what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2020-07-17

Plex Unpickle Dict Windows Remote Code Execution
Posted Jul 17, 2020
Authored by h00die, Chris Lyne | Site metasploit.com

This Metasploit module exploits an authenticated Python unsafe pickle.load of a Dict file. An authenticated attacker can create a photo library and add arbitrary files to it. After setting the Windows only Plex variable LocalAppDataPath to the newly created photo library, a file named Dict will be unpickled, which causes remote code execution as the user who started Plex. Plex_Token is required, to get it you need to log-in through a web browser, then check the requests to grab the X-Plex-Token header. See info -d for additional details. If an exploit fails, or is cancelled, Dict is left on disk, a new ALBUM_NAME will be required as subsequent writes will make Dict-1, and not execute.

tags | exploit, remote, web, arbitrary, code execution, python
systems | windows
advisories | CVE-2020-5741
MD5 | 41eb0c77f9b7de3ab74e8c47a61a86c3
WonderCMS 3.1.0 XSS / Directory Traversal / File Upload
Posted Jul 17, 2020
Authored by Calvin Phang | Site sec-consult.com

WonderCMS versions 3.1.0 and below suffer from directory traversal, persistent cross site scripting, and file upload vulnerabilities.

tags | advisory, vulnerability, xss, file upload
MD5 | c87a3407d183c31bf41f5245e885cf76
Red Hat Security Advisory 2020-2989-01
Posted Jul 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2989-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1147
MD5 | 14077e694a12aa5ff8591c8a4e152415
Apple Security Advisory 2020-07-15-5
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-5 - Safari 13.1.2 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9903, CVE-2020-9910, CVE-2020-9911, CVE-2020-9912, CVE-2020-9915, CVE-2020-9916, CVE-2020-9925
MD5 | fae2dd75505f460f265a5bb0c506f1b7
Red Hat Security Advisory 2020-2988-01
Posted Jul 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2988-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-1147
MD5 | 430ae72ff0f53548cd9b1b7467a94ae5
SMB12 Information Gathering
Posted Jul 17, 2020
Authored by Ivica Stipovic

SMB12 Information Gathering is a data gathering python script that inspects SMB1 and SMB2 endpoints. It will extract various attributes from the remote server such as OS version (only supported by SMB1 as per protocol definition), DNS computer name, DNS domain name, NetBIOS computer name and NetBIOS domain name (SMB1 and SMB2).

tags | tool, remote, scanner, protocol, python
systems | unix
MD5 | ddda39cbd4570cf2fc5b7af60557808c
Sonar Qube 8.3.1 Unquoted Service Path
Posted Jul 17, 2020
Authored by Velayutham Selvaraj

Sonar Qube version 8.3.1 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | cf5f27c462bfb0ea70bddae34b0d6346
PMB 5.6 Cross Site Scripting
Posted Jul 17, 2020
Authored by 41-trk

PMB versions 5.6 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0ff6c93ac41e938ef27f2d12bb3fb29a
Apple Security Advisory 2020-07-15-4
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-4 - watchOS 6.2.8 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-9862, CVE-2020-9865, CVE-2020-9885, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9909, CVE-2020-9910, CVE-2020-9915, CVE-2020-9916, CVE-2020-9918, CVE-2020-9923, CVE-2020-9925, CVE-2020-9933, CVE-2020-9936
MD5 | 3d5d573fe7b211101f6cd780461624f6
Simple Startup Manager 1.17 Buffer Overflow
Posted Jul 17, 2020
Authored by Povlteksttv

Simple Startup Manager version 1.17 local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
MD5 | 04b3558b2a638d3ad2f31773374f1d75
VMware ESXi Use-After-Free / Out-Of-Bounds Access
Posted Jul 17, 2020
Authored by Google Security Research, Cfir Cohen

Several security issues have been identified in the VMware ESIx virtual machine monitor (VMM). A use-after-free (UAF) vulnerability in PVNVRAM, a missing return value check in EHCI USB controller leading to private heap information disclosure, and several out-of-bounds reads.

tags | advisory, info disclosure
advisories | CVE-2020-3960, CVE-2020-3963, CVE-2020-3964, CVE-2020-3965
MD5 | d2417f8af8ebed99ebd6fdfff7a2c153
Apple Security Advisory 2020-07-15-3
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-3 - tvOS 13.4.8 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2019-14899, CVE-2020-9862, CVE-2020-9865, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9907, CVE-2020-9909, CVE-2020-9910, CVE-2020-9914, CVE-2020-9915, CVE-2020-9916, CVE-2020-9918, CVE-2020-9925, CVE-2020-9933, CVE-2020-9936
MD5 | 3f70ec352ebe5c029a760fd3924867c3
Apple Security Advisory 2020-07-15-2
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-2 - macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra are now available and address buffer overflow, code execution, denial of service, out of bounds read, and out of bounds write vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2019-14899, CVE-2019-19906, CVE-2019-20807, CVE-2020-9799, CVE-2020-9864, CVE-2020-9865, CVE-2020-9866, CVE-2020-9870, CVE-2020-9878, CVE-2020-9884, CVE-2020-9885, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9913, CVE-2020-9918, CVE-2020-9934, CVE-2020-9936
MD5 | a61b35f8dbe9b3563ab08b9ba525a3ca
Apple Security Advisory 2020-07-15-1
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-1 - iOS 13.6 and iPadOS 13.6 are now available and address buffer overflow, bypass, code execution, cross site scripting, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss
systems | apple, ios
advisories | CVE-2019-14899, CVE-2019-19906, CVE-2020-9862, CVE-2020-9865, CVE-2020-9878, CVE-2020-9885, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9903, CVE-2020-9907, CVE-2020-9909, CVE-2020-9910, CVE-2020-9911, CVE-2020-9914, CVE-2020-9915, CVE-2020-9916, CVE-2020-9917, CVE-2020-9918, CVE-2020-9923, CVE-2020-9925, CVE-2020-9931, CVE-2020-9933, CVE-2020-9934
MD5 | 930c08146b91758658c332bba05db932
CMSUno 1.6 Cross Site Request Forgery
Posted Jul 17, 2020
Authored by Noth

CMSUno version 1.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-15600
MD5 | 2dc520d23a1ef4ec186a4cdb1bb261d1
Sifter 8.5
Posted Jul 17, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Additions and updates.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 648a4a1b121aef29f6ad6efa41f49b08
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close