exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-09-21

nfstream 6.1.3
Posted Sep 21, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Added QUIC User-agent Identifier extraction. Minor CSV interface fix.
tags | tool, python
systems | unix
SHA-256 | 9b45c12efd74856693c87adc001b0781499f828a68c8e2f07f3d4e78b5d06eba
Ubuntu Security Notice USN-4524-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4524-1 - Paul Dreik discovered that TNEF incorrectly handled filenames. If a user were tricked into opening a specially crafted email attachment, an attacker could possibly use this issue to write arbitrary files to the filesystem or cause TNEF crash, resulting in a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18849
SHA-256 | 9dae4bef7f22d332fc118db9cc9179022b8d88ceeaedb2803a8459a640f9408b
Ubuntu Security Notice USN-4523-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4523-1 - It was discovered that LibOFX did not properly check for errors in certain situations, leading to a NULL pointer dereference. A remote attacker could use this issue to cause a denial of service attack.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-9656
SHA-256 | a43e3929d71365b6f1a1afc08c4b951515675a96ee5bcc895a619d3a309afbfc
Seat Reservation System 1.0 Shell Upload
Posted Sep 21, 2020
Authored by Rahul Ramkumar

Seat Reservation System version 1.0 suffers from an unauthenticated file upload vulnerability that allows for remote code execution.

tags | exploit, remote, code execution, file upload
advisories | CVE-2020-25763
SHA-256 | f51980f4cdcbccbc7521c2a7dab9d0a487666c168a76426fc20232877e5f661b
Red Hat Security Advisory 2020-3780-01
Posted Sep 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3780-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040
SHA-256 | e9058870707c8054ebf0ed4d4fe08b29682f1db80e6c11bddeeeed76a3ecb5a4
Ubuntu Security Notice USN-4522-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4522-1 - It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An attacker could use this issue to conduct cross-site scripting attacks.

tags | advisory, remote, web, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2017-18635
SHA-256 | 5ae21e4984019a08972b1af6dcd3d7045a3453ee999b9508be4edcc8f21311a6
Ubuntu Security Notice USN-4521-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4521-1 - It was discovered that pam_tacplus did not properly manage shared secrets if DEBUG loglevel and journald are used. A remote attacker could use this issue to expose sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-13881
SHA-256 | ccb6a3b4c4b8fe16bc4c03f405b9650af662bfa30fd1846b1c8c2121ef142839
Mida eFramework 2.9.0 Backdoor Access
Posted Sep 21, 2020
Authored by elbae

Mida eFramework version 2.9.0 suffers from having a backdoor access vulnerability.

tags | exploit
advisories | CVE-2020-15921
SHA-256 | 86e2305e7a7f0d25c6dfbab6d4adb6739f2f26ffa8ef6c2b548172995425ddfb
BlackCat CMS 1.3.6 Cross Site Request Forgery
Posted Sep 21, 2020
Authored by Noth

BlackCat CMS version 1.3.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-25453
SHA-256 | b357b4740c79899cf76358887a76b53060714f53efb12a16879b0ef3a7d24388
Seat Reservation System 1.0 SQL Injection
Posted Sep 21, 2020
Authored by Augkim

Seat Reservation System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2befaf88792c81606e89b39a2185e4fea15c18b4589266da9acf985547878add
Online Shop Project 1.0 SQL Injection
Posted Sep 21, 2020
Authored by Augkim

Online Shop Project version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 852fa5b6ad3034ff4cf495c78db5430ddb3965cbd5d7c83d76b84021759ebb6a
VyOS restricted-shell Escape / Privilege Escalation
Posted Sep 21, 2020
Authored by Brendan Coles, Rich Mirch | Site metasploit.com

This Metasploit module exploits command injection vulnerabilities and an insecure default sudo configuration on VyOS versions 1.0.0 through 1.1.8 to execute arbitrary system commands as root. VyOS features a restricted-shell system shell intended for use by low privilege users with operator privileges. This module exploits a vulnerability in the telnet command to break out of the restricted shell, then uses sudo to exploit a command injection vulnerability in /opt/vyatta/bin/sudo-users/vyatta-show-lldp.pl to execute commands with root privileges. This module has been tested successfully on VyOS 1.1.8 amd64 and VyOS 1.0.0 i386.

tags | exploit, arbitrary, shell, root, vulnerability
advisories | CVE-2018-18556
SHA-256 | b66d6e6dd1c51b3775727b717e6c2e5f0d992e14e7e7e85bf10477d801697f46
Ubuntu Security Notice USN-4520-1
Posted Sep 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4520-1 - It was discovered that Exim SpamAssassin does not properly handle configuration strings. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-19920
SHA-256 | ab7d2b4e684b780d0359b05f76463bd983cde89a7a7466f98dfbf800fc604239
B-swiss 3 Digital Signage System 3.6.5 Backdoor Remote Code Execution
Posted Sep 21, 2020
Authored by LiquidWorm | Site zeroscience.mk

B-swiss 3 Digital Signage System version 3.6.5 suffers from an authenticated arbitrary PHP code execution vulnerability. The vulnerability is caused due to the improper verification of uploaded files in index.php script thru the rec_poza POST parameter. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that will be stored in the /usr/users directory. Due to an undocumented and hidden maintenance account admin_m which has the highest privileges in the application, an attacker can use these hard-coded credentials to authenticate and use the vulnerable image upload functionality to execute code on the server.

tags | exploit, arbitrary, php, code execution
SHA-256 | 81325cc43145d675e9565f4495143d5688fea28975fe4bdf5d8382c06d0f3b36
ForensiTAppxService 2.2.0.4 Unquoted Service Path
Posted Sep 21, 2020
Authored by Burhanettin Ozgenc

ForensiTAppxService version 2.2.0.4 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 1a5f41445eaf06765a3f8b203b11dc30ee0c1de3a341210da9a8aa8e63d6770d
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close