Files ≈ Packet StormPacket Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
https://packetstormsecurity.com/
en-usWed, 27 Nov 2024 23:54:58 GMTPacket Storm144400
https://packetstormsecurity.com/
https://ssl.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1916873504&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.com&utmr=-&utmp=%2Ffiles%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1916873504.1732751698.1732751698.1732751698.1%3B%2B__utmz%3D32867617.1732751698.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)ABB Cylon Aspect 3.08.01 vstatConfigurationDownload.php Configuration Download
https://packetstormsecurity.com/files/182871/ZSL-2024-5863.txt
https://packetstormsecurity.com/files/182871/ZSL-2024-5863.txthttps://packetstormsecurity.com/files/182871/ABB-Cylon-Aspect-3.08.01-vstatConfigurationDownload.php-Configuration-Download.htmlWed, 27 Nov 2024 15:05:58 GMTABB Cylon Aspect version 3.08.01 suffers from an unauthenticated configuration download vulnerability. This can be exploited to download the CSV DB that contains the configuration mappings information via the VMobileImportExportServlet by directly calling the vstatConfigurationDownload.php script.Akuvox Smart Intercom/Doorphone ServicesHTTPAPI Improper Access Control
https://packetstormsecurity.com/files/182870/ZSL-2024-5862.txt
https://packetstormsecurity.com/files/182870/ZSL-2024-5862.txthttps://packetstormsecurity.com/files/182870/Akuvox-Smart-Intercom-Doorphone-ServicesHTTPAPI-Improper-Access-Control.htmlWed, 27 Nov 2024 15:04:45 GMTThe Akuvox Smart Intercom/Doorphone suffers from an insecure service API access control. The vulnerability in ServicesHTTPAPI endpoint allows users with "User" privileges to modify API access settings and configurations. This improper access control permits privilege escalation, enabling unauthorized access to administrative functionalities. Exploitation of this issue could compromise system integrity and lead to unauthorized system modifications.Debian Security Advisory 5819-1
https://packetstormsecurity.com/files/182869/dsa-5819-1.txt
https://packetstormsecurity.com/files/182869/dsa-5819-1.txthttps://packetstormsecurity.com/files/182869/Debian-Security-Advisory-5819-1.htmlWed, 27 Nov 2024 15:04:05 GMTDebian Linux Security Advisory 5819-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service, CLRF injection or information disclosure.Ubuntu Security Notice USN-7126-1
https://packetstormsecurity.com/files/182868/USN-7126-1.txt
https://packetstormsecurity.com/files/182868/USN-7126-1.txthttps://packetstormsecurity.com/files/182868/Ubuntu-Security-Notice-USN-7126-1.htmlWed, 27 Nov 2024 15:02:23 GMTUbuntu Security Notice 7126-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that libsoup could enter an infinite loop when reading certain websocket data. An attacker could possibly use this issue to cause a denial of service.Ubuntu Security Notice USN-7127-1
https://packetstormsecurity.com/files/182867/USN-7127-1.txt
https://packetstormsecurity.com/files/182867/USN-7127-1.txthttps://packetstormsecurity.com/files/182867/Ubuntu-Security-Notice-USN-7127-1.htmlWed, 27 Nov 2024 15:02:12 GMTUbuntu Security Notice 7127-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.Ubuntu Security Notice USN-7130-1
https://packetstormsecurity.com/files/182866/USN-7130-1.txt
https://packetstormsecurity.com/files/182866/USN-7130-1.txthttps://packetstormsecurity.com/files/182866/Ubuntu-Security-Notice-USN-7130-1.htmlWed, 27 Nov 2024 15:01:55 GMTUbuntu Security Notice 7130-1 - It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue to perform remote code execution if the user connected to a malicious server.Ubuntu Security Notice USN-7125-1
https://packetstormsecurity.com/files/182865/USN-7125-1.txt
https://packetstormsecurity.com/files/182865/USN-7125-1.txthttps://packetstormsecurity.com/files/182865/Ubuntu-Security-Notice-USN-7125-1.htmlWed, 27 Nov 2024 15:01:09 GMTUbuntu Security Notice 7125-1 - It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer underflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.Ubuntu Security Notice USN-6988-2
https://packetstormsecurity.com/files/182864/USN-6988-2.txt
https://packetstormsecurity.com/files/182864/USN-6988-2.txthttps://packetstormsecurity.com/files/182864/Ubuntu-Security-Notice-USN-6988-2.htmlWed, 27 Nov 2024 15:00:33 GMTUbuntu Security Notice 6988-2 - USN-6988-1 fixedCVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the equivalent fix for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Ben Kallus discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS.Ubuntu Security Notice USN-7129-1
https://packetstormsecurity.com/files/182863/USN-7129-1.txt
https://packetstormsecurity.com/files/182863/USN-7129-1.txthttps://packetstormsecurity.com/files/182863/Ubuntu-Security-Notice-USN-7129-1.htmlWed, 27 Nov 2024 15:00:19 GMTUbuntu Security Notice 7129-1 - It was discovered that TinyGLTF performed file path expansion in an insecure way on certain inputs. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.Ubuntu Security Notice USN-7128-1
https://packetstormsecurity.com/files/182862/USN-7128-1.txt
https://packetstormsecurity.com/files/182862/USN-7128-1.txthttps://packetstormsecurity.com/files/182862/Ubuntu-Security-Notice-USN-7128-1.htmlWed, 27 Nov 2024 15:00:05 GMTUbuntu Security Notice 7128-1 - Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service.Ubuntu Security Notice USN-7117-2
https://packetstormsecurity.com/files/182861/USN-7117-2.txt
https://packetstormsecurity.com/files/182861/USN-7117-2.txthttps://packetstormsecurity.com/files/182861/Ubuntu-Security-Notice-USN-7117-2.htmlWed, 27 Nov 2024 14:59:51 GMTUbuntu Security Notice 7117-2 - USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem. Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root.Red Hat Security Advisory 2024-9885-03
https://packetstormsecurity.com/files/182860/RHSA-2024-9885-03.txt
https://packetstormsecurity.com/files/182860/RHSA-2024-9885-03.txthttps://packetstormsecurity.com/files/182860/Red-Hat-Security-Advisory-2024-9885-03.htmlWed, 27 Nov 2024 14:59:39 GMTRed Hat Security Advisory 2024-9885-03 - Red Hat Trusted Profile Analyzer 1.2.0 release Red Hat Product Security has rated this update as having a security impact of Moderate. Red Hat Security Advisory 2024-10492-03
https://packetstormsecurity.com/files/182859/RHSA-2024-10492-03.txt
https://packetstormsecurity.com/files/182859/RHSA-2024-10492-03.txthttps://packetstormsecurity.com/files/182859/Red-Hat-Security-Advisory-2024-10492-03.htmlWed, 27 Nov 2024 14:59:32 GMTRed Hat Security Advisory 2024-10492-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a bypass vulnerability.Red Hat Security Advisory 2024-10483-03
https://packetstormsecurity.com/files/182858/RHSA-2024-10483-03.txt
https://packetstormsecurity.com/files/182858/RHSA-2024-10483-03.txthttps://packetstormsecurity.com/files/182858/Red-Hat-Security-Advisory-2024-10483-03.htmlWed, 27 Nov 2024 14:59:24 GMTRed Hat Security Advisory 2024-10483-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a bypass vulnerability.Red Hat Security Advisory 2024-10472-03
https://packetstormsecurity.com/files/182857/RHSA-2024-10472-03.txt
https://packetstormsecurity.com/files/182857/RHSA-2024-10472-03.txthttps://packetstormsecurity.com/files/182857/Red-Hat-Security-Advisory-2024-10472-03.htmlWed, 27 Nov 2024 14:59:17 GMTRed Hat Security Advisory 2024-10472-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.Red Hat Security Advisory 2024-10389-03
https://packetstormsecurity.com/files/182856/RHSA-2024-10389-03.txt
https://packetstormsecurity.com/files/182856/RHSA-2024-10389-03.txthttps://packetstormsecurity.com/files/182856/Red-Hat-Security-Advisory-2024-10389-03.htmlWed, 27 Nov 2024 14:59:10 GMTRed Hat Security Advisory 2024-10389-03 - Red Hat OpenShift Virtualization release 4.13.11 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.Red Hat Security Advisory 2024-10386-03
https://packetstormsecurity.com/files/182855/RHSA-2024-10386-03.txt
https://packetstormsecurity.com/files/182855/RHSA-2024-10386-03.txthttps://packetstormsecurity.com/files/182855/Red-Hat-Security-Advisory-2024-10386-03.htmlWed, 27 Nov 2024 14:59:00 GMTRed Hat Security Advisory 2024-10386-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Red Hat Security Advisory 2024-10385-03
https://packetstormsecurity.com/files/182854/RHSA-2024-10385-03.txt
https://packetstormsecurity.com/files/182854/RHSA-2024-10385-03.txthttps://packetstormsecurity.com/files/182854/Red-Hat-Security-Advisory-2024-10385-03.htmlWed, 27 Nov 2024 14:58:53 GMTRed Hat Security Advisory 2024-10385-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Red Hat Security Advisory 2024-10384-03
https://packetstormsecurity.com/files/182853/RHSA-2024-10384-03.txt
https://packetstormsecurity.com/files/182853/RHSA-2024-10384-03.txthttps://packetstormsecurity.com/files/182853/Red-Hat-Security-Advisory-2024-10384-03.htmlWed, 27 Nov 2024 14:58:48 GMTRed Hat Security Advisory 2024-10384-03 - An update for tuned is now available for Red Hat Enterprise Linux 9. Red Hat Security Advisory 2024-10381-03
https://packetstormsecurity.com/files/182852/RHSA-2024-10381-03.txt
https://packetstormsecurity.com/files/182852/RHSA-2024-10381-03.txthttps://packetstormsecurity.com/files/182852/Red-Hat-Security-Advisory-2024-10381-03.htmlWed, 27 Nov 2024 14:58:41 GMTRed Hat Security Advisory 2024-10381-03 - An update for tuned is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Security Advisory 2024-10379-03
https://packetstormsecurity.com/files/182851/RHSA-2024-10379-03.txt
https://packetstormsecurity.com/files/182851/RHSA-2024-10379-03.txthttps://packetstormsecurity.com/files/182851/Red-Hat-Security-Advisory-2024-10379-03.htmlWed, 27 Nov 2024 14:58:35 GMTRed Hat Security Advisory 2024-10379-03 - An update for pam is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.Red Hat Security Advisory 2024-10289-03
https://packetstormsecurity.com/files/182850/RHSA-2024-10289-03.txt
https://packetstormsecurity.com/files/182850/RHSA-2024-10289-03.txthttps://packetstormsecurity.com/files/182850/Red-Hat-Security-Advisory-2024-10289-03.htmlWed, 27 Nov 2024 14:58:28 GMTRed Hat Security Advisory 2024-10289-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and traversal vulnerabilities.Red Hat Security Advisory 2024-10282-03
https://packetstormsecurity.com/files/182849/RHSA-2024-10282-03.txt
https://packetstormsecurity.com/files/182849/RHSA-2024-10282-03.txthttps://packetstormsecurity.com/files/182849/Red-Hat-Security-Advisory-2024-10282-03.htmlWed, 27 Nov 2024 14:58:21 GMTRed Hat Security Advisory 2024-10282-03 - An update for the kernel-rt:4.18.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.Red Hat Security Advisory 2024-10281-03
https://packetstormsecurity.com/files/182848/RHSA-2024-10281-03.txt
https://packetstormsecurity.com/files/182848/RHSA-2024-10281-03.txthttps://packetstormsecurity.com/files/182848/Red-Hat-Security-Advisory-2024-10281-03.htmlWed, 27 Nov 2024 14:58:15 GMTRed Hat Security Advisory 2024-10281-03 - An update for the kernel:4.18.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.Red Hat Security Advisory 2024-10275-03
https://packetstormsecurity.com/files/182847/RHSA-2024-10275-03.txt
https://packetstormsecurity.com/files/182847/RHSA-2024-10275-03.txthttps://packetstormsecurity.com/files/182847/Red-Hat-Security-Advisory-2024-10275-03.htmlWed, 27 Nov 2024 14:58:08 GMTRed Hat Security Advisory 2024-10275-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.