what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2020-07-29

Baldr Botnet Panel Shell Upload
Posted Jul 29, 2020
Authored by Ege Balci | Site metasploit.com

This Metasploit module exploits a arbitrary file upload vulnerability within the Baldr stealer malware control panel. Attackers can turn this vulnerability into remote code execution by adding malicious PHP code inside the victim logs ZIP file and registering a new bot to the panel by uploading the ZIP file under the logs directory. On versions 3.0 and 3.1 victim logs are ciphered by a random 4 byte XOR key. This exploit module retrieves the IP specific XOR key from panel gate and registers a new victim to the panel with adding the selected payload inside the victim logs.

tags | exploit, remote, arbitrary, php, code execution, file upload
SHA-256 | eead6190f3debc909c6e03fa4150c29da6936794b738a1702f89596b906fc97f
Hydra Network Logon Cracker 9.1
Posted Jul 29, 2020
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Enabled gcc 10 support for xhydra. Fixed crash in MD5 auth for rtsp. New module for smb2 which also supports smb3. Various other updates.
tags | tool, web, cracker, imap
systems | cisco, unix
SHA-256 | ce08a5148c0ae5ff4b0a4af2f7f15c5946bc939a57eae1bbb6dda19f34410273
Gentoo Linux Security Advisory 202007-59
Posted Jul 29, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-59 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 84.0.4147.105 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-6532, CVE-2020-6537, CVE-2020-6538, CVE-2020-6539, CVE-2020-6540, CVE-2020-6541
SHA-256 | 7646ce4aca0337e6840fb40ee25988f3524cffe2601b5e2b6c4594f14c5648d5
Red Hat Security Advisory 2020-3209-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3209-01 - The release of Red Hat AMQ Online 1.5.2 serves as a replacement for AMQ Online 1.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include XML injection and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2020-13692, CVE-2020-14319
SHA-256 | d53f4c95584a5321010758f4597001f52e3b2733be2f86f69434037c5d8129a3
Ubuntu Security Notice USN-4436-2
Posted Jul 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4436-2 - USN-4436-1 fixed a vulnerability in librsvg. The upstream fix caused a regression when parsing certain SVG files. This update backs out the fix pending further investigation. It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. It was discovered that librsvg incorrectly handled parsing certain SVG files with nested patterns. A remote attacker could possibly use this issue to cause librsvg to consume resources and crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-11464, CVE-2019-20446
SHA-256 | 4706de17b14bc5c39477720e86b7c7f7d6843ae2ead3aeb893972344ded4d0ec
Red Hat Security Advisory 2020-3199-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3199-01 - openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools, which can be used to help deploy OpenStack.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10731
SHA-256 | 9657342eab465054b6b17cf7bc53524f98de4a79f96d0a9c209af12cdfc20dad
Red Hat Security Advisory 2020-3197-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3197-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.8.0 serves as an update to Red Hat Process Automation Manager 7.7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-10086, CVE-2019-12406, CVE-2019-12423, CVE-2019-13990, CVE-2019-16869, CVE-2019-17573, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518, CVE-2020-10672, CVE-2020-10673, CVE-2020-10968, CVE-2020-10969, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020-11612, CVE-2020-11619, CVE-2020-11620, CVE-2020-14060, CVE-2020-14061, CVE-2020-14062, CVE-2020-1718
SHA-256 | a15ccfa9329679e05a6ecaa4123f1c5d3a9080732413f5c3b568c78c83c33b9b
Red Hat Security Advisory 2020-3196-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3196-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.8.0 serves as an update to Red Hat Decision Manager 7.7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-12406, CVE-2019-12423, CVE-2019-13990, CVE-2019-16869, CVE-2019-17573, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518, CVE-2020-10672, CVE-2020-10673, CVE-2020-10968, CVE-2020-10969, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020-11612, CVE-2020-11619, CVE-2020-11620, CVE-2020-14060, CVE-2020-14061, CVE-2020-14062, CVE-2020-1718, CVE-2020-7238
SHA-256 | 19707209eebd7d23d58d5eac714f5aec7fe71e79b5a8b0ea417379cd8fe36ad3
WordPress Maintenance Mode By SeedProd 5.1.1 Cross Site Scripting
Posted Jul 29, 2020
Authored by Jinson Varghese Behanan

WordPress Maintenance Mode by SeedProd plugin version 5.1.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-15038
SHA-256 | ff87ceae26dd08e823ae8410b57da1b1ea9f383506b8de5ebf0a1cd8ff0346f7
Cisco Adaptive Security Appliance Software 9.7 Arbitrary File Deletion
Posted Jul 29, 2020
Authored by 0xmmnbassel

Cisco Adaptive Security Appliance Software version 9.7 unauthenticated arbitrary file deletion exploit.

tags | exploit, arbitrary
systems | cisco
advisories | CVE-2020-3187
SHA-256 | 9bff9df7bc31ade0ee6b87d153b448191f71eeb26ef4d1d4589e805582f16722
Cisco Adaptive Security Appliance Software 9.11 Local File Inclusion
Posted Jul 29, 2020
Authored by 0xmmnbassel

Adaptive Security Appliance Software version 9.11 local file inclusion exploit.

tags | exploit, local, file inclusion
advisories | CVE-2020-3452
SHA-256 | 247cefda8529660c011d201a2b76720f081ad633e4d40f0c6ed55ebcb57f6f36
Sifter 9
Posted Jul 29, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Additions and updates.
tags | tool, remote, local, scanner, vulnerability
systems | unix
SHA-256 | 442cbc8390ec9dfeceb6a5b1e9f78d7801b36882249fe7cd60402c2b94513e25
Cisco ASA / FTD Remote File Disclosure
Posted Jul 29, 2020
Authored by MrCl0wn Lab | Site github.com

This Python script checks whether the target server is vulnerable to CVE-2020-3452, a vulnerability in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) products that can allow for remote file disclosure.

tags | exploit, remote, python
systems | cisco
advisories | CVE-2020-3452
SHA-256 | f3d076dbbf728c5d5918c4039d0eaa629b5d9f90b1358b60f76542b5b020352c
Ubuntu Security Notice USN-4442-1
Posted Jul 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4442-1 - Michael Kaczmarczik discovered that Sympa incorrectly handled HTTP GET/POST requests. An attacker could possibly use this issue to insert, edit or obtain sensitive information. It was discovered that Sympa incorrectly handled URL parameters. An attacker could possibly use this issue to perform XSS attacks. Nicolas Chatelain discovered that Sympa incorrectly handled environment variables. An attacker could possibly use this issue with a setuid binary and gain root privileges. Various other issues were also addressed.

tags | advisory, web, root
systems | linux, ubuntu
advisories | CVE-2018-1000550, CVE-2018-1000671, CVE-2020-10936
SHA-256 | 7020185eae4c1a4feb195064dd4e42bd3d4a8eca72224fca58383c0be086b058
Gentoo Linux Security Advisory 202007-58
Posted Jul 29, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-58 - Multiple vulnerabilities have been found in FFmpeg, the worst of which could result in the arbitrary execution of code. Versions less than 4.2.4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-13312, CVE-2019-15942, CVE-2020-12284, CVE-2020-13904, CVE-2020-14212
SHA-256 | a0723a5d1529f2b0d9076819365b557df53374ec1ab172ac9fb948d6c1858ee3
Gentoo Linux Security Advisory 202007-57
Posted Jul 29, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-57 - Multiple vulnerabilities have been found in Mutt and Neomutt, the worst of which could result in an access restriction bypass. Versions less than 1.14.4 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14093, CVE-2020-14154, CVE-2020-14954
SHA-256 | 3d7c0477f13c2bad8d71919da6093a0631a38d77353b642ee9a458ca71e71ae3
Gentoo Linux Security Advisory 202007-56
Posted Jul 29, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-56 - A vulnerability was discovered in Claws Mail's STARTTLS handling, possibly allowing an integrity/confidentiality compromise. Versions less than 3.17.6 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2020-15917
SHA-256 | 0505459ef6e77899cf892e24485e2ffc8d494b05a0dedbda187215071d8d49e8
Gentoo Linux Security Advisory 202007-55
Posted Jul 29, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-55 - A vulnerability was discovered in libetpan's STARTTLS handling, possibly allowing an integrity/confidentiality compromise. Versions less than 1.9.4-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2020-15953
SHA-256 | 1d6d3a08fe146e5839a4012167d4cb967786952ff48d7e9cdf5461ec0e750dea
Gentoo Linux Security Advisory 202007-54
Posted Jul 29, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-54 - Multiple vulnerabilities have been found in rsync, the worst of which could result in a Denial of Service condition. Versions less than 3.2.0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
SHA-256 | 3daf0b4d15f5fc6f45399e1042eb08c1688bc61679dd3978e85e8de4d324e4e5
Gentoo Linux Security Advisory 202007-53
Posted Jul 29, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-53 - Multiple vulnerabilities have been found in Dropbear, the worst of which could result in a Denial of Service condition. Versions less than 2020.80 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-0739, CVE-2018-12437, CVE-2018-20685
SHA-256 | bf9fd48b18e37dee9a2fbb168f4879020b4729bf4ab4e4dbef27abcb75ed8138
Gentoo Linux Security Advisory 202007-52
Posted Jul 29, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-52 - Multiple vulnerabilities have been found in mujs, the worst of which could result in a Denial of Service condition. Versions less than 1.0.6 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-11411, CVE-2019-11412, CVE-2019-11413
SHA-256 | 28af703edb82782e5e1b34012ffe3f05f19258eb67f3dd3f39b1e9688d36823f
Red Hat Security Advisory 2020-3194-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3194-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-14404, CVE-2018-18074, CVE-2018-19519, CVE-2018-20060, CVE-2018-20337, CVE-2018-20852, CVE-2018-7263, CVE-2018-9251, CVE-2019-1010180, CVE-2019-1010204, CVE-2019-11236, CVE-2019-11324, CVE-2019-12447, CVE-2019-12448, CVE-2019-12449, CVE-2019-13232, CVE-2019-13752, CVE-2019-13753, CVE-2019-14563, CVE-2019-14822, CVE-2019-1547, CVE-2019-1549, CVE-2019-1563, CVE-2019-15847, CVE-2019-16056, CVE-2019-17451
SHA-256 | ab12a5414b74ae4ec0875438bd155092413bb637cd1033a63c83f8057805a037
Red Hat Security Advisory 2020-3192-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3192-01 - This release of Red Hat Fuse 7.7.0 serves as a replacement for Red Hat Fuse 7.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, XML injection, bypass, cross site scripting, denial of service, information leakage, and server-side request forgery vulnerabilities.

tags | advisory, web, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2016-4970, CVE-2018-1000632, CVE-2018-11797, CVE-2018-12541, CVE-2018-3831, CVE-2019-0231, CVE-2019-10086, CVE-2019-10172, CVE-2019-12086, CVE-2019-12400, CVE-2019-14540, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-17573, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2019-3797, CVE-2019-9511, CVE-2019-9827, CVE-2020-10672
SHA-256 | 7c2d2464e2e75c435724268e7235a048d87b1886dbc11e01f6fa6141b8a86b2c
Ubuntu Security Notice USN-4441-1
Posted Jul 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4441-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.21 in Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.31. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-14539, CVE-2020-14553, CVE-2020-14576, CVE-2020-14619, CVE-2020-14631, CVE-2020-14641, CVE-2020-14656, CVE-2020-14697
SHA-256 | e1962900f6f62a60269c8b69b77c03b78cbe969e5e86d80a7e81d2cef98eeb09
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close