exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2020-03-04

Red Hat Security Advisory 2020-0708-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0708-01 - The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. HTTP request smuggling was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-15605
SHA-256 | a170d015c32f37432d9de939a73499f02f7638a9789e5e1796da178dc64bd3a1
Red Hat Security Advisory 2020-0707-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0707-01 - The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. HTTP request smuggling was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-15605
SHA-256 | 356b5cddfb52ed1d8d5aa0bcc6cf2953a6fe74e992643df32307133cffd2e459
Red Hat Security Advisory 2020-0704-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0704-01 - Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1311
SHA-256 | ccc228370dd78d1ad6b26462371df035b84cc84b9b1c7c2f888333847669e478
Ubuntu Security Notice USN-4296-1
Posted Mar 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4296-1 - Norbert Szetei discovered that Django incorrectly handled the GIS functions and aggregates on Oracle. A remote attacker could possibly use this issue to perform an SQL injection attack.

tags | advisory, remote, sql injection
systems | linux, ubuntu
advisories | CVE-2020-9402
SHA-256 | 12e491ba936568b3738eb6221c37dce480c1eb23e583156777694e1e2279cf6a
Exchange Control Panel Viewstate Deserialization
Posted Mar 4, 2020
Authored by Spencer McIntyre | Site metasploit.com

This Metasploit module exploits a .NET serialization vulnerability in the Exchange Control Panel (ECP) web page. The vulnerability is due to Microsoft Exchange Server not randomizing the keys on a per-installation basis resulting in them using the same validationKey and decryptionKey values. With knowledge of these, values an attacker can craft a special viewstate to cause an OS command to be executed by NT_AUTHORITY\SYSTEM using .NET deserialization.

tags | exploit, web
advisories | CVE-2020-0688
SHA-256 | 9ba178072e43dcc78183e17a6aebcaa356ad487774d5b60829b0623367acc1fb
Red Hat Security Advisory 2020-0703-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0703-01 - The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. HTTP request smuggling was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-15605
SHA-256 | 8ea83379a922dc0dcbacd24df3271f11e1b50698d6e2c37e5b91f8c7c0aff4f9
Red Hat Security Advisory 2020-0702-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0702-01 - Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1311
SHA-256 | 306a1b1da1150eaae8df68a1866547196a2e7421d357e341f63e146f72c33c7f
Red Hat Security Advisory 2020-0617-01
Posted Mar 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0617-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An issue where /etc/passwd was given incorrect privileges has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19345, CVE-2019-19346, CVE-2019-19348, CVE-2020-1707, CVE-2020-1708
SHA-256 | 6a548a878b9738f64e407ec0791fd34f97a41c4572ebfe95d5f14c496374a7c4
Ubuntu Security Notice USN-4295-1
Posted Mar 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4295-1 - It was discovered that Rake incorrectly handled certain files. An attacker could use this issue to possibly execute arbitrary commands.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8130
SHA-256 | 35f68dcb9045dbb6b672d8b8f70f5c7705acd4d89b31da78d0df8b65e509dc07
XOO Digital 2.1.0 SQL Injection
Posted Mar 4, 2020
Authored by indoushka

XOO Digital version 2.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0a7174ad2e0c9c3974632dc8e9aa4e315bebfa839ead4438034dc855239fa2d5
UniSharp Laravel File Manager 2.0.0 Arbitrary File Read
Posted Mar 4, 2020
Authored by NgoAnhDuc

UniSharp Laravel File Manager version 2.0.0 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
SHA-256 | 1d7405c593ee49d55e59bcf504bf4d3f7496515bc48aef6a5e832b0c6175f1cd
Running Encrypted ELF Binaries In Memory
Posted Mar 4, 2020
Authored by Marco Ortisi, redtimmysec

Whitepaper called Blue Team vs. Red Team: How to run your encrypted binaries in memory and go undetected. This paper discusses the golden frieza project.

tags | paper
SHA-256 | 326178d7c2a2126ac27509f46a4346cfb02ff83ca3fc2a5d381a2e1d830ce3ec
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close