what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2020-12-15

Microsoft Windows DrawIconEx Local Privilege Escalation
Posted Dec 15, 2020
Authored by timwr, bee13oy, Yoav Alon, Netanel Ben-Simon | Site metasploit.com

This Metasploit module exploits CVE-2020-1054, an out of bounds write reachable from DrawIconEx within win32k. The out of bounds write can be used to overwrite the pvbits of a SURFOBJ. By utilizing this vulnerability to execute controlled writes to kernel memory, an attacker can gain arbitrary code execution as the SYSTEM user. This module has been tested against a fully updated Windows 7 x64 SP1. Offsets within the exploit code may need to be adjusted to work with other versions of Windows.

tags | exploit, arbitrary, kernel, code execution
systems | windows
advisories | CVE-2020-1054
SHA-256 | 868acae66ad56703c17e3c65ef2f0fd90bad10c8ec6f9816219080fe42106f93
American Fuzzy Lop plus plus 3.0c
Posted Dec 15, 2020
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Dozens of updates and improvements.
tags | tool, fuzzer
systems | unix
SHA-256 | 75a2cd6c9e14d4160defcf4899c6d654eba9ae1aad2b2c850bb165c84ee763bb
Red Hat Security Advisory 2020-5437-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5437-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer over-read and null pointer vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-18282, CVE-2020-10769, CVE-2020-14314, CVE-2020-14385, CVE-2020-24394, CVE-2020-25212, CVE-2020-25643
SHA-256 | 9d3708ba296874c5618cf8021564296dd4593f759f8d1496838e0ec07bf3fb11
Red Hat Security Advisory 2020-5453-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5453-01 - The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2020-25654
SHA-256 | 03bb61c3369a4b84357a19a89fa5d4597443a32d9099225e7144093d2060c1c7
Qualcomm Adreno GPU PID Reuse Mapping Leak
Posted Dec 15, 2020
Authored by Google Security Research, hawkes

Qualcomm Adreno GPU PID reuse can lead to a shared mapping leak vulnerability.

tags | exploit
advisories | CVE-2020-11311
SHA-256 | 3e3e7b15f4478de5e65c145f4176a69491a971efa9d024d29399588336df506c
Solaris SunSSH 11.0 x86 libpam Remote Root
Posted Dec 15, 2020
Authored by Hacker Fantastic

Solaris SunSSH versions 10 through 11.0 on x86 libpam remote root exploit.

tags | exploit, remote, x86, root
systems | solaris
advisories | CVE-2020-14871
SHA-256 | 93c50138db56dcc96e612d0fa56cca01459695d4f656345667a2e4fdec807e5d
Red Hat Security Advisory 2020-5434-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5434-01 - The targetcli package contains an administration shell for configuring Internet Small Computer System Interface, Fibre Channel over Ethernet, and other SCSI targets, using the Target Core Mod/Linux-IO kernel target subsystem. FCoE users also need to install and use the fcoe-utils package.

tags | advisory, shell, kernel
systems | linux, redhat
advisories | CVE-2020-13867
SHA-256 | 88d732069cbff0c46d3ccc25d396674da0b900f648c9ba4a293db6c642b034eb
Alumni Management System 1.0 Shell Upload
Posted Dec 15, 2020
Authored by Valerio Alessandroni

Alumni Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2020-28072
SHA-256 | 4bfe93d63aa8b884f827dac2016275021452f0ac25d6651dfe10a1e6e8fe05e6
Red Hat Security Advisory 2020-5439-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5439-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2020-14318, CVE-2020-14323, CVE-2020-1472
SHA-256 | 1cd908b159ef1b76221d2e9d0d69adbb11c5ecc9cafde8a5307b43268d43d893
Gitlab 11.4.7 Remote Code Execution
Posted Dec 15, 2020
Authored by Fortunato Lodari

Gitlab version 11.4.7 authenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 060ec27bc199fb9c231243a34947bcd6f792298a67ae1f4ab3d023368297fe8d
Red Hat Security Advisory 2020-5443-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5443-01 - GD is an open source code library for the dynamic creation of images by programmers. GD creates PNG, JPEG, GIF, WebP, XPM, BMP images, among other formats. Issues addressed include heap overflow and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2016-5766
SHA-256 | a52b53f51871e9f09d4e5affe5357910752a7ba99d8ba9eb815566d8e248ac9c
libbabl 0.1.62 Broken Double-Free Detection
Posted Dec 15, 2020
Authored by Carter Yagemann

libbabl version 0.1.62 broken double-free detection proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | c9625fdfa8e4f30279a1070a44fe6ea3eb8e3675976560ced8a254a2b39109ca
Red Hat Security Advisory 2020-5441-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5441-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer over-read vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-18282, CVE-2020-10769, CVE-2020-14314, CVE-2020-14385, CVE-2020-24394, CVE-2020-25212, CVE-2020-25643
SHA-256 | 10fd709ec5317c6e9ff836aba241b2b37ab6793d5400a1db991201fa616e3608
PHPJabbers Appointment Scheduler 2.3 Cross Site Scripting
Posted Dec 15, 2020
Authored by Andrea Intilangelo

PHPJabbers Appointment Scheduler 2.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-35416
SHA-256 | 6d9f865f19e0ad489deb9399c4ddf39299e14a0507ba056a5a408033ba345e68
Red Hat Security Advisory 2020-5435-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5435-01 - The python-rtslib package provides a Python library to configure the kernel target subsystem, using the configfs file system.

tags | advisory, kernel, python
systems | linux, redhat
advisories | CVE-2020-14019
SHA-256 | 5688c131a8428c2bc09f6e55f0cb1e1f4e85c7a3eae68300d704d0c2ccc1e7ab
Task Management System 1.0 Local File Inclusion
Posted Dec 15, 2020
Authored by Ismail Bozkurt

Task Management System version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | a07c22e636733ee06134ab3cbdf49c23ec2ec4c0bb20ebd8e528c0428139832a
Red Hat Security Advisory 2020-5422-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5422-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a null pointer vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-1971
SHA-256 | 15c45f9be5214fd88707760a438d8698732db0afac9a334318ee2188e2e238e6
Red Hat Security Advisory 2020-5416-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5416-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-12321
SHA-256 | e0488085dba32b0270af4477522e67cb0f6bcdd8fd0b35d4800de131cbcb828c
Cisco ASA 9.14.1.10 / FTD 6.6.0.1 Path Traversal
Posted Dec 15, 2020
Authored by Freakyclown

Cisco ASA version 9.14.1.10 and FTD version 6.6.0.1 path traversal exploit. Original discovery of this vulnerability is attributed to 3ndG4me in October of 2020.

tags | exploit, file inclusion
systems | cisco
advisories | CVE-2020-3452
SHA-256 | dfe0fcf7f0c733ce87bf53173ca792e20086cc5828ba3e9907aa3993b08bf8fe
Red Hat Security Advisory 2020-5418-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5418-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-16166
SHA-256 | 8973a9ae5ebe29196c30173d1014c6915bc52d3e20210910aac02c2779cca62b
Red Hat Security Advisory 2020-5430-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5430-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18551, CVE-2019-19447, CVE-2019-20636, CVE-2019-9454, CVE-2020-12770
SHA-256 | 0bfd4a3134b86355b7ff63ecd9834313e1383db6cbc7a5a8ae97fc7cb795cb18
Red Hat Security Advisory 2020-5420-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5420-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.

tags | advisory, perl, protocol
systems | linux, redhat
advisories | CVE-2020-15862
SHA-256 | de0ed0fe595324740da72e3c96802f2e70dfc8bbd5dc38d05c1298fc14f0d429
Online Marriage Registration System 1.0 Remote Code Execution
Posted Dec 15, 2020
Authored by Andrea Bruschi

Online Marriage Registration System version 1.0 authenticated remote code execution exploit. Original discovery of remote code execution in this version was discovered by Selim Enes Karaduman.

tags | exploit, remote, code execution
SHA-256 | fb9d5797bad77ed8c6a1484c739b1398a4d81951087d21f8db5fe249b8a2b2e7
Red Hat Security Advisory 2020-5417-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5417-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2020-8177
SHA-256 | b57f36f309bc3f0aa3fe312a986e20d2ea160cf2b12070ba0a963d933f7ac2a8
Red Hat Security Advisory 2020-5423-01
Posted Dec 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5423-01 - The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2020-25654
SHA-256 | 6dbb1d47b9916093bfa205991e5bb7ef943d650ae8a8dee6e5f3df6b2d5dd265
Page 1 of 2
Back12Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close