Packetstorm Security

Red Hat Security Advisory 2021-0247-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

Red Hat Security Advisory 2021-0246-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

Ubuntu Security Notice 4703-1 - It was discovered that Mutt incorrectly handled certain email messages. An attacker could possibly use this issue to cause a denial of service.

Red Hat Security Advisory 2021-0248-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

Red Hat Security Advisory 2021-0250-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

Red Hat Security Advisory 2021-0245-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.

Red Hat Security Advisory 2021-0240-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.

Backdoor.Win32.DarkKomet.bhfh malware suffers from an insecure permissions vulnerability.

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

This Metasploit module exploits an ACL bypass in MobileIron MDM products to execute a Groovy gadget against a Hessian-based Java deserialization endpoint.

This Metasploit module takes advantages of Archive_Tar versions prior to 1.4.11 which fail to validate file stream wrappers contained within filenames to write an arbitrary file containing user controlled content to an arbitrary file on disk. Note that the file will be written to disk with the permissions of the user that PHP is running as, so it may not be possible to overwrite some files if the PHP user is not appropriately privileged.

Ubuntu Security Notice 4702-1 - It was discovered that Pound incorrectly handled certain HTTP requests A remote attacker could use it to retrieve some sensitive information.

Gentoo Linux Security Advisory 202101-21 - A vulnerability was discovered in Flatpak which could allow a remote attacker to execute arbitrary code. Versions less than 1.10.0 are affected.

Backdoor.Win32.Wollf.16 malware creates and runs a service named contime.exe with SYSTEM integrity and listens on port 5240. The malware uses a weak hardcoded password of 12345678 which can easily be viewed in the binary using strings utility.

Gentoo Linux Security Advisory 202101-20 - Multiple vulnerabilities have been found in glibc, the worst of which could result in the arbitrary execution of code. Versions less than 2.32-r5 are affected.

Trojan.Win32.Xocry.ff malware suffers from an insecure permissions vulnerability.

Library System version 1.0 suffers from a remote SQL injection vulnerability.

Gentoo Linux Security Advisory 202101-19 - Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in the arbitrary execution of code. Versions less than 8.272_p10 are affected.

Backdoor.Win32.Jokerdoor malware suffers from an insecure permissions vulnerability.