what you don't know can hurt you
Showing 1 - 25 of 33 RSS Feed

Files Date: 2021-01-04

Ubuntu Security Notice USN-4668-3
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4668-3 - USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local, vulnerability, python
systems | linux, ubuntu
MD5 | a029e69b2f2fd6b5ff7a56f554dcb47f
Ubuntu Security Notice USN-4674-1
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4674-1 - It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, imap
systems | linux, ubuntu
advisories | CVE-2020-24386, CVE-2020-25275
MD5 | b2e560c9e62cc73f933684b14231318a
BACKDOOR.WIN32.BNLITE Remote Heap Corruption
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

BACKDOOR.WIN32.BNLITE malware suffers from a remote heap corruption vulnerability.

tags | exploit, remote
systems | windows
MD5 | 1350fe87125f382e8b464f50e1026574
Phorpiex Insecure Permissions / Privilege Escalation
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Phorplex malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.

tags | exploit
MD5 | 78184adcea32cef38b4e72376069905a
SQLMAP - Automatic SQL Injection Tool 1.5
Posted Jan 4, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Bug fixes.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | c07963ad8b64601adc6f1793b84d5786
tcpdump 4.99.0
Posted Jan 4, 2021
Site tcpdump.org

tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.

Changes: Improved the contents, wording and formatting of the man page. Prints unsupported link-layer protocol packets in hex. Added support for new network protocols and DLTs. Various other updates.
tags | tool, sniffer
systems | unix
MD5 | b10aa2f497def7283bc060f626879ce5
libpcap 1.10.0
Posted Jan 4, 2021
Site tcpdump.org

Libpcap is a portable packet capture library which is used in many packet sniffers, including tcpdump.

Changes: Added support for capturing on DPDK devices. Added support for getting and setting packet time stamp types with Npcap. Various other updates.
tags | library
systems | unix
MD5 | 8c12dc19dd7e0d02d2bb6596eb5a71c7
Haveged 1.9.14
Posted Jan 4, 2021
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: New command added to havegecmd.c. Made enttest configurable.
tags | tool
systems | linux, unix
MD5 | f756474201bec9a46b41e8712f79468a
Ubuntu Security Notice USN-4673-1
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4673-1 - Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-26154
MD5 | 37308d157792044dbd547beba780fbd7
TROJAN.WIN32.JORIK.DMSPAMMER.SZ Remote Memory Corruption
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

TROJAN.WIN32.JORIK.DMSPAMMER.SZ malware suffers from a remote memory corruption vulnerability.

tags | exploit, remote, trojan
systems | windows
MD5 | 55fd186c4f2c6e538578030ac38957e3
HEUR.RISKTOOL.WIN32.BITMINER.GEN Remote Memory Corruption / Null Pointer
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

HEUR.RISKTOOL.WIN32.BITMINER.GEN malware suffers from a null pointer vulnerability.

tags | exploit
systems | windows
MD5 | 601917f8df7d6350a3eb11666ce5459c
CRUD Operation Software 1.0 Cross Site Scripting
Posted Jan 4, 2021
Authored by Arnav Tripathy

CRUD Operation Software version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9aaff9e6958d9377d58feec2ecfba283
Rock RMS File Upload / Account Takeover / Information Disclosure
Posted Jan 4, 2021
Authored by Cyber Security Research Group

Rock RMS suffers from arbitrary file upload, account takeover, and personal information disclosure vulnerabilities. Various versions are affected.

tags | exploit, arbitrary, vulnerability, info disclosure, file upload
advisories | CVE-2019-18641, CVE-2019-18642, CVE-2019-18643
MD5 | 496349ae2fd93f703a324dcbbd378676
Backdoor.Win32.Zombam.j Remote Stack Buffer Overflow
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Zombam.j malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, remote, overflow
systems | windows
MD5 | 182a0fbbaac8073813086e67cf27b8ad
Red Hat Security Advisory 2021-0003-01
Posted Jan 4, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0003-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2020-25211
MD5 | 5632c0603a5cd91fc87cdcaef612b21f
BACKDOOR.WIN32.REMOTEMANIPULATOR Insecure Permissions
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

BACKDOOR.WIN32.REMOTEMANIPULATOR malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
MD5 | 7864c5aeb2b19a8922a5abecf439eba2
BACKDOOR.WIN32.ADVERBOT Remote Stack Corruption
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

BACKDOOR.WIN32.ADVERBOT malware suffers from a remote stack corruption vulnerability.

tags | exploit, remote
systems | windows
MD5 | 7f28cc1158eba60a0170ed99309f564f
Resumes Management And Job Application Website 1.0 Cross Site Scripting
Posted Jan 4, 2021
Authored by Saswat Subhajyoti Mallick

Resumes Management and Job Application Website version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | ff455771a934d45b23ddf81b4813f13f
Trojan:Win32/Alyak.B Remote Stack Corruption
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Trojan:Win32/Alyak.B malware suffers from a remote stack corruption vulnerability.

tags | exploit, remote, trojan
systems | windows
MD5 | 06f8543da6c6582b57fde48c8e24b0a6
Email-Worm.Win32.Zhelatin.ago Remote Stack Buffer Overflow
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Email-Worm.Win32.Zhelatin.ago malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, worm, remote, overflow
systems | windows
MD5 | 8bd0a581f8bc5944d334d3e2733b636f
Trojan.Win32.Bayrob.cgau Insecure Permissions / Privilege Escalation
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Bayrob.cgau malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.

tags | exploit, trojan
systems | windows
MD5 | 846139c1b2a63ba6cc03a4216d4531c4
A Hands-On Introduction To Insecure Deserialization
Posted Jan 4, 2021
Authored by Kartik Verma, Apaar Farmaha

Whitepaper called A Hands-On Introduction to Insecure Deserialization.

tags | paper
MD5 | ff4a19d6dc23115fa4812829935313d8
Knockpy 4.1.1 CSV Injection
Posted Jan 4, 2021
Authored by Dolev Farhi

Knockpy version 4.1.1 suffers from a CSV injection vulnerability.

tags | exploit
MD5 | bab3b20d87d77973c40d152d6220174c
Curfew e-Pass Management 1.0 Cross Site Scripting
Posted Jan 4, 2021
Authored by Arnav Tripathy

Curfew e-Pass Management version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7dfde9f4758aac50c52aa63fb4877823
Trojan.Win32.Barjac Remote Stack Buffer Overflow
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Barjac malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, remote, overflow, trojan
systems | windows
MD5 | de7ba11ed626c2d3eb52927ed32f9e6b
Page 1 of 2
Back12Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close