exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-03-10

Zeek 3.1.1
Posted Mar 10, 2020
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: This release fixes a potential high CPU load due to race in Broker data stores, a memory exhaustion issue, an incorrect symlink, and an improvement to allow some external plugins to compile.
tags | tool, intrusion detection
systems | unix
MD5 | 913d0f01da1c505a0d2e4845a1257a33
Red Hat Security Advisory 2020-0779-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0779-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.132. An issue with insufficient policy enforcement in media was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-6420
MD5 | 1073551c3866c0f91b646505a06cc7bc
Ubuntu Security Notice USN-4298-1
Posted Mar 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4298-1 - It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that SQLite incorrectly handled certain corrupt records. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13734, CVE-2019-13750, CVE-2019-13751, CVE-2019-13753, CVE-2019-19880, CVE-2019-19923, CVE-2019-19924, CVE-2019-19925, CVE-2019-19926, CVE-2019-19959, CVE-2019-20218, CVE-2020-9327
MD5 | 25d6fa8a4777be059f8c4d0a4282fa53
Nagios XI Authenticated Remote Command Execution
Posted Mar 10, 2020
Authored by Erik Wynter, Jak Gibb | Site metasploit.com

This Metasploit module exploits a vulnerability in Nagios XI versions before 5.6.6 in order to execute arbitrary commands as root. The module uploads a malicious plugin to the Nagios XI server and then executes this plugin by issuing an HTTP GET request to download a system profile from the server. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. This may not work if Nagios XI is running in a restricted Unix environment, so in that case the target must be set to Linux (cmd). The module then writes the payload to the malicious plugin while avoiding commands that may not be supported. Valid credentials for a user with administrative privileges are required. This module was successfully tested on Nagios XI 5.6.5 running on CentOS 7. The module may behave differently against older versions of Nagios XI.

tags | exploit, web, arbitrary, root
systems | linux, unix, osx, centos
advisories | CVE-2019-15949
MD5 | 27aeb9dcadc656869ca4d5c1b08a9963
PHPStudy Backdoor Remote Code Execution
Posted Mar 10, 2020
Authored by Airevan, Dimensional | Site metasploit.com

This Metasploit module can detect and exploit the backdoor of PHPStudy.

tags | exploit
MD5 | eb9fb8137715e8afb602d0b2e3a182ef
Red Hat Security Advisory 2020-0689-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0689-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8945
MD5 | 91ba6fd094d376492c98fa3dc0cd723c
Red Hat Security Advisory 2020-0688-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0688-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A race condition has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19921
MD5 | 86f5e2fe19d665ecfd0b84b1d6c501f3
Red Hat Security Advisory 2020-0775-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0775-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-14378, CVE-2019-15890, CVE-2020-7039
MD5 | 13db1540e0b00ac4cc27fb38e60ef4d1
Red Hat Security Advisory 2020-0756-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0756-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. An issue where secrets were disclosed was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14846, CVE-2019-14856, CVE-2019-14858
MD5 | cd6966f503118469a575d336c57013ea
Red Hat Security Advisory 2020-0754-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0754-01 - The novnc package provides a VNC client that uses HTML5 and includes encryption support. An XSS vulnerability was discovered in noVNC in which arbitrary HTML could be injected into the noVNC web page. An attacker having access to a VNC server could use target host values in a crafted URL to gain access to secure information. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, arbitrary, xss
systems | linux, redhat
advisories | CVE-2017-18635
MD5 | a4100ec275db34af79adb8efe76a912e
Red Hat Security Advisory 2020-0773-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0773-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711
MD5 | 9d7fabd48c08c17bc954f8aaafbb7363
Persian VIP Download Script 1.0 SQL Injection
Posted Mar 10, 2020
Authored by S3FFR

Persian VIP Download Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a994e49a3ac90c485503fa75737fe6a2
YzmCMS 5.5 Cross Site Scripting
Posted Mar 10, 2020
Authored by En_dust

YzmCMS version 5.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | d360ca89e4a68b95345ccd028a822841
Sysaid 20.1.11 b26 Remote Command Execution
Posted Mar 10, 2020
Authored by Ahmed Sherif

Sysaid version 20.1.11 b26 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | f0ad3dffeb132df608ba37f67c62ee16
Counter Strike: GO Memory Control
Posted Mar 10, 2020
Authored by 0day Enthusiast

Counter Strike: GO .bsp memory control proof of concept exploit.

tags | exploit, proof of concept
MD5 | 5547c4c340e256937565d6a91fa070ac
Page 1 of 1
Back1Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close