exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 376 RSS Feed

Files Date: 2020-06-01 to 2020-06-30

Bolt CMS 3.7.0 Authenticated Remote Code Execution
Posted Jun 29, 2020
Authored by r3m0t3nu11, Erik Wynter, Sivanesh Ashok | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities in Bolt CMS version 3.7.0 and 3.6.x in order to execute arbitrary commands as the user running Bolt. Valid credentials for a Bolt CMS user are required. This module has been successfully tested against Bolt CMS 3.7.0 running on CentOS 7.

tags | exploit, arbitrary, vulnerability
systems | linux, centos
SHA-256 | 9f2d762b1d8e6bcbc5f7e02bde9b6d95028ec1015c112f2165e2847c2855320d
Haveged 1.9.13
Posted Jun 29, 2020
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: Added support for --version. Updated systemd SystemCallFilter settings.
tags | tool
systems | linux, unix
SHA-256 | d17bd22fa1745daca5ac72e014ed3b0fe5720da4c115953124b1bf2a0aa2b04b
Sifter 7.5
Posted Jun 29, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Various updates included MkCheck, RouterSploit, XSStrike, and more.
tags | tool, remote, local, scanner, vulnerability
systems | unix
SHA-256 | bd569d5a3b5a6eac3563e2600b084e5a539d8b72c7f7a0b6ff8f1649c5c55817
Ubuntu Security Notice USN-4406-1
Posted Jun 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4406-1 - It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary content in the login page.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15011
SHA-256 | 97b759e08282553a99e5c71b2c574ebb2f34579625538c8a745e35c64abf81f2
Red Hat Security Advisory 2020-2737-01
Posted Jun 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2737-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-16538, CVE-2020-2109, CVE-2020-2110, CVE-2020-2111, CVE-2020-2134, CVE-2020-2135, CVE-2020-2136
SHA-256 | 90738c78618f6b2862a4c969749078f4d3f745b7b2b047fe0a3d87dbec9acf8b
Red Hat Security Advisory 2020-2758-01
Posted Jun 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2758-01 - An update for microcode_ctl is now available for Red at Enterprise Linux 7.7 Extended Update Support. Sampling issues were addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-0543, CVE-2020-0548, CVE-2020-0549
SHA-256 | 553a91792595329cbadf8b388158818e4d2a5fa3921d631279128e3ad877d330
Red Hat Security Advisory 2020-2757-01
Posted Jun 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2757-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Sampling issues were addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-0543, CVE-2020-0548, CVE-2020-0549
SHA-256 | df27d92b7b2be1d86fce3a32bc8fabd4f3d26bd0882c4ba838dcfaaa6536d896
Ubuntu Security Notice USN-4405-1
Posted Jun 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4405-1 - It was discovered that glib-networking skipped hostname certificate verification if the application failed to specify the server identity. A remote attacker could use this to perform a person-in-the-middle attack and expose sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-13645
SHA-256 | 125504485220886b1c7f733e81ae59e734bfe217ba2439cbb19d70b54f79d8fd
NetPCLinker 1.0.0.0 Buffer Overflow
Posted Jun 29, 2020
Authored by Saeed reza Zamanian

NetPCLinker version 1.0.0.0 SEH with egghunter shellcode buffer overflow exploit.

tags | exploit, overflow, shellcode
SHA-256 | faf335f38b0cfa1532855053ad2d12d2861d1f997d3c34bf6c71855e835b30fe
Debian Security Advisory 4695-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4695-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410
SHA-256 | b695facb6dd8cc0b879476ce552b9c195948f4bc518c27cb5f63cf8e335ff6e1
Debian Security Advisory 4696-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4696-1 - Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2020-11080, CVE-2020-8174
SHA-256 | d8516cb50b72042afd3677ce970bc7873ca8cf7463bb3f2d29ebe7a93cbe32c0
Debian Security Advisory 4697-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4697-1 - A flaw was reported in the TLS session ticket key construction in GnuTLS, a library implementing the TLS and SSL protocols. The flaw caused the TLS server to not securely construct a session ticket encryption key considering the application supplied secret, allowing a man-in-the-middle attacker to bypass authentication in TLS 1.3 and recover previous conversations in TLS 1.2.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2020-13777
SHA-256 | 1895794b8fd81d9f052729b86087ff5d07fc51243bab11c512c5cb216d4bdb51
Debian Security Advisory 4698-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4698-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2019-19319, CVE-2019-19462, CVE-2019-19768, CVE-2019-20806, CVE-2019-20811, CVE-2019-2182, CVE-2019-5108, CVE-2020-0543, CVE-2020-10711, CVE-2020-10732, CVE-2020-10751, CVE-2020-10757, CVE-2020-10942, CVE-2020-11494
SHA-256 | 6b0461d5fdc0442553e93411732b13c0f292cb8ee0cf3b5b3b0228efca950d91
Debian Security Advisory 4699-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4699-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2019-19462, CVE-2019-3016, CVE-2020-0543, CVE-2020-10711, CVE-2020-10732, CVE-2020-10751, CVE-2020-10757, CVE-2020-12114, CVE-2020-12464, CVE-2020-12768, CVE-2020-12770, CVE-2020-13143
SHA-256 | 5c9b08156b9df614e0b461fd3ef88e61fe9ad766f6bfda59ca0dca4bd59df181
Debian Security Advisory 4700-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4700-1 - Matei Badanoiu and LoRexxar@knownsec discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not correctly process and sanitize requests. This would allow a remote attacker to perform a Cross-Side Scripting (XSS) attack leading to the execution of arbitrary code.

tags | advisory, remote, arbitrary, imap
systems | linux, debian
advisories | CVE-2020-13964, CVE-2020-13965
SHA-256 | b99b9b11ff30b56084ed6513563f9c002ec060e4d60de71d6f65480ab9c34eba
Debian Security Advisory 4701-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4701-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for the Special Register Buffer Data Sampling (CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D Eviction Sampling (CVE-2020-0549) hardware vulnerabilities.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2020-0543, CVE-2020-0548, CVE-2020-0549
SHA-256 | a7594ff915e8d7978545559a945ae55a7a497237c23303947c12d184661628a7
Debian Security Advisory 4702-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4702-1 - Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, imap
systems | linux, debian
advisories | CVE-2020-12398, CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410
SHA-256 | d513edf1d7468e2dab27753b936d34950fbe909c5cde81e5cccba7e63432acc9
Debian Security Advisory 4703-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4703-1 - Three vulnerabilities have been found in the MySQL Connector/J JDBC driver.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2020-2875, CVE-2020-2933, CVE-2020-2934
SHA-256 | 5f6677d80ef74722ef5b261d5eb4b0f0e79cc30c234cde1af79d87b5bba81acd
Debian Security Advisory 4704-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4704-1 - A vulnerability was discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed video file is opened.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2020-13428
SHA-256 | 2a557cfcf78c7acd2ec602d5b2e752157487b49f0ffa224afb7182fe571f5b6f
Debian Security Advisory 4705-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4705-1 - It was discovered that Django, a high-level Python web development framework, did not properly sanitize input. This would allow a remote attacker to perform SQL injection attacks, Cross-Site Scripting (XSS) attacks, or leak sensitive information.

tags | advisory, remote, web, xss, sql injection, python
systems | linux, debian
advisories | CVE-2020-13254, CVE-2020-13596, CVE-2020-9402
SHA-256 | 96e9fef81f25045e7f4233b281f2a1d7cf7dd3dbdc7336b1d810347bcd7b080d
Debian Security Advisory 4706-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4706-1 - It was discovered that Drupal, a fully-featured content management framework, was suspectible to cross site request forgery.

tags | advisory, csrf
systems | linux, debian
advisories | CVE-2020-13663
SHA-256 | a491617785b890ea92ce09baf399fbb286886c5b5d2a6d9303667fc1fb4dc396
Debian Security Advisory 4707-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4707-1 - Damian Poddebniak and Fabian Ising discovered two security issues in the STARTTLS handling of the Mutt mail client, which could enable MITM attacks.

tags | advisory
systems | linux, debian
advisories | CVE-2020-14093
SHA-256 | 639617a725f0d3746c602a062ffb6cc8802633a4e5c6ec51c1cdc11b187128fc
Debian Security Advisory 4708-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4708-1 - Damian Poddebniak and Fabian Ising discovered two security issues in the STARTTLS handling of the Neomutt mail client, which could enable MITM attacks.

tags | advisory
systems | linux, debian
advisories | CVE-2020-14093, CVE-2020-14954
SHA-256 | e4ede39d2fad5c01e10e9c24595ba8d69fe05122bc7a634e5637330330c0f06c
Debian Security Advisory 4709-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4709-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) attacks, create open redirects, escalate privileges, and bypass authorization access.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2020-4046, CVE-2020-4047, CVE-2020-4048, CVE-2020-4049, CVE-2020-4050
SHA-256 | 70e424455b9518837066a3cc76957691676f2e232ecdb9d44800de9194a21af0
Debian Security Advisory 4710-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4710-1 - A vulnerability was discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service via malformed HTTP/2 headers.

tags | advisory, web, denial of service
systems | linux, debian
advisories | CVE-2020-9494
SHA-256 | fa2687f7a95d99d910fc74880c9275b86f7e9535d6bdc1b4a02379f6a71cdd41
Page 1 of 16
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close