what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files Date: 2022-08-10

Webmin Package Updates Command Injection
Posted Aug 10, 2022
Authored by Christophe de la Fuente, Emir Polat | Site metasploit.com

This Metasploit module exploits an arbitrary command injection in Webmin versions prior to 1.997. Webmin uses the OS package manager (apt, yum, etc.) to perform package updates and installation. Due to a lack of input sanitization, it is possible to inject an arbitrary command that will be concatenated to the package manager call. This exploit requires authentication and the account must have access to the Software Package Updates module.

tags | exploit, arbitrary
advisories | CVE-2022-36446
SHA-256 | 40335e81c5e1920c59b3fa7d7b9555cf342eefb7151f937070f230f69f2b8ee3
Zimbra zmslapd Privilege Escalation
Posted Aug 10, 2022
Authored by Ron Bowes, Darren Martyn | Site metasploit.com

This Metasploit module exploits CVE-2022-37393, which is a vulnerability in Zimbra's sudo configuration that permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.

tags | exploit, arbitrary, root
advisories | CVE-2022-37393
SHA-256 | 1f2fa01d64e190544e661f442158ebf1f08cb719c08299334a3fc484cc386cd2
AirSpot 5410 0.3.4.1-4 Remote Command Injection
Posted Aug 10, 2022
Authored by Samy Younsi

AirSpot 5410 versions 0.3.4.1-4 and below suffer from an unauthenticated remote command injection vulnerability.

tags | exploit, remote
advisories | CVE-2022-36267
SHA-256 | 0453a46f41ec4c59c37a44bb644827c11fe0d7e8677419a16aefa00836c95383
Sophos XG115w Firewall 17.0.10 MR-10 Authentication Bypass
Posted Aug 10, 2022
Authored by Aryan Chehreghani

Sophos XG115w Firewall version 17.0.10 MR-10 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2022-1040
SHA-256 | caaaf298385288773c3e71845cbf340e5bbbc9ab2655ac84f91e638760b5551a
Ubuntu Security Notice USN-5562-1
Posted Aug 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5562-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0494, CVE-2022-1048, CVE-2022-1652, CVE-2022-1679, CVE-2022-1734, CVE-2022-1974, CVE-2022-1975, CVE-2022-2586, CVE-2022-2588, CVE-2022-28893, CVE-2022-34918
SHA-256 | c885f38b774059929fa7229f706f1468b065d9a0e066149d46b5f404b4fda36c
Ubuntu Security Notice USN-5559-1
Posted Aug 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5559-1 - It was discovered that Moment.js incorrectly handled certain input paths. An attacker could possibly use this issue to cause a loss of integrity by changing the correct path to one of their choice. It was discovered that Moment.js incorrectly handled certain input. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-24785, CVE-2022-31129
SHA-256 | fe596b86b638bc47b0fe957f167ddfe79c05169fb8234a0b5b8b4d39d00df4e2
Ubuntu Security Notice USN-5561-1
Posted Aug 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5561-1 - It was discovered that GNOME Web incorrectly filtered certain strings. A remote attacker could use this issue to perform cross-site scripting attacks. This issue only affected Ubuntu 20.04 LTS. It was discovered that GNOME Web incorrectly handled certain long page titles. A remote attacker could use this issue to cause GNOME Web to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2021-45085, CVE-2021-45086, CVE-2021-45087, CVE-2022-29536
SHA-256 | 9973ace527cbf32f5526f709c8f797db2c055203bb74e2e7b0d7f3b387c1dd77
Red Hat Security Advisory 2022-5069-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5069-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include code execution, cross site scripting, denial of service, information leakage, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2018-25032, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827
SHA-256 | c2604c1404ab92e0e038e4eeaeed4c184a896885e1b0fbbc3ef5ae6df328db80
Ubuntu Security Notice USN-5560-2
Posted Aug 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5560-2 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0494, CVE-2022-1048, CVE-2022-1195, CVE-2022-1652, CVE-2022-1679, CVE-2022-1729, CVE-2022-1734, CVE-2022-1974, CVE-2022-1975, CVE-2022-2586, CVE-2022-2588, CVE-2022-33981, CVE-2022-34918
SHA-256 | 9074f1f7178d2158077da7331b9b96dca3ab1875c317daaedb241651b9c2b8e3
Ubuntu Security Notice USN-5560-1
Posted Aug 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5560-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0494, CVE-2022-1048, CVE-2022-1195, CVE-2022-1652, CVE-2022-1679, CVE-2022-1729, CVE-2022-1734, CVE-2022-1974, CVE-2022-1975, CVE-2022-2586, CVE-2022-2588, CVE-2022-33981, CVE-2022-34918
SHA-256 | a156f85855d3dfab07d60c5d05ef3c9ea3d5a70c935227a3feb4443ce0a5e57a
Red Hat Security Advisory 2022-6038-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6038-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-34716
SHA-256 | 13d3ef77bac94846f6eddc57a82517b000d17a3b9df85470a20d94c6ac7a2ce7
Red Hat Security Advisory 2022-5068-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5068-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-1706, CVE-2022-21698, CVE-2022-23772, CVE-2022-23773, CVE-2022-23806, CVE-2022-24675, CVE-2022-24921, CVE-2022-27191, CVE-2022-28327, CVE-2022-29162
SHA-256 | 30e00d08c07434f6fc92069d48ab3c33166cfe75f5097f3b4aae5ca92fe1476e
Red Hat Security Advisory 2022-6037-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6037-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.422 and .NET Runtime 3.1.28.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-34716
SHA-256 | eb359556b2f782d9ef41c42f17b0ac04f90433a610b45f780b90911bb1e31f1d
Red Hat Security Advisory 2022-5070-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5070-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include denial of service, out of bounds read, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-18874, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-13435, CVE-2020-14155, CVE-2020-24370, CVE-2020-28493
SHA-256 | e7b215852adbc1951046d56f7036f6b75803672b4422c7ce6cb43592abad6003
Ubuntu Security Notice USN-5558-1
Posted Aug 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5558-1 - Zhao Liang discovered that libcdio was not properly performing memory management operations when processing ISO files, which could result in a heap buffer overflow or in a NULL pointer dereference. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2017-18198
SHA-256 | 1d6a495bf2cef207e4a430fe621479724aa8eac3fc97c8aee7146d1c085ad4b5
Gentoo Linux Security Advisory 202208-11
Posted Aug 10, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-11 - A vulnerability has been discovered in pam-u2f which could allow a local attacker to bypass PIN entry. Versions less than 1.1.1 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2021-31924
SHA-256 | b822ab1fb862c7ae71bd1170a063818eb2b4229a42de540cf20332ae8ba1d2e6
Gentoo Linux Security Advisory 202208-06
Posted Aug 10, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-6 - Multiple vulnerabilities have been discovered in lxml, the worst of which could result in denial of service. Versions less than 4.9.1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-28957, CVE-2021-43818, CVE-2022-2309
SHA-256 | 6d9496250c6b1be096da8fdfc2ddf483123bdd7eda3323ea9efa66b39b901e0a
Gentoo Linux Security Advisory 202208-12
Posted Aug 10, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-12 - Multiple vulnerabilities have been discovered in mdbtools. Versions less than 0.9.3 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2021-45926, CVE-2021-45927
SHA-256 | e08a3105438b7ee38c717a5f7298359df5f8a1293413dcdafdd36e5d46cf6a45
Gentoo Linux Security Advisory 202208-14
Posted Aug 10, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-14 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 91.12.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-29967, CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-29980, CVE-2021-29984, CVE-2021-29985, CVE-2021-29986, CVE-2021-29988, CVE-2021-29989, CVE-2021-30547, CVE-2021-38492, CVE-2021-38493, CVE-2021-38495
SHA-256 | f184d188e33d6d6de8f9f81306f8ff465c4a27f70f5f59cd68ea9a662b3e9fbb
Gentoo Linux Security Advisory 202208-10
Posted Aug 10, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-10 - Multiple vulnerabilities have been found in Spice Server, the worst of which may result in the remote execution of arbitrary code. Versions less than 0.15.0 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-14355, CVE-2021-20201
SHA-256 | 8fe4c7d61314a86aefd52fe0d33ab444d5c54474fddc49b1423bcd52ebb852ad
Gentoo Linux Security Advisory 202208-07
Posted Aug 10, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-7 - A buffer overread in LibRaw might allow an attacker to cause denial of service. Versions less than 0.20.2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2020-24870
SHA-256 | 9414a94e678145470481e7cc868d7e162d239d1b42e3791f8cf15db44e64c3b2
Gentoo Linux Security Advisory 202208-08
Posted Aug 10, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-8 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 91.12.0:esr are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2022-0843, CVE-2022-1196, CVE-2022-1529, CVE-2022-1802, CVE-2022-1919, CVE-2022-2200, CVE-2022-24713, CVE-2022-2505, CVE-2022-26381, CVE-2022-26382, CVE-2022-26383, CVE-2022-26384, CVE-2022-26385, CVE-2022-26386
SHA-256 | fc4c6986e8aede7a5e8bb420e78fe9cd1f9dfa569ec3d07e1e623b50bbd053b8
Gentoo Linux Security Advisory 202208-13
Posted Aug 10, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-13 - A vulnerability in libass could result in denial of service. Versions less than 0.15.1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2020-36430
SHA-256 | 1388af97b30cdbb2b63a31b0850f5ea0e3695f0a9efdf5d86a0736c6e799ea54
Gentoo Linux Security Advisory 202208-09
Posted Aug 10, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-9 - Multiple vulnerabilities have been discovered in HashiCorp Consul, the worst of which could result in denial of service. Versions less than 1.9.17 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2020-25201, CVE-2020-25864, CVE-2020-28053, CVE-2021-28156, CVE-2021-32574, CVE-2021-36213, CVE-2021-38698, CVE-2022-24687, CVE-2022-29153
SHA-256 | bd7d7988fa234190975e9fd8fcaaf69efde7aa9b404976582474894dfe9fee0e
Red Hat Security Advisory 2022-5997-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5997-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage. Perf Tools is a collection of performance analysis tools, including a high-performance multi-threaded malloc() implementation that works particularly well with threads and STL, a thread-friendly heap-checker, a heap profiler, and a cpu-profiler.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-0670
SHA-256 | c49df8477f0fd11893bf5b70ef0b2fe8b05249efa55854768c41ecb341eb3571
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close