what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2020-07-31

iOS Page Protection Layer (PPL) Bypass
Posted Jul 31, 2020
Authored by Google Security Research, bazad

iOS suffers from a Page Protection Layer (PPL) bypass due to incorrect argument verification in pmap_protect_options_internal() and pmap_remove_options_internal().

tags | exploit
systems | ios
advisories | CVE-2020-9909
SHA-256 | 32cee1a372a12e5942e506e272fddc32f9ae961ee5184a1f29319a3e36fa6521
WebRTC usrsctp Incorrect Call
Posted Jul 31, 2020
Authored by Google Security Research

When usrsctp is used with a custom transport, an address must be provided to usrsctp_conninput be used as the source and destination address of the incoming packet. WebRTC uses the address of the SctpTransport instance for this value. Unfortunately, this value is often transmitted to the peer, for example to validate signing of the cookie. This could allow an attacker access to the location in memory of the SctpTransport of a peer, bypassing ASLR.

tags | advisory
advisories | CVE-2020-6514
SHA-256 | fd1aa95a1ad503592aea4e4e119465c590188163980b90ddc3e033c6ee7c80ec
FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation
Posted Jul 31, 2020
Authored by Brendan Coles, Andy Nguyen | Site metasploit.com

This Metasploit module exploits a race and use-after-free vulnerability in the FreeBSD kernel IPv6 socket handling. A missing synchronization lock in the IPV6_2292PKTOPTIONS option handling in setsockopt permits racing ip6_setpktopt access to a freed ip6_pktopts struct. This exploit overwrites the ip6po_pktinfo pointer of a ip6_pktopts struct in freed memory to achieve arbitrary kernel read/write.

tags | exploit, arbitrary, kernel
systems | freebsd, bsd
advisories | CVE-2020-7457
SHA-256 | 00b0e1e6a5651af403765318e00556b0c8953f9ef2bbda38acb929b269045b6a
SharePoint DataSet / DataTable Deserialization
Posted Jul 31, 2020
Authored by Soroush Dalili, mr_me, Spencer McIntyre | Site metasploit.com

A remotely exploitable vulnerability exists within SharePoint that can be leveraged by a remote authenticated attacker to execute code within the context of the SharePoint application service. The privileges in this execution context are determined by the account that is specified when SharePoint is installed and configured. The vulnerability is related to a failure to validate the source of XML input data, leading to an unsafe deserialization operation that can be triggered from a page that initializes either the ContactLinksSuggestionsMicroView type or a derivative of it. In a default configuration, a Domain User account is sufficient to access SharePoint and exploit this vulnerability.

tags | exploit, remote
advisories | CVE-2020-1147
SHA-256 | 34f2633fdb04b0ab14dd5a0aedaf3e5d3b9e387d4d8619fbdd31dabb809602b6
CA Unified Infrastructure Management Nimsoft 7.80 Buffer Overflow
Posted Jul 31, 2020
Authored by wetw0rk | Site metasploit.com

This Metasploit module exploits a buffer overflow within the CA Unified Infrastructure Management nimcontroller. The vulnerability occurs in the robot (controller) component when sending a specially crafted directory_list probe. Technically speaking the target host must also be vulnerable to CVE-2020-8010 in order to reach the directory_list probe.

tags | exploit, overflow
advisories | CVE-2020-8010, CVE-2020-8012
SHA-256 | e8a39681b3226039c089f38664d93db9e42e085ada3d1e0f014237aa468bd3c9
ABUS Secvest Hybrid Module FUMO50110 Authentication Bypass
Posted Jul 31, 2020
Authored by Matthias Deeg, Thomas Detert, Michael Ruttgers | Site syss.de

ABUS Secvest Hybrid module (FUMO50110) suffers an authentication bypass vulnerability. The hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged between the ABUS Secvest alarm panel and the ABUS Secvest Hybrid module. Thus, an attacker can spoof messages of the ABUS Secvest Hybrid module based on sniffed status RF packets that are issued by the ABUS Secvest Hybrid module on a regularly basis (~2.5 minutes).

tags | advisory, spoof, bypass
advisories | CVE-2020-14158
SHA-256 | a68c00c7fb616a3cbbfa44b0ab74d7e727e98d5025f0aa73c1c04de2a4b77175
Gentoo Linux Security Advisory 202007-64
Posted Jul 31, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-64 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 68.11.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15652, CVE-2020-15659, CVE-2020-6463, CVE-2020-6514
SHA-256 | 1d4cc69e151a23e4723feb989fc771f71edfb69e9fbe7c9f0bc7eb56db61edbe
Gentoo Linux Security Advisory 202007-63
Posted Jul 31, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-63 - Multiple vulnerabilities have been found in SNMP Trap Translator, the worst of which could allow attackers to execute arbitrary shell code. Versions less than 1.4.1 are affected.

tags | advisory, arbitrary, shell, vulnerability
systems | linux, gentoo
SHA-256 | 32a61d1b04735402af88b2302f018925a810f989319a8e44b29e518c449042fd
Gentoo Linux Security Advisory 202007-62
Posted Jul 31, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-62 - A flaw in PyCrypto allow remote attackers to obtain sensitive information. Versions less than or equal to 2.6.1-r2 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2018-6594
SHA-256 | e8f199798d44ad56db8eb3aeb1fb0bc9e169a63a828652115c44ec4599efe3e8
Gentoo Linux Security Advisory 202007-61
Posted Jul 31, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-61 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which could result in the arbitrary execution of code. Versions less than 2.28.4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925
SHA-256 | 3312a9229f050f1e867bbf23e3203b4d0ce18819b544723025f5439b1ad5f76e
Red Hat Security Advisory 2020-3207-01
Posted Jul 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3207-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2020-2190
SHA-256 | e781acc970ef4fed25e6025e7b764186459955cd71fce71cc0655dc7338eeda2
Red Hat Security Advisory 2020-3253-01
Posted Jul 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3253-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.11.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-15652, CVE-2020-15659, CVE-2020-6463, CVE-2020-6514
SHA-256 | 12a10ad82329e3b3c177f10c806c4d616d383cbce8158d9eebd03bd228c2dd9a
Red Hat Security Advisory 2020-3254-01
Posted Jul 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3254-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.11.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-15652, CVE-2020-15659, CVE-2020-6463, CVE-2020-6514
SHA-256 | fcd16f15d1cd3325568dcba5720d39ce9b38ee8fcbdd18600185640dfdfcb67c
Online Shopping Alphaware 1.0 SQL Injection
Posted Jul 31, 2020
Authored by Ahmed Abbas

Online Shopping Alphaware version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | c9c9c9485eca29f72f51a446d9758fd84d888d3463396be08d55e65155981fca
Online Bike Rental 1.0 Shell Upload
Posted Jul 31, 2020
Authored by hyd3sec

Online Bike Rental version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 9d65a298b050a5b43708ca479a4d023a523e9e32c643aa86a173c413bd9ae026
Daily Tracker System 1.0 Cross Site Scripting
Posted Jul 31, 2020
Authored by hyd3sec

Daily Tracker System version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 37211990b92e06b8e30d593c2ad3ba20a97371dcc1889e35595564725e17ecfe
Daily Tracker System 1.0 SQL Injection
Posted Jul 31, 2020
Authored by Bobby Cooke, hyd3sec

Daily Tracker System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
advisories | CVE-2020-24193
SHA-256 | a8be4ff2a62d77c301deb8c022913ab021be0ba97c5458a6e843f74c9b13d029
Sifter 9.01
Posted Jul 31, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Various runtime fixes in execution scripts.
tags | tool, remote, local, scanner, vulnerability
systems | unix
SHA-256 | 3f31110694b03ada8b452bb808330335c45caf9a8520f7ea0bfd2c821f1fab8a
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close