Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
b1c9884855d58be94a97b2e348bcdc7db995800f0405b0f4e9a7176ee2f094a7This Metasploit module exploits a flaw where an authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules (to perform certain actions), by the scheduler for data processing, etc. This module uses this functionality to obtain a remote shell on the target.
4fc454b9a7db2a27a465a12d5f364a39e3ac7dba6dcd7fc3801635b21c08d5b6OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
694f61ac11cb51c9bf73f54e771ff6022b0327a43bbdfa1b2f19de1662a6dcbeRed Hat Security Advisory 2020-0892-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. An issue with insecure dropping of privileges when unsetting PRIVILEGED option was addressed.
d0032e950eb465a7201ef0e9492897f02d9331ada9af4126d44dd1c18bd05c4cUbuntu Security Notice 4171-5 - USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem. Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Various other issues were also addressed.
75bef91aa3e4884192cffeb9817cb1afc24784b2d7d29e5bed569257728aa0f2Red Hat Security Advisory 2020-0889-01 - The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Issues addressed include buffer overflow and use-after-free vulnerabilities.
cb90c6cd9a262933377b552a4fe0e120111a99614cf0f6c9da1cefaa8d581cbdA vulnerability was found in the TrueVector Internet Monitor service, which is installed as part of the Check Point ZoneAlarm firewall. This vulnerability allows a local attacker to cause the affected service to change the file permissions of arbitrary local files. After the file permissions have been changed, the attacker can then overwrite its content, and ultimately gain elevated privileges on the vulnerable machine. This vulnerability was successfully verified on ZoneAlarm Free Firewall version 15.8.023.18219 and TrueVector Internet Monitor version 15.8.7.18219.
02f488ac378d0162d935ec047a7f4397a62ed4cbe4aebb0d1d4566f204e6add5Razer Synapse Service version 1.0.0 suffers from a DLL injection vulnerability that can escalate privileges to SYSTEM.
495359aea72909f15906270788c6b74cd49fa920f716256f202875b418a86cf3Red Hat Security Advisory 2020-0870-01 - Flask is a lightweight but extensible web development framework for Python based on the Werkzeug WSGI toolkit, and the Jinja 2 template engine. Issues addressed include a denial of service vulnerability.
016d1b79215ffe41441199e4e3ffee6992e3b9c6b1b41aa69d4af900072dc7f5Ubuntu Security Notice 4306-1 - It was discovered that Dino incorrectly validated inputs. An attacker could use this issue to possibly obtain, inject or remove sensitive information. This update also includes a fix to the encryption implementation in Dino to support 12 byte IVs, in addition to 16 byte IVs.
a2f47a230f911f76555a82ef0156744fc0e7d0d73052c80d4f504e0a8010ebd4Proof of concept exploit for a Microsoft VSCode python extension code execution vulnerability.
025f73454d1ef7631173c3393c24e1203dc75a77cab3ab1a9da0f5201963a303232 bytes small Dynamic MessageBoxA||W PEB and Import Table Method shellcode.
a59207d673c6ae2ce3319ba16803d2d5ba9f5bd698e3c783ec0895dedd0d7478Red Hat Security Advisory 2020-0834-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.
758a425822c3749b7f1c327d3b1465dd171e616d8dec19e7e019946e186c08eeRed Hat Security Advisory 2020-0853-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. An issue with insecure dropping of privileges when unsetting PRIVILEGED option was addressed.
4335e4dad0c3d3395d391de372ba2fb83499e28428e3de98b138545d103d7fdaA directory traversal vulnerability in VMware Fusion's SUID binaries can allow an attacker to run commands as the root user. Various 10.x and 11.x versions are affected.
8ed4482dd535aafff278cebf5b26efbd2b1fdaa02044539836e9e1b487553621Ivanti Workspace Manager versions prior to 10.3.90 suffer from a bypass vulnerability.
d5a5d5763c494f264bad3c58327b4e873bfe30a582df25931163b631bce663baRed Hat Security Advisory 2020-0850-01 - An update for python-pip is now available for Red Hat Enterprise Linux 7. CRLF injection and credential exposure issues were addressed.
c1674723bf5c16e5a05432dc3f9d31be0db0dce59a812facdd8e98956fcd15bfMicrotik SSH Daemon version 6.44.3 denial of service proof of concept exploit.
ef78bf04172f75d2db6c62245121b1b179e68f6949f2f6cc0e9d92cb8765d047Red Hat Security Advisory 2020-0839-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and use-after-free vulnerabilities.
86bf34ad4e6ff350aaa75831b2d6bf93552d185d2baf99a97059c30ad2a3aa0bNetlink GPON Router version 1.0.11 suffers from a remote code execution vulnerability.
a2cd44db9b8737d54512b900c1682e0248edce009fd815a46a2fa5c38c4ec7ffThis document illustrates the manual exploitation of the vulnerability found in the Intel Active Management Technology in 2017 that stripped off the primary authentication mechanism in the Intel AMT web interface.
cfebcadf4361db526ce74bd43cf6067fdd66062b8ff3d28335972d33dcde2b8dpppd versions 2.4.2 through 2.4.8 buffer overflow exploit.
10a6602a635fe00eda73adff8cbfa55b1f8d3d56c298fa18edcd1caf80413f7aNetBackup version 7.0 suffers from a NetBackup INET Daemon unquoted service path vulnerability.
edaca32624a2ddf4a6ca6091b83f06f4199b8f9916f2f065e6b36ed3cf5a2eeb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed