what you don't know can hurt you
Showing 1 - 25 of 30 RSS Feed

Files Date: 2020-04-15

TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution
Posted Apr 15, 2020
Authored by Pedro Ribeiro, Radek Domanski | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the tdpServer daemon (/usr/bin/tdpServer), running on the router TP-Link Archer A7/C7 (AC1750), hardware version 5, MIPS Architecture, firmware version 190726. The vulnerability can only be exploited by an attacker on the LAN side of the router, but the attacker does not need any authentication to abuse it. After exploitation, an attacker will be able to execute any command as root, including downloading and executing a binary from another host. This vulnerability was discovered and exploited at Pwn2Own Tokyo 2019 by the Flashback team.

tags | exploit, root
advisories | CVE-2020-10882, CVE-2020-10883, CVE-2020-10884
MD5 | e92df66f65cf2445fb8664db83303e49
Liferay Portal Java Unmarshalling Remote Code Execution
Posted Apr 15, 2020
Authored by Markus Wulftange, wvu, Thomas Etrillard | Site metasploit.com

This Metasploit module exploits a Java unmarshalling vulnerability via JSONWS in Liferay Portal versions prior to 6.2.5 GA6, 7.0.6 GA7, 7.1.3 GA4, and 7.2.1 GA2 to execute code as the Liferay user. Tested against 7.2.0 GA1.

tags | exploit, java
advisories | CVE-2020-7961
MD5 | a3748995cc709b3443e82aaf46013802
Zeek 3.1.2
Posted Apr 15, 2020
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Fixed a stack overflow in the POP3 analyzer. Various other bug fixes as well.
tags | tool, intrusion detection
systems | unix
MD5 | 3c5ce8d23e136fc9c676be617c2af95c
TestSSL 3.0.1
Posted Apr 15, 2020
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This is a bugfix release of the stable branch 3.0.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 397556aadba7a2092a659fed9c8414af
nfstream 4.0.0
Posted Apr 15, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: nDPI version update. ZMQ improvements. Various other updates.
tags | tool, python
systems | unix
MD5 | 1e84529c89e9de73b96a12d6dfe59a8b
Git Credential Helper Protocol Newline Injection
Posted Apr 15, 2020
Authored by Google Security Research, Felix Wilhelm

A git clone action can leak cached / stored credentials for github.com to example.com due to insecure handling of newlines in the credential helper protocol.

tags | exploit, protocol
advisories | CVE-2020-5260
MD5 | c958ad3ac0a7a989d1f7f2c9f24fadb6
Microsoft Windows SE_SERVER_SECURITY Security Descriptor Owner Privilege Escalation
Posted Apr 15, 2020
Authored by James Forshaw, Google Security Research

In Microsoft Windows, by using the poorly documented SE_SERVER_SECURITY Control flag it is possible to set an owner different to the caller, bypassing security checks.

tags | exploit
systems | windows
MD5 | 5d3f5584e58e6901a002f9377a06e10b
Microsoft Windows NtFilterToken ParentTokenId Incorrect Setting Privilege Escalation
Posted Apr 15, 2020
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from an NtFilterToken ParentTokenId incorrect setting that allows for elevation of privileges.

tags | exploit
systems | windows
advisories | CVE-2020-0981
MD5 | 86b3a43f0e04663a4647981a2e122e3f
Ubuntu Security Notice USN-4330-1
Posted Apr 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4330-1 - It was discovered that PHP incorrectly handled certain file uploads. An attacker could possibly use this issue to cause a crash. It was discovered that PHP incorrectly handled certain PHAR archive files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. Various other issues were also addressed.

tags | advisory, php, file upload
systems | linux, ubuntu
advisories | CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
MD5 | 0fda62773a60658789b8a8c4895924f6
AirDisk Pro 5.5.3 Persistent Cross Site Scripting
Posted Apr 15, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

AirDisk Pro version 5.5.3 for iOS suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
systems | ios
MD5 | 72313b2c173c70273210d0849604c569
CA API Developer Portal 4.2.x / 4.3.1 Access Bypass / Privilege Escalation
Posted Apr 15, 2020
Authored by Ken Williams | Site www3.ca.com

CA Technologies, A Broadcom Company, is alerting customers to multiple vulnerabilities in CA API Developer Portal. Multiple vulnerabilities exist that can allow attackers to bypass access controls, view or modify sensitive information, perform open redirect attacks, or elevate privileges. CA published solutions to address these vulnerabilities and recommends that all affected customers implement these solutions. Versions 4.2.x and below as well as 4.3.1 are affected.

tags | advisory, vulnerability
advisories | CVE-2020-11658, CVE-2020-11659, CVE-2020-11660, CVE-2020-11661, CVE-2020-11662, CVE-2020-11663, CVE-2020-11664, CVE-2020-11665, CVE-2020-11666
MD5 | 41ea12d4bc41579c50f99b2ac4038d04
SeedDMS 5.1.18 Persistent Cross Site Scripting
Posted Apr 15, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

SeedDMS version 5.1.18 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 6d09f2baef98772de05867725345ecfc
Macs Framework 1.14f Cross Site Scripting / SQL Injection
Posted Apr 15, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Macs Framework version 1.14f suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 2342bcf2b5644937d874a9d0216d7648
File Transfer iFamily 2.1 Directory Traversal
Posted Apr 15, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

File Transfer iFamily version 2.1 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | ebddbc353e67d87cba2b2731cac974d1
SuperBackup 2.0.5 Persistent Cross Site Scripting
Posted Apr 15, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

SuperBackup version 2.0.5 for iOS suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
systems | ios
MD5 | b38fee9254f243aad26218abafa9c63f
DedeCMS 7.5 SP2 Persistent Cross Site Scripting
Posted Apr 15, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

DedeCMS version 7.5 SP2 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cd386484581015658d08a7be59921b13
DedeCMS 7.5 SP2 Cross Site Scripting
Posted Apr 15, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

DedeCMS version 7.5 SP2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | d16df83b666b2c7a6d63f3fab899343a
Bundeswehr Karriere Cross Site Scripting
Posted Apr 15, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

The Bundeswehr Karriere portal suffered from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | de1f3d2b8b6eb34d152c970b16a0b4bf
Exploiting CAN-Bus Using Instrument Cluster Simulator
Posted Apr 15, 2020
Authored by Anjali Prakash

Whitepaper called Exploiting CAN-Bus using Instrument Cluster Simulator.

tags | paper
MD5 | ea95d8c2ce4151c44d8dae29b04bfcd2
BlazeDVD 7.0.2 Buffer Overflow
Posted Apr 15, 2020
Authored by areyou1or0

BlazeDVD version 7.0.2 SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | d83c614b5afbdff4acfcd53cdf993f6a
Pinger 1.0 Remote Code Execution
Posted Apr 15, 2020
Authored by Milad Karimi

Pinger version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | f7948410c34787bae48a24f3ba7e266e
SkyWrapper Discovery Tool
Posted Apr 15, 2020
Authored by Omer Tsarfati, CyberArk Labs | Site github.com

SkyWrapper is a tool from CyberArk that helps to discover suspicious creation forms and uses of temporary tokens in AWS.

tags | tool
systems | unix
MD5 | 7b35e6be72ce242f33ef5341a30467d6
Kernel Live Patch Security Notice LSN-0065-1
Posted Apr 15, 2020
Authored by Benjamin M. Romer

Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information (read memory from another guest VM). Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory).

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2013-1798, CVE-2019-3016, CVE-2020-8428
MD5 | 447f0d1c5c178b42193ae361cc92d87a
Matrix42 Workspace Management 9.1.2.2765 Cross Site Scripting
Posted Apr 15, 2020
Authored by Christian Pappas, Georg Ph E Heise

Matrix42 Workspace Management version 9.1.2.2765 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-19500
MD5 | d7622e1b5af76e87a0ba3b19190d51a8
Ubuntu Security Notice USN-4329-1
Posted Apr 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4329-1 - Felix Wilhelm discovered that Git incorrectly handled certain URLs that included newlines. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-5260
MD5 | de51f35adc96924b72137aa00fca4fd1
Page 1 of 2
Back12Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close