Ubuntu Security Notice 4289-1 - Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory. Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to access server resources prohibited by earlier security filters. Guido Vranken discovered that Squid incorrectly handled certain buffer operations when acting as a reverse proxy. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
1313e86585d39f29af765e7595c60e6ae63b933823da6dd69399de2b01187107This Metasploit module exploits a vulnerability that exists due to a lack of input validation when creating a user. Messages for a given user are stored in a directory partially defined by the username. By creating a user with a directory traversal payload as the username, commands can be written to a given directory. To use this module with the cron exploitation method, run the exploit using the given payload, host, and port. After running the exploit, the payload will be executed within 60 seconds. Due to differences in how cron may run in certain Linux operating systems such as Ubuntu, it may be preferable to set the target to Bash Completion as the cron method may not work. If the target is set to Bash completion, start a listener using the given payload, host, and port before running the exploit. After running the exploit, the payload will be executed when a user logs into the system. For this exploitation method, bash completion must be enabled to gain code execution. This exploitation method will leave an Apache James mail object artifact in the /etc/bash_completion.d directory and the malicious user account.
38aec6cad30d28bc144df66f4ad6d698b59a52c8a529a3cc66391e571ee852c6This Metasploit module uses Diamorphine rootkit's privesc feature using signal 64 to elevate the privileges of arbitrary processes to UID 0 (root). This module has been tested successfully with Diamorphine from master branch (2019-10-04) on Linux Mint 19 kernel 4.15.0-20-generic (x64).
c0a67e3b35ae7095f282504032573f7c6d8515a68217980e613c044ea3d6edbeRed Hat Security Advisory 2020-0556-01 - This release of Open Liberty 20.0.0.2 serves as a replacement for Open Liberty 20.0.0.1 and includes security fixes, bug fixes, and enhancements. Issues addressed include a denial of service vulnerability.
d3cd1416354865f437f30268882b9c17d2e392f2b62cf277834f83750c1d3cd9nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
12011eb0e4798ce4039defc10498c4ae9af7f4edf7731e9d32f4d8ae678cda66Ubuntu Security Notice 4288-1 - It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code.
eb07457d63a9c9ab5e89ea43cf02a775350f7f4106be07bf3ab89630abce1e73OpenEXR suffers from multiple memory safety issues including out-of-bounds access.
d7f7bcfc376186e510d108af1edd8e502ddcaa95444256cedbc8fa3a1e31276eMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel when used as an access point would send IAPP location updates for stations before client authentication had completed. A physically proximate attacker could use this to cause a denial of service. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
3c905722a86d530e482e9a6b3bcee6079ea4d1a13dff3d803fadfd5fb541bc01Red Hat Security Advisory 2020-0559-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability was addressed.
64c17b647c891f788aefe5d1afd7b9c7671a05ebe40337091ae8e25e9ed73e93XNU suffers from a remote mbuf double-free vulnerability in ip6_notify_pmtu.
f6d1a4b89651c23358fcd0d3e842c59d4bca332db3139711e5ce8ff69f02574dRed Hat Security Advisory 2020-0451-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A TLS/SSL Birthday attack vulnerability from 2016 was addressed.
291865ffa3d8906d6d382894ce0bccbded17d9c8121ae91b54e3bd1b6d94ac4eRed Hat Security Advisory 2020-0555-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM hypervisor in environments managed by Red Hat products.
edf7af0d34dcf029242ca3291969d86628a31defc02f0106e5fb3b7404934383223 bytes small dynamic, null-free popcalc shellcode.
ccec09da16241f30e89ce97e28ccdeb241bc7e67959a796c987fe611acbc4e6aThis whitepaper is called Penetration Testing Labs. Written in Turkish.
20cd628c34116a9f309a918fc642557fdd62b7790e5d3a28d03d0c30ef73893bCore FTP Liter version 1.3 suffers from a denial of service vulnerability.
5c2b1034618e6314369304c7bfdb18c81b753450d81d426c036f04b76ea742f4Ubuntu Security Notice 4279-2 - USN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a regression. This update fixes the problem. It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. Various other issues were also addressed.
bf559775f614f7fb96bbd6401e194bbc53db3c87a22fe2b28e1265df3af4fd67Easy2Pilot version 7 suffers from a cross site request forgery vulnerability.
bdda2921cf36e086f15220a25bdf137644dcc4af6f6cb9ff7596632f3eece938Red Hat Security Advisory 2020-0553-01 - RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable implementation of an AMQP broker. Issues addressed include a cross site scripting vulnerability.
7ccc5116277ebf423fb16a947ac81aec536e396c741337b55791f5ecaee19216Whitepaper called Understanding MQTT and CoAP Protocols.
a2dd6fd6e2461abeae4c1a9f86a7d182c3950d4263aeab5b55dadea067ce08ddWhitepaper called Android Pentest Tutorial Step By Step. Written in Persian.
5b7d21010a256cb1f4b468d223e3ec667013b6a8d7142cf2136bd61da5d324c0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed