what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files Date: 2021-01-04

Ubuntu Security Notice USN-4668-3
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4668-3 - USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local, vulnerability, python
systems | linux, ubuntu
SHA-256 | 2996f2ca94f22a07b22d4290ff3fb81aff7b1ca939bad8e3448a15424b4c1ab9
Ubuntu Security Notice USN-4674-1
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4674-1 - It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, imap
systems | linux, ubuntu
advisories | CVE-2020-24386, CVE-2020-25275
SHA-256 | a6fb24566e34ca33892166efc08d56441a09b26e354fd4b998d65c1ffc7d4c66
BACKDOOR.WIN32.BNLITE MVID-2021-0012 Remote Heap Corruption
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

BACKDOOR.WIN32.BNLITE malware suffers from a remote heap corruption vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | 5846f42f4254264a3ccef8ab905e2bcfbc985351e4c829a10d519d7df39cf7c0
Phorpiex MVID-2021-0007 Insecure Permissions / Privilege Escalation
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Phorplex malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.

tags | exploit
SHA-256 | 31c1931d20b346f643d993effac9bd45f03bb40eb954f7c9cc26215912a5b9ad
SQLMAP - Automatic SQL Injection Tool 1.5
Posted Jan 4, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Bug fixes.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | 18c38c4ccf04e81e540527abc63130eced72b157da1d705e3af26b1d4768671d
tcpdump 4.99.0
Posted Jan 4, 2021
Site tcpdump.org

tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.

Changes: Improved the contents, wording and formatting of the man page. Prints unsupported link-layer protocol packets in hex. Added support for new network protocols and DLTs. Various other updates.
tags | tool, sniffer
systems | unix
SHA-256 | 8cf2f17a9528774a7b41060323be8b73f76024f7778f59c34efa65d49d80b842
libpcap 1.10.0
Posted Jan 4, 2021
Site tcpdump.org

Libpcap is a portable packet capture library which is used in many packet sniffers, including tcpdump.

Changes: Added support for capturing on DPDK devices. Added support for getting and setting packet time stamp types with Npcap. Various other updates.
tags | library
systems | unix
SHA-256 | 8d12b42623eeefee872f123bd0dc85d535b00df4d42e865f993c40f7bfc92b1e
Haveged 1.9.14
Posted Jan 4, 2021
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: New command added to havegecmd.c. Made enttest configurable.
tags | tool
systems | linux, unix
SHA-256 | 938cb494bcad7e4f24e61eb50fab4aa0acbc3240c80f3ad5c6cf7e6e922618c3
Ubuntu Security Notice USN-4673-1
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4673-1 - Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-26154
SHA-256 | 42c0a7070c3b6ede8f5202c04e999ccc049ae73fc1ebd566849f04b6c099d16c
TROJAN.WIN32.JORIK.DMSPAMMER.SZ MVID-2021-0008 Remote Memory Corruption
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

TROJAN.WIN32.JORIK.DMSPAMMER.SZ malware suffers from a remote memory corruption vulnerability.

tags | exploit, remote, trojan
systems | windows
SHA-256 | 96cc7d2ac0ad4a8f2073087d4f045ebc3f750b00d1a66c74e9a2704a61b6a679
HEUR.RISKTOOL.WIN32.BITMINER.GEN MVID-2021-0009 Remote Memory Corruption / Null Pointer
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

HEUR.RISKTOOL.WIN32.BITMINER.GEN malware suffers from a null pointer vulnerability.

tags | exploit
systems | windows
SHA-256 | 897cacb25224a142af9dd2a04c2827c26d2d7d9052eff1394cb54ae4f4b863c6
CRUD Operation Software 1.0 Cross Site Scripting
Posted Jan 4, 2021
Authored by Arnav Tripathy

CRUD Operation Software version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 8496e5fff9d2fb0a8c49c9ee07b5d2f8282d1db03713fd5c1d50532f0306a5ef
Rock RMS File Upload / Account Takeover / Information Disclosure
Posted Jan 4, 2021
Authored by Cyber Security Research Group

Rock RMS suffers from arbitrary file upload, account takeover, and personal information disclosure vulnerabilities. Various versions are affected.

tags | exploit, arbitrary, vulnerability, info disclosure, file upload
advisories | CVE-2019-18641, CVE-2019-18642, CVE-2019-18643
SHA-256 | 8fc0428a6783de1ab9966a207dcdde3ec9f01dd3fbbf4d51cb139ea9c834aa0a
Backdoor.Win32.Zombam.j MVID-2021-0006 Remote Stack Buffer Overflow
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Zombam.j malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, remote, overflow
systems | windows
SHA-256 | 2ba1a6cf0269346fab9ee340a31b39db04858c26a52c70977145925c356eb40f
Red Hat Security Advisory 2021-0003-01
Posted Jan 4, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0003-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2020-25211
SHA-256 | 515c08ea387942dd5315d62543d4f39ac3ba4d6b21601496d2fcf38f59130a3f
BACKDOOR.WIN32.REMOTEMANIPULATOR MVID-2021-0005 Insecure Permissions
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

BACKDOOR.WIN32.REMOTEMANIPULATOR malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | a64b81396e4e9bbeab9ae17cbf17a261b1a43a25dc5da0de2a55b256c9d07e8c
BACKDOOR.WIN32.ADVERBOT MVID-2021-0003 Remote Stack Corruption
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

BACKDOOR.WIN32.ADVERBOT malware suffers from a remote stack corruption vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | e19f1cae1b270a3c26e471536c7e316b5ff21b3b1fd8f868d916eb9e10f0cf41
Resumes Management And Job Application Website 1.0 Cross Site Scripting
Posted Jan 4, 2021
Authored by Saswat Subhajyoti Mallick

Resumes Management and Job Application Website version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 5a76ff65b5062f277ac950783306e48497b8baa33d0e9df6700a77c318e130c8
Trojan:Win32/Alyak.B MVID-2021-0004 Remote Stack Corruption
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Trojan:Win32/Alyak.B malware suffers from a remote stack corruption vulnerability.

tags | exploit, remote, trojan
systems | windows
SHA-256 | c730fca9492df00a1b3b3087832398a28816274d38d49172ee9e623c0323a4b3
Email-Worm.Win32.Zhelatin.ago MVID-2021-0014 Remote Stack Buffer Overflow
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Email-Worm.Win32.Zhelatin.ago malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, worm, remote, overflow
systems | windows
SHA-256 | cc85555b920fa27d6e6139214e1b57bc209184761c8e3ed44fa30d299077dac5
Trojan.Win32.Bayrob.cgau MVID-2021-0002 Insecure Permissions / Privilege Escalation
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Bayrob.cgau malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.

tags | exploit, trojan
systems | windows
SHA-256 | 13f2ef80f55d7bb39d8d08d9eafc77f1b6ae0f882c519b9f6ec9f1fa5aa1da54
A Hands-On Introduction To Insecure Deserialization
Posted Jan 4, 2021
Authored by Kartik Verma, Apaar Farmaha

Whitepaper called A Hands-On Introduction to Insecure Deserialization.

tags | paper
SHA-256 | 9f8d4513c658a8d277ba48b31ed100857bc6624e450a451c420d90f3b25f30d6
Knockpy 4.1.1 CSV Injection
Posted Jan 4, 2021
Authored by Dolev Farhi

Knockpy version 4.1.1 suffers from a CSV injection vulnerability.

tags | exploit
SHA-256 | 3ff2d2cfd9c422933058b46904ff049f2046b3a3f5e80558975e22a52b0aadbe
Curfew e-Pass Management 1.0 Cross Site Scripting
Posted Jan 4, 2021
Authored by Arnav Tripathy

Curfew e-Pass Management version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c64820cce6dc87b5f5f5e413a2648f854c0d9a0562aad97588eb6530c3275a51
Trojan.Win32.Barjac MVID-2021-0011 Remote Stack Buffer Overflow
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Barjac malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, remote, overflow, trojan
systems | windows
SHA-256 | 830d07090b48765c91480342ae79955c3e97436c901eb2c6598ae9da90d6dff7
Page 1 of 2
Back12Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close