what you don't know can hurt you

Recent Files

Files RSS Feed
Packet Storm New Exploits For February, 2021
Posted Mar 1, 2021
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 189 exploits added to Packet Storm in February, 2021.

tags | exploit
Red Hat Security Advisory 2021-0671-01
Posted Mar 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0671-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
American Fuzzy Lop plus plus 3.10c
Posted Mar 1, 2021
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Mac OS ARM64 support. Android support fixed and updated. Over a dozen other updates and improvements.
tags | tool, fuzzer
systems | unix
Faraday 3.14.2
Posted Mar 1, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added three new plugins and fixed some old versions of nessus plugins.
tags | tool, rootkit
systems | unix
FortiLogger 4.4.2.2 Arbitrary File Upload
Posted Mar 1, 2021
Authored by Berkan Er | Site metasploit.com

This Metasploit module exploits an unauthenticated arbitrary file upload via an insecure POST request to Fortilogger. It has been tested on version 4.4.2.2 in Windows 10 Enterprise.

tags | exploit, arbitrary, file upload
systems | windows
Concrete5 8.5.4 Cross Site Scripting
Posted Mar 1, 2021
Authored by nu11secur1ty

Concrete5 version 8.5.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
Red Hat Security Advisory 2021-0672-01
Posted Mar 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0672-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
Trojan-Spy.Win32.Stealer.osh Insecure Permissions
Posted Mar 1, 2021
Authored by malvuln | Site malvuln.com

Trojan-Spy.Win32.Stealer.osh malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
Online Catering Reservation System 1.0 Code Execution
Posted Mar 1, 2021
Authored by Christian Vierschilling

Online Catering Reservation System version 1.0 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
Genua GenuGate High Resistance Firewall Authentication Bypass
Posted Mar 1, 2021
Authored by Armin Stock | Site sec-consult.com

Genua GenuGate High Resistance Firewall versions prior to 10.1 p4, 9.6 p7, and 9.0 Z p19 suffer from an authentication bypass vulnerability.

tags | advisory, bypass
Red Hat Security Advisory 2021-0681-01
Posted Mar 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0681-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

tags | advisory
systems | linux, redhat
Red Hat Security Advisory 2021-0670-01
Posted Mar 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0670-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
Covid-19 Contact Tracing System 1.0 Code Execution
Posted Mar 1, 2021
Authored by Christian Vierschilling

Covid-19 Contact Tracing System version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
Code16 Notes Magazine 06
Posted Mar 1, 2021
Authored by Cody Sixteen, code16

Code16 is a compilation of notes from research performed by Cody16. This issue discusses hunting zero days and NagiosXI version 5.8.1.

tags | magazine
Code16 Notes Magazine 05
Posted Mar 1, 2021
Authored by Cody Sixteen, code16

Code16 is a compilation of notes from research performed by Cody16. This issue discusses spelunking routers and learning rust.

tags | magazine
VMware vCenter Server 7.0 Arbitrary File Upload
Posted Mar 1, 2021
Authored by Photubias

VMware vCenter Server version 7.0 unauthenticated arbitrary file upload exploit.

tags | exploit, arbitrary, file upload
Red Hat Security Advisory 2021-0663-01
Posted Mar 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0663-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
Red Hat Security Advisory 2021-0669-01
Posted Mar 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0669-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
Backdoor.Win32.RemoteManipulator.fdo Insecure Permissions
Posted Mar 1, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.RemoteManipulator.fdo malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
WiFi Mouse 1.7.8.5 Remote Code Execution
Posted Feb 28, 2021
Authored by H4rk3nz0

WiFi Mouse version 1.7.8.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
Autopsy Tool For Linux And Windows
Posted Feb 27, 2021
Authored by Jeenali Kothari | Site hackingarticles.in

This whitepaper provides an overview of Autopsy, the graphical interface for the Sleuthkit.

tags | paper
Package Control Arbitrary File Write
Posted Feb 26, 2021
Authored by Google Security Research, Felix Wilhelm

Package Control suffers from an arbitrary file write vulnerability.

tags | exploit, arbitrary
Microsoft DirectWrite fsg_ExecuteGlyph Buffer Overflow
Posted Feb 26, 2021
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite suffers from a heap-based buffer overflow vulnerability in fsg_ExecuteGlyph while processing variable TTF fonts.

tags | exploit, overflow
Chrome DataElement Out-Of-Bounds Read
Posted Feb 26, 2021
Authored by Google Security Research, Mark Brand

Chrome suffers from an out-of-bounds read vulnerability in network DataElement struct traits.

tags | exploit
Ubuntu Security Notice USN-4754-2
Posted Feb 26, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4754-2 - USN-4754-1 fixed a vulnerability in Python. The fix for CVE-2021-3177 introduced a regression in Python 2.7. This update reverts the security fix pending further investigation. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary, python
systems | linux, ubuntu
View Older Files →

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close