exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2020-04-06

Botan C++ Crypto Algorithms Library 2.14.0
Posted Apr 6, 2020
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Added support for using POWER8+ VPSUMD instruction to accelerate GCM. Optimized the vector permute AES implementation, especially improving performance on ARMv7, Aarch64, and POWER. Used a new algorithm for modular inversions which is both faster and more resistant to side channel attacks. Various other additions and updates.
tags | library
SHA-256 | 0c10f12b424a40ee19bde00292098e201d7498535c062d8d5b586d07861a54b5
Red Hat Security Advisory 2020-1333-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1333-01 - KornShell is a Unix shell developed by AT+T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | 96a067fecec2836eda0cd5e4a2232e9531620efb5ceff259de1c772e98d0635d
Red Hat Security Advisory 2020-1331-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1331-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.

tags | advisory, remote, overflow
systems | linux, redhat
advisories | CVE-2020-5208
SHA-256 | 9c2d6de70096e4467df16fcc53798f10415f39563c73878bb87493b2fd999da8
Red Hat Security Advisory 2020-1332-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1332-01 - KornShell is a Unix shell developed by AT+T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
SHA-256 | e5c75d600477e9b087450bb8699274001aaf564423f0cf307cdd74fd71e23e04
Red Hat Security Advisory 2020-1326-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1326-01 - OpenStack Shared Filesystem Service provides services to manage network filesystems for use by Virtual Machine instances.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-9543
SHA-256 | 11a6b8d6484baac8b5d9e5a85525daa85a40457604e5a6d7e06a9f1c6e7d3628
Microsoft Windows Net Use Insufficent Authentication
Posted Apr 6, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The Windows "net use" network logon type-3 command does not prompt for authentication when the built-in Administrator account is enabled and both remote and originating systems suffer from password reuse. This also works as "standard" user but unfortunately we do not gain high integrity privileges. However, it opens the door and increases the attack surface if the box we laterally move to has other vulnerabilities present.

tags | exploit, remote, vulnerability
systems | windows
SHA-256 | 951dfb35f9a363b5e914b804355769c12f596ba4c1d0f4de84c1869765e684c7
LimeSurvey 4.1.11 Cross Site Scripting
Posted Apr 6, 2020
Authored by Matthew Aberegg, Michael Burkey

LimeSurvey version 4.1.11 suffers from a Survey Groups persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-11456
SHA-256 | df3e45472fe0c92c7d67f5d5dc0037bf3764a1c3defb70f0ed668401e0954839
Vesta Control Panel Authenticated Remote Code Execution
Posted Apr 6, 2020
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits command injection vulnerability in v-list-user-backups bash script file. Low privileged authenticated users can execute arbitrary commands under the context of the root user. An authenticated attacker with a low privileges can inject a payload in the file name starts with dot. During the user backup process, this file name will be evaluated by the v-user-backup bash scripts. As result of that backup process, when an attacker try to list existing backups injected payload will be executed.

tags | exploit, arbitrary, root, bash
advisories | CVE-2020-10808
SHA-256 | c994018871aaf2d9fb2b0d77fe7087abdbe4671491c2b25721371a3f880b91c3
SMBv3 Compression Buffer Overflow
Posted Apr 6, 2020
Authored by Spencer McIntyre, Daniel Garcia Gutierrez, Manuel Blanco Parajon | Site metasploit.com

A vulnerability exists within the Microsoft Server Message Block 3.1.1 (SMBv3) protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe.

tags | exploit, local, protocol
advisories | CVE-2020-0796
SHA-256 | b897523218de261b528a25b48e985e91f958585e7ae9753a0c897e339abe8503
Red Hat Security Advisory 2020-1334-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1334-01 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. An arbitrary code execution vulnerability was addressed.

tags | advisory, remote, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2020-10188
SHA-256 | 664967439d5ea282c0facd49a014ec94aae3d32598048bc134f5f999ecb7b541
Pandora FMS Ping Authenticated Remote Code Execution
Posted Apr 6, 2020
Authored by Onur ER | Site metasploit.com

This Metasploit module exploits a vulnerability found in Pandora FMS 7.0NG and lower. net_tools.php in Pandora FMS 7.0NG allows remote attackers to execute arbitrary OS commands.

tags | exploit, remote, arbitrary, php
SHA-256 | 13c1b77ffe29ebb14e76ff947c09afeab3c3fd57df6d696dbd84ba9e2f67037a
PlaySMS index.php Unauthenticated Template Injection Code Execution
Posted Apr 6, 2020
Authored by Touhid M.Shaikh, Lucas Rosevear | Site metasploit.com

This Metasploit module exploits a preauth Server-Side Template Injection vulnerability that leads to remote code execution in PlaySMS before version 1.4.3. This issue is caused by double processing a server-side template with a custom PHP template system called TPL which is used in the PlaySMS template engine at src/Playsms/Tpl.php:_compile(). The vulnerability is triggered when an attacker supplied username with a malicious payload is submitted. This malicious payload is then stored in a TPL template which when rendered a second time, results in code execution.

tags | exploit, remote, php, code execution
advisories | CVE-2020-8644
SHA-256 | 69a0f4388bcdfe1db7116c0d2b6663a925f860d9e3598da1d2bb51cf94a6700f
Red Hat Security Advisory 2020-1335-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1335-01 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. An arbitrary code execution vulnerability was addressed.

tags | advisory, remote, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2020-10188
SHA-256 | daffcb8a8a981a2595f69a4544cfb3ea934971af45e409786b6a746d3888420a
pfSense 2.4.4-P3 User Manager Cross Site Scripting
Posted Apr 6, 2020
Authored by Matthew Aberegg

pfSense version 2.4.4-P3 suffers from a User Manager persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-11457
SHA-256 | 57226099c9505a4e67a7f8bfe20c56ced5e7cde849785f5bc51e18f02ff9ce95
Red Hat Security Advisory 2020-1325-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1325-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability, code execution, python
systems | linux, redhat
advisories | CVE-2019-11358
SHA-256 | 2f2f2c53d6e250b07b121b76a0eea7a5ad19925d05d681c49010a07858fc5ae9
Bolt CMS 3.7.0 Remote Code Execution
Posted Apr 6, 2020
Authored by r3m0t3nu11

Bolt CMS version 3.7.0 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 262facd2f0fdd5ed141e29f22bdab6b54fd025b952333424aa8f80d8ee4f027b
Red Hat Security Advisory 2020-1324-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1324-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, sql injection, python
systems | linux, redhat
advisories | CVE-2019-12781, CVE-2019-14232, CVE-2019-14233, CVE-2019-14234, CVE-2019-14235
SHA-256 | 2fc65aca7c721672bcd1ad2728442682f05f53d75519f7b999663f63ac6bc6a1
Vanguard 2.1 Cross Site Scripting
Posted Apr 6, 2020
Authored by thelastvvv

Vanguard version 2.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 412220fc7032057c7d49d6ef7f42fe0b1716b9c7acfcba5cfba057b964babba3
Ubuntu Security Notice USN-4317-1
Posted Apr 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4317-1 - Two use-after-free bugs were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit these to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-6819
SHA-256 | 3e2811d98dc9c78447f83a763155fcf9a8fa92184d344a3cab387e46b48406a5
WhatsApp Desktop 0.3.9308 Cross Site Scripting
Posted Apr 6, 2020
Authored by Gal Weizman

WhatsApp Desktop version 0.3.9308 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-18426
SHA-256 | 92e40eb6061e659675b76d4c9cead134b84c467d9f33ed0ad867dc0747766250
Red Hat Security Advisory 2020-1318-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1318-01 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. An arbitrary code execution vulnerability was addressed.

tags | advisory, remote, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2020-10188
SHA-256 | c3d3ec7c19475a1f897e35db7cf184c0aaa07c04d3792ea6e0a641c209511cb8
ZOC Terminal 7.25.5 Denial Of Service
Posted Apr 6, 2020
Authored by chuyreds

ZOC Terminal version 7.25.5 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | eb34fa7ef3c85a78edef17c5107b089eb67b15aa017a717797cb4860b84b689d
Gentoo Linux Security Advisory 202004-07
Posted Apr 6, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-7 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 74.0.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-6819, CVE-2020-6820
SHA-256 | 26f53858b2614b7136c16e5f94b7e35cbd4b1cb1d731a19bd92ebd9d6c74a7e2
SpotAuditor 5.3.4 Denial Of Service
Posted Apr 6, 2020
Authored by 0xMoHassan

SpotAuditor version 5.3.4 Name denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 09a5b735887185b6a509049de0e85788ec88270c9b144dee181d67f755393c3d
Red Hat Security Advisory 2020-1317-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1317-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow, javascript
systems | linux, redhat
advisories | CVE-2020-10531
SHA-256 | d509e833181bbffeb5a19b451618f05e84a3a9b6dd2ac563e58c9f98f4194944
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close