exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2023-08-18

Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification
Posted Aug 18, 2023
Authored by Jim Becher | Site korelogic.com

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 suffers from an unpatched vulnerability in sudoedit, allowed by sudo configuration, which permits a low-privilege user to modify arbitrary files as root and subsequently execute arbitrary commands as root.

tags | exploit, arbitrary, root
systems | cisco
advisories | CVE-2023-22809
SHA-256 | 9caf2d86fd42cb7a6098a98695d2f0c8ac71c65afef31f1c6345f008453f417a
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation
Posted Aug 18, 2023
Authored by Jim Becher | Site korelogic.com

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to run arbitrary commands as root via the tcpdump command without a password.

tags | exploit, arbitrary, root
systems | cisco
advisories | CVE-2023-20224
SHA-256 | f0f074bfbbdfcf50b89b456bedfa1d6e2dad916eb9c805528576e82777cae103
Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read
Posted Aug 18, 2023
Authored by Hank Leininger, Jim Becher | Site korelogic.com

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to read root-only files via the dig command without a password.

tags | exploit, root
systems | cisco
advisories | CVE-2023-20217
SHA-256 | 9a639b868d2a607d6808f5cc9c66c20f4c697461ce4034c2ce7534df93c6ec6e
Ubuntu Security Notice USN-6301-1
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6301-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-36691, CVE-2022-0168, CVE-2022-1184, CVE-2022-27672, CVE-2022-4269, CVE-2023-0590, CVE-2023-1611, CVE-2023-1855, CVE-2023-1990, CVE-2023-2124, CVE-2023-2194, CVE-2023-28466, CVE-2023-30772, CVE-2023-3111
SHA-256 | 125a315d2aef538a30c88eeedb76ea1ad66ca679d4531e2f90565d6b90d2edeb
Ubuntu Security Notice USN-6300-1
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6300-1 - William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service. It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-4269, CVE-2022-48502, CVE-2023-0597, CVE-2023-1611, CVE-2023-1855, CVE-2023-1990, CVE-2023-2002, CVE-2023-2124, CVE-2023-2163, CVE-2023-2194, CVE-2023-2235, CVE-2023-2269, CVE-2023-23004, CVE-2023-28466
SHA-256 | 829cc8a82ad61e2a0dec9b102d838ba347daf73a403d600e65767e9f8d3821c0
Ubuntu Security Notice USN-6299-1
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6299-1 - It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-36023
SHA-256 | 144c3965fa3ad3698240515edd82a9dbfe9d853526109e10f7047d5f74eb6e20
Debian Security Advisory 5479-1
Posted Aug 18, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2023-2312, CVE-2023-4349, CVE-2023-4350, CVE-2023-4351, CVE-2023-4352, CVE-2023-4353, CVE-2023-4354, CVE-2023-4355, CVE-2023-4356, CVE-2023-4357, CVE-2023-4358, CVE-2023-4359, CVE-2023-4360, CVE-2023-4361
SHA-256 | aee0f620a740c7ebf8d3a5388c4cb2acee86d35cf2761c6423c720350e0a280f
Ubuntu Security Notice USN-6294-2
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6294-2 - USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Ubuntu 20.04 LTS. Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-40225
SHA-256 | d781113e83bdef2397942d94f0f5327411286b1e5bf60fc0a91451cecd337078
Ubuntu Security Notice USN-6297-1
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6297-1 - It was discovered that Ghostscript incorrectly handled outputting certain PDF files. A local attacker could potentially use this issue to cause a crash, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2023-38559
SHA-256 | 28a766cc78e8818479cc1b035a3452025c8d6af4e2cded153c7353ce30dcb071
Ubuntu Security Notice USN-6298-1
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6298-1 - Liu Zhu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. YiMing Liu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-7727, CVE-2020-18442
SHA-256 | 726c94156be0fb08522ab35a77ac192d647ae53e93f0134c702c8c11b5eed036
Windows API Exploitation In Real World
Posted Aug 18, 2023
Authored by Akash Sarode

This paper focuses on using Windows APIs to exploit and bypass modern day defense systems. The idea here is to understand the approach of how a modern day threat adversary would definitely help blue teamers to improve their defense mechanism. This article is useful for both blue and red teamers.

tags | paper
systems | windows
SHA-256 | a08987a70023a852cfeef5c85e21b3ba9fa78f1aa30066467583fa799fdca5e3
Chrome IPCZ FragmentDescriptors Missing Validation
Posted Aug 18, 2023
Authored by Google Security Research, Mark Brand

Chrome IPCZ FragmentDescriptors are not validated allowing for an out-of-bounds crash condition.

tags | exploit
advisories | CVE-2023-3732
SHA-256 | adc68a8b0a6ff50085071702ac5d18e4499b667b8b192dadf209cd4cf9ae81ee
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close