b20410d85556efda5278324665de203fa6f5a86bdf0bf1d11edd2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed