exploit the possibilities
Showing 1 - 25 of 27 RSS Feed

Files Date: 2020-04-06

Botan C++ Crypto Algorithms Library 2.14.0
Posted Apr 6, 2020
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Added support for using POWER8+ VPSUMD instruction to accelerate GCM. Optimized the vector permute AES implementation, especially improving performance on ARMv7, Aarch64, and POWER. Used a new algorithm for modular inversions which is both faster and more resistant to side channel attacks. Various other additions and updates.
tags | library
MD5 | ebc68c08b99bbc4b4fc9bdbfad398b02
Red Hat Security Advisory 2020-1333-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1333-01 - KornShell is a Unix shell developed by AT+T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | 129fab33e89337166620907e653bddf2
Red Hat Security Advisory 2020-1331-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1331-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.

tags | advisory, remote, overflow
systems | linux, redhat
advisories | CVE-2020-5208
MD5 | 5ec424439c068a6048d6ac53c98a0c0d
Red Hat Security Advisory 2020-1332-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1332-01 - KornShell is a Unix shell developed by AT+T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | 4326e13a6cfed935ccfe0b0a3331ba4c
Red Hat Security Advisory 2020-1326-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1326-01 - OpenStack Shared Filesystem Service provides services to manage network filesystems for use by Virtual Machine instances.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-9543
MD5 | bd53823102e69c886ec2f49581b72b3f
Microsoft Windows Net Use Insufficent Authentication
Posted Apr 6, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The Windows "net use" network logon type-3 command does not prompt for authentication when the built-in Administrator account is enabled and both remote and originating systems suffer from password reuse. This also works as "standard" user but unfortunately we do not gain high integrity privileges. However, it opens the door and increases the attack surface if the box we laterally move to has other vulnerabilities present.

tags | exploit, remote, vulnerability
systems | windows
MD5 | 1cbbf18780d337b8641e53ba2ce0d1e4
LimeSurvey 4.1.11 Cross Site Scripting
Posted Apr 6, 2020
Authored by Matthew Aberegg, Michael Burkey

LimeSurvey version 4.1.11 suffers from a Survey Groups persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-11456
MD5 | efc8f7ad1f3caec2942720df5d64a2b0
Vesta Control Panel Authenticated Remote Code Execution
Posted Apr 6, 2020
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits command injection vulnerability in v-list-user-backups bash script file. Low privileged authenticated users can execute arbitrary commands under the context of the root user. An authenticated attacker with a low privileges can inject a payload in the file name starts with dot. During the user backup process, this file name will be evaluated by the v-user-backup bash scripts. As result of that backup process, when an attacker try to list existing backups injected payload will be executed.

tags | exploit, arbitrary, root, bash
advisories | CVE-2020-10808
MD5 | 1ae36b8679434621ce93a5d3b05036e3
SMBv3 Compression Buffer Overflow
Posted Apr 6, 2020
Authored by Spencer McIntyre, Daniel Garcia Gutierrez, Manuel Blanco Parajon | Site metasploit.com

A vulnerability exists within the Microsoft Server Message Block 3.1.1 (SMBv3) protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe.

tags | exploit, local, protocol
advisories | CVE-2020-0796
MD5 | e501e1f41664d21dafdcafb9634371c8
Red Hat Security Advisory 2020-1334-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1334-01 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. An arbitrary code execution vulnerability was addressed.

tags | advisory, remote, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2020-10188
MD5 | 147e21959b8fa209dea2b54a64dca29e
Pandora FMS Ping Authenticated Remote Code Execution
Posted Apr 6, 2020
Authored by Onur ER | Site metasploit.com

This Metasploit module exploits a vulnerability found in Pandora FMS 7.0NG and lower. net_tools.php in Pandora FMS 7.0NG allows remote attackers to execute arbitrary OS commands.

tags | exploit, remote, arbitrary, php
MD5 | 374a0703e200b94ffbbf77b7a5abd7ae
PlaySMS index.php Unauthenticated Template Injection Code Execution
Posted Apr 6, 2020
Authored by Touhid M.Shaikh, Lucas Rosevear | Site metasploit.com

This Metasploit module exploits a preauth Server-Side Template Injection vulnerability that leads to remote code execution in PlaySMS before version 1.4.3. This issue is caused by double processing a server-side template with a custom PHP template system called TPL which is used in the PlaySMS template engine at src/Playsms/Tpl.php:_compile(). The vulnerability is triggered when an attacker supplied username with a malicious payload is submitted. This malicious payload is then stored in a TPL template which when rendered a second time, results in code execution.

tags | exploit, remote, php, code execution
advisories | CVE-2020-8644
MD5 | e40284c5a13747da60aa031e3cb3795e
Red Hat Security Advisory 2020-1335-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1335-01 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. An arbitrary code execution vulnerability was addressed.

tags | advisory, remote, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2020-10188
MD5 | ad252224783a3c7b8a787de8acb2de8d
pfSense 2.4.4-P3 User Manager Cross Site Scripting
Posted Apr 6, 2020
Authored by Matthew Aberegg

pfSense version 2.4.4-P3 suffers from a User Manager persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-11457
MD5 | ab5d42e3954169ff247559e91531a506
Red Hat Security Advisory 2020-1325-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1325-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability, code execution, python
systems | linux, redhat
advisories | CVE-2019-11358
MD5 | bc1fc951b7be9a1c46f0ace64b3d5824
Bolt CMS 3.7.0 Remote Code Execution
Posted Apr 6, 2020
Authored by r3m0t3nu11

Bolt CMS version 3.7.0 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 47bda6b44390bd87de241cc1c17df734
Red Hat Security Advisory 2020-1324-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1324-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, sql injection, python
systems | linux, redhat
advisories | CVE-2019-12781, CVE-2019-14232, CVE-2019-14233, CVE-2019-14234, CVE-2019-14235
MD5 | ea38e115c40d47175fcce80ceb3d80a1
Vanguard 2.1 Cross Site Scripting
Posted Apr 6, 2020
Authored by thelastvvv

Vanguard version 2.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | affaaefc0f4549a9c786b4ba2a2a814c
Ubuntu Security Notice USN-4317-1
Posted Apr 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4317-1 - Two use-after-free bugs were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit these to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-6819
MD5 | 01a3fccae04d92aa4c6175e8e093b3a3
WhatsApp Desktop 0.3.9308 Cross Site Scripting
Posted Apr 6, 2020
Authored by Gal Weizman

WhatsApp Desktop version 0.3.9308 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-18426
MD5 | eb9d47d7fa6de5c4ed24179da8a513a0
Red Hat Security Advisory 2020-1318-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1318-01 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. An arbitrary code execution vulnerability was addressed.

tags | advisory, remote, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2020-10188
MD5 | e2e2fe491d12a03420470960cc4782ed
ZOC Terminal 7.25.5 Denial Of Service
Posted Apr 6, 2020
Authored by chuyreds

ZOC Terminal version 7.25.5 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 180f7f5cab308057e6aa18d951360c7a
Gentoo Linux Security Advisory 202004-07
Posted Apr 6, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-7 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 74.0.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-6819, CVE-2020-6820
MD5 | c5e7310d7419476db7415ac39cdc3d25
SpotAuditor 5.3.4 Denial Of Service
Posted Apr 6, 2020
Authored by 0xMoHassan

SpotAuditor version 5.3.4 Name denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 5a95d6c8839e0b59b482ed508ae37c54
Red Hat Security Advisory 2020-1317-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1317-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow, javascript
systems | linux, redhat
advisories | CVE-2020-10531
MD5 | 5784a564bb71857d67ba1d3f678662ff
Page 1 of 2
Back12Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close