exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-03-10

Zeek 3.1.1
Posted Mar 10, 2020
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: This release fixes a potential high CPU load due to race in Broker data stores, a memory exhaustion issue, an incorrect symlink, and an improvement to allow some external plugins to compile.
tags | tool, intrusion detection
systems | unix
SHA-256 | a2ef5f36dc4566d2ba129f34c14c269619b9797725b65d2696c27074db5f3e6a
Red Hat Security Advisory 2020-0779-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0779-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.132. An issue with insufficient policy enforcement in media was addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-6420
SHA-256 | 3cd805d8dae4779c6b64689dde9cedd92e5700b742f25f7caa35d9f02d451dd0
Ubuntu Security Notice USN-4298-1
Posted Mar 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4298-1 - It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that SQLite incorrectly handled certain corrupt records. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13734, CVE-2019-13750, CVE-2019-13751, CVE-2019-13753, CVE-2019-19880, CVE-2019-19923, CVE-2019-19924, CVE-2019-19925, CVE-2019-19926, CVE-2019-19959, CVE-2019-20218, CVE-2020-9327
SHA-256 | f5109bac0750a5ca954bc0abbebf20331a2eedfa9d91e67f5aa6045951ad27a7
Nagios XI Authenticated Remote Command Execution
Posted Mar 10, 2020
Authored by Erik Wynter, Jak Gibb | Site metasploit.com

This Metasploit module exploits a vulnerability in Nagios XI versions before 5.6.6 in order to execute arbitrary commands as root. The module uploads a malicious plugin to the Nagios XI server and then executes this plugin by issuing an HTTP GET request to download a system profile from the server. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. This may not work if Nagios XI is running in a restricted Unix environment, so in that case the target must be set to Linux (cmd). The module then writes the payload to the malicious plugin while avoiding commands that may not be supported. Valid credentials for a user with administrative privileges are required. This module was successfully tested on Nagios XI 5.6.5 running on CentOS 7. The module may behave differently against older versions of Nagios XI.

tags | exploit, web, arbitrary, root
systems | linux, unix, osx, centos
advisories | CVE-2019-15949
SHA-256 | ff7c4c4f60a8d9d91f4dea43c87e96d04fac8cbc379e059ccb3fb23c944c18ab
PHPStudy Backdoor Remote Code Execution
Posted Mar 10, 2020
Authored by Airevan, Dimensional | Site metasploit.com

This Metasploit module can detect and exploit the backdoor of PHPStudy.

tags | exploit
SHA-256 | df2fe2dc17dfccf25b996306f492791a47f36836e647f13318faac6c20640ce2
Red Hat Security Advisory 2020-0689-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0689-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8945
SHA-256 | d213a91a33b2cab01020f00ae8f1a3ee4beb7f2a265216f47477eede1cc52d4d
Red Hat Security Advisory 2020-0688-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0688-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A race condition has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19921
SHA-256 | b6a978e16a30622f1ef08edd0d08057edbcb265b8178ca621f34da209a122b86
Red Hat Security Advisory 2020-0775-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0775-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-14378, CVE-2019-15890, CVE-2020-7039
SHA-256 | 1bec67f6c9e4cee34c9dd01f43184ed7cec9d7278ef1ba6c863492ae119690b9
Red Hat Security Advisory 2020-0756-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0756-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. An issue where secrets were disclosed was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-14846, CVE-2019-14856, CVE-2019-14858
SHA-256 | 797ccf82a8126141a057a98fe76cb316e28f89fe0b76b96c8948df8f0fe0cc24
Red Hat Security Advisory 2020-0754-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0754-01 - The novnc package provides a VNC client that uses HTML5 and includes encryption support. An XSS vulnerability was discovered in noVNC in which arbitrary HTML could be injected into the noVNC web page. An attacker having access to a VNC server could use target host values in a crafted URL to gain access to secure information. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, arbitrary, xss
systems | linux, redhat
advisories | CVE-2017-18635
SHA-256 | d2fd665bc799beef786875183c0471b301e55346c9b45549987568af18a43ead
Red Hat Security Advisory 2020-0773-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0773-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | 60eb6a15e04cea05f1d24e5195704c6dd78857c339f8cc80b121340284ea2753
Persian VIP Download Script 1.0 SQL Injection
Posted Mar 10, 2020
Authored by S3FFR

Persian VIP Download Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 612844e2d07069c99dedf034e02ac925c1c11c83757148c2e583f6f0a9ca859d
YzmCMS 5.5 Cross Site Scripting
Posted Mar 10, 2020
Authored by En_dust

YzmCMS version 5.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 039878cfad81220be93f7c91f3ea23bb6c131ef0f59df51e244a4bee9d638b4a
Sysaid 20.1.11 b26 Remote Command Execution
Posted Mar 10, 2020
Authored by Ahmed Sherif

Sysaid version 20.1.11 b26 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 165ad4837763969d6da42402b6c7f21dacba4bac228f556316bb541009b44f06
Counter Strike: GO Memory Control
Posted Mar 10, 2020
Authored by 0day Enthusiast

Counter Strike: GO .bsp memory control proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 055038fb6daa96930f1d56b8eea499869e7c2a9634df53ea7ea173563a62f1a2
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close