exploit the possibilities
Showing 1 - 25 of 33 RSS Feed

Files Date: 2021-02-16

Ubuntu Security Notice USN-4734-2
Posted Feb 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4734-2 - USN-4734-1 fixed several vulnerabilities in wpa_supplicant. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that wpa_supplicant did not properly handle P2P group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that hostapd did not properly handle UPnP subscribe messages in some circumstances. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-12695, CVE-2021-0326
SHA-256 | 49410830b0c8b8841b939879c09f65434aed797cf17da754ead53d148a5e865f
Red Hat Security Advisory 2021-0599-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0599-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server and command-line utilities for server administration, the Administration Server HTTP agent package, and the GUI console packages. Issues addressed include an information leakage vulnerability.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2020-35518
SHA-256 | b45608432e7c570572f13c8dbaa35ec7f8c2bfcb6c0d5eacad5e24a3593c95ce
Ubuntu Security Notice USN-4736-1
Posted Feb 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4736-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that responses received during the plaintext phase of the STARTTLS connection setup were subsequently evaluated during the encrypted session. A person in the middle could potentially exploit this to perform a response injection attack. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15685, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960
SHA-256 | b6c1f03c7fd8c0de6f8a95513aaf24c579db20b2e4391bdcb8805ea4e08a8069
TOR Virtual Network Tunneling Tool 0.4.5.6
Posted Feb 16, 2021
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release series introduces significant improvements in relay IPv6 address discovery, a new "MetricsPort" mechanism for relay operators to measure performance, LTTng support, build system improvements to help when using Tor as a static library, and significant bugfixes related to Windows relay performance. It also includes numerous smaller features and bugfixes.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 22cba3794fedd5fa87afc1e512c6ce2c21bc20b4e1c6f8079d832dc1e545e733
Recon Informer 1.3
Posted Feb 16, 2021
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Recon-Informer is a basic real-time anti-reconnaissance detection tool for offensive security systems, useful for penetration testers. It runs on Windows/Linux and leverages scapy.

Changes: Added -t flag to process packets from specific inbound IP address of interest. Added timestamp for detection results in console output window. Couple of bug fixes.
tags | tool
systems | linux, windows, unix
SHA-256 | 7f97a6b15e928a7250bd0474cc2f213abf8cc02a26b7e424d31838675907162f
Backdoor.Win32.Burbul.b MVID-2021-0093 Anonymous Login
Posted Feb 16, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Burbul.b malware has an ftp service that allows for anonymous login.

tags | exploit
systems | windows
SHA-256 | eacd817de5297bfb135a0355f799bafec34151bbf8e3f6ea6560cc32d694a5b8
Backdoor.Win32.Indexer.a MVID-2021-0092 Denial Of Service
Posted Feb 16, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Indexer.a malware suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
SHA-256 | d48a8459e1ba4c181989347d8c267adcf50e5532c2ce2473ef00b11baab6e68f
Red Hat Security Advisory 2021-0557-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0557-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, perl
systems | linux, redhat
advisories | CVE-2020-12723
SHA-256 | 1f7fbb8a9cda11a8da72b390e2dc8c19d436b004932f3dfe932f1cb842431812
Red Hat Security Advisory 2021-0531-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0531-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14370
SHA-256 | e6652ef2a0267358106529a53c6dc5f9986e7a254cd1604f6373851dd251650d
Red Hat Security Advisory 2021-0549-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0549-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2019-10746, CVE-2019-10747, CVE-2020-7754, CVE-2020-7788, CVE-2020-8265, CVE-2020-8287
SHA-256 | a64a6a19ac80244fb7f9a1e728597b19c74ec6464def40c77bf97ff808fc4203
Red Hat Security Advisory 2021-0558-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0558-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14351, CVE-2020-25705, CVE-2020-29661
SHA-256 | 7283785eaa933b306c1724231dee042628d834e4720063f7b151d6119cbe24fa
Red Hat Security Advisory 2021-0548-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0548-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-15095, CVE-2020-15366, CVE-2020-7608, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8116, CVE-2020-8252, CVE-2020-8265, CVE-2020-8287
SHA-256 | 320aab402ef7196c5381a1e9675462d0a99fe6bc160bc505ac3775abdb558fc8
Red Hat Security Advisory 2021-0538-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0538-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include an out of bounds read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12400, CVE-2020-12403, CVE-2020-6829
SHA-256 | c262e1576a15286836eb793cba072f9d4ea3eaeb3112849368fb9d53ccd32197
Red Hat Security Advisory 2021-0551-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0551-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-15366, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287
SHA-256 | 1ef045ee9b5c6ed6cb265e67182061ab92d2e4d1256aeaa85d77d6cd36f00f69
Red Hat Security Advisory 2021-0537-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0537-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14351, CVE-2020-25705, CVE-2020-29661
SHA-256 | b771926c5d71d88a97d82d3499e15c5dd8e405c9a5899cdca21ddf8ce43e2fc3
Red Hat Security Advisory 2021-0436-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0436-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The compliance-operator image updates are now available for OpenShift Container Platform 4.6. This advisory provides the following updates among others: Enhances profile parsing time. Fixes excessive resource consumption from the Operator. Fixes default content image. Fixes outdated remediation handling.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-11068, CVE-2019-13050, CVE-2019-13627, CVE-2019-14889, CVE-2019-15165, CVE-2019-1551, CVE-2019-15903, CVE-2019-16168, CVE-2019-16935, CVE-2019-18197, CVE-2019-19221, CVE-2019-19906, CVE-2019-19956, CVE-2019-20218, CVE-2019-20386, CVE-2019-20387, CVE-2019-20388, CVE-2019-20454, CVE-2019-20807, CVE-2019-20907, CVE-2019-20916, CVE-2019-5018, CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743
SHA-256 | 0d991d0f7e88d36db03aa4ec1666ccd474727a461e4af460a0e41379046f1895
Digital Forensics
Posted Feb 16, 2021
Authored by Jeenali Kothari | Site hackingarticles.in

This whitepaper is an introductory guide to Digital Forensics. It provides a high level understanding of protocol and roles.

tags | paper, protocol
SHA-256 | a676db8f5ab0381a2e9ea5b5adf74019397945ebdb2b6bc06f10b3b04670452d
BlackCat CMS 1.3.6 Cross Site Scripting
Posted Feb 16, 2021
Authored by Kamaljeet Kumar

BlackCat CMS version 1.3.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 89f9428d9165020374ce602c34b5d6dea670dd8a192f3274bb62f7db262a8dff
Managed Switch Port Mapping Tool 2.85.2 Denial Of Service
Posted Feb 16, 2021
Authored by Ismael Nava

Managed Switch Port Mapping Tool version 2.85.2 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | f8397484f88b103bcbe65d00c2f84027a9f33ad3c2558b01dccddbc60242d157
Backdoor.Win32.Indexer.a MVID-2021-0091 Hardcoded Credentials
Posted Feb 16, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Indexer.a malware has a backdoor with weak hardcoded credentials.

tags | exploit
systems | windows
SHA-256 | 75d07c22ee885ccdb973aa8ca9f378855c5b303ddbc339cb577013a21100e03a
Red Hat Security Advisory 2021-0528-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0528-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-20907
SHA-256 | 3bb29f57bc2a277c7ab3637ada0c063fb9c3ae045f79e2a8c48ff5886ea41a2b
Red Hat Security Advisory 2021-0521-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0521-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-15095, CVE-2020-15366, CVE-2020-7608, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8116, CVE-2020-8252, CVE-2020-8265, CVE-2020-8287
SHA-256 | 8874e7408dd53c374668285d5a6736222671e5c705f397d142acf86d17cd1f95
Nsauditor 3.2.2.0 Denial Of Service
Posted Feb 16, 2021
Authored by Ismael Nava

Nsauditor version 3.2.2.0 Event Description denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 34b3b4f12f18d6376082a846d5d3399fcdb9b9c36e3ab68200a4864b66e79031
CASAP Automated Enrollment System 1.0 Cross Site Scripting
Posted Feb 16, 2021
Authored by nu11secur1ty | Site nu11secur1ty.com

CASAP Automated Enrollment System version 1.0 First Name persistent cross site scripting exploit. Original discovery of persistent cross site scripting in this version is attributed to Richard Jones.

tags | exploit, xss
advisories | CVE-2021-3294
SHA-256 | 6bceefc7fea2224717fdd993983c75fc667149e655487aff3b2785373418dbb9
Red Hat Security Advisory 2021-0525-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0525-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.

tags | advisory, perl, protocol
systems | linux, redhat
advisories | CVE-2020-15862
SHA-256 | 5295611830e6ca09048df89bff66ad52cefd94e45db7ae9e73785d46662811b8
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close