This Metasploit module exploits two vulnerabilities in the BYOB (Build Your Own Botnet) web GUI. It leverages an unauthenticated arbitrary file write that allows modification of the SQLite database, adding a new admin user. It also uses an authenticated command injection in the payload generation page. These vulnerabilities remain unpatched.
79a52f4825a37f1f32b41c75c5291bce58103929d4c86cd602c2497b8eff4236GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
922c54b2b890d2b9411512a3dc22dca353193dc6ea173d0dda6cb6ee9ff825bcABB Cylon Aspect version 3.08.01 suffers from an unauthenticated configuration download vulnerability. This can be exploited to download the SQLite DB that contains the configuration mappings information via the FTControlServlet by directly calling the mapConfigurationDownload.php script.
1e21ababb69b9f3204394d4fb7d153f100fd877141aa727c52a4bbeb76315e4dUbuntu Security Notice 7048-2 - USN-7048-1 fixed a vulnerability in Vim. This update provides the corresponding update for Ubuntu 14.04 LTS. Suyue Guo discovered that Vim incorrectly handled memory when flushing the typeahead buffer, leading to heap-buffer-overflow. An attacker could possibly use this issue to cause a denial of service.
129047bc51aa6ab10c7829d6c0d2134db52c77060500928a18b2797a5da8c220Red Hat Security Advisory 2024-8176-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a use-after-free vulnerability.
6fe8bc1da5ff9a1060d1aaeb54d1dd153d8cb17eaeb83695bfea4c22c37591b8Red Hat Security Advisory 2024-8173-03 - An update for resource-agents is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a code execution vulnerability.
eb60172d5eea03022127c71c14128344d79699075230ea719cc0cf4ebe327558Ubuntu Security Notice 7038-2 - USN-7038-1 fixed a vulnerability in Apache Portable Runtime library. This update provides the corresponding update for Ubuntu 14.04 LTS. Thomas Stangner discovered a permission vulnerability in the Apache Portable Runtime library. A local attacker could possibly use this issue to read named shared memory segments, potentially exposing sensitive application data.
031b153d0abad89991fa505217a2075faa03246eb9ea22cd571b48ce749ec2e0Red Hat Security Advisory 2024-8172-03 - An update for resource-agents is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a code execution vulnerability.
63cbf050ce547d217959a067001a1ec162627ff9e273ce386455941b4122b5b5Red Hat Security Advisory 2024-8171-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a code execution vulnerability.
5c26929c82190000b44c447e960cb4707b793ed1644e826677ff56e61061c9a0Red Hat Security Advisory 2024-8170-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a code execution vulnerability.
fcfb77e5a277fbb2055a02348267f1d02b8dadf7b1dd329dfaf9fcac979ce9baUbuntu Security Notice 7070-1 - It was discovered that libarchive mishandled certain memory checks, which could result in a NULL pointer dereference. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that libarchive mishandled certain memory operations, which could result in an out-of-bounds memory access. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
54795697770de4e18132c9954463c8363aa56bc5e058814ed6f16b301438b04dRed Hat Security Advisory 2024-8169-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include bypass and denial of service vulnerabilities.
3f90a6c9e9ff43ed78596bdfa1eb356cdd7f75188e1c0b73241b4c183210b1e2Red Hat Security Advisory 2024-8168-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a code execution vulnerability.
e4045eaab559755c4daac1b5aa3bb37d1edb3797b654abf0436d0ead4997094bUbuntu Security Notice 7069-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
a25273d1e5c2def9ec1f2694e92ad856af3c508c90bb4430292db51b8e20a81fRed Hat Security Advisory 2024-8167-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.
8dbcef4436aa1bc54bf8bc489fc3b2ffc07b3d15ef483dff8616dc9b76828ae7Ubuntu Security Notice 7064-1 - It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink.
8cef91180f8ac7204987a76b3681a3cabb8818b1d82bf8e731ed5840a1270bacRed Hat Security Advisory 2024-8166-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass, denial of service, and use-after-free vulnerabilities.
1bce210b9ea905745f056096e5e0dd76086e3b26fab5033a6134bb2a1d34cf1cRed Hat Security Advisory 2024-8162-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include information leakage and null pointer vulnerabilities.
7e37f8e52d2e5b9f5eebca054e756d1237839a3b3bfdfe8f19eba807741bcb23Red Hat Security Advisory 2024-8161-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
2d88ce46ba546ac4247e8c5d34e848be3bc6beb66b47683ed69408d5f678ee93Red Hat Security Advisory 2024-8158-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include information leakage and null pointer vulnerabilities.
eb430143c61c6fd69458610d4d94b5147f7aeb24a4b82d2a05cac1b0a936ac0fRed Hat Security Advisory 2024-8157-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include information leakage and null pointer vulnerabilities.
272ac0053291ee2e70dd242daed8d275b856ab17f218dccd2199df18a59f3f46Red Hat Security Advisory 2024-8132-03 - An update for libuv is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a server-side request forgery vulnerability.
b285b4f397c00c839a9a7218fa88f5e3e027f635019cecc2fb5c0707f6bb9910Red Hat Security Advisory 2024-8120-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.
a31a89ccdfddb7493f56a94e2aa1b76645fa4f9b01e8c05489ce2432675a1e89Red Hat Security Advisory 2024-8112-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.
c469df6d18f9398ed364c20ef3e98d88f2f63c161503c4e7935a384491e5497bRed Hat Security Advisory 2024-7925-03 - Red Hat OpenShift Container Platform release 4.17.1 is now available with updates to packages and images that fix several bugs and add enhancements.
f2c70bd7173d8bcc5a43e2ea579597918bb10f9a8c949b7be11da4af4859e83a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed