what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2021-02-23

LogonExpert 8.1 Unquoted Service Path
Posted Feb 23, 2021
Authored by Victor Mondragon

LogonExpert version 8.1 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | f08c0a77cdca67f408b05cf2052a9172427f1ecd882be35ff2a62d6bbdabc3c3
Backdoor.Win32.Agent.xs MVID-2021-0106 Insecure Permissions
Posted Feb 23, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.xs malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 15c0df978a9ec7ad4ee5ab6c6a5d46c2e26fa275e8269ea57ac50b588acdb928
SpotAuditor 5.3.5 Denial Of Service
Posted Feb 23, 2021
Authored by Sinem Sahin

SpotAuditor version 5.3.5 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | c1db34fcde5b42d1a5f0db9d815978cdb0280e3ec1043e268e97237f5a4313db
Zeek 3.2.4
Posted Feb 23, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: A denial of service issue has been addressed as well as two bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | d5a984d383c0cc337e18d3d65b969e8566ab8a6fc38e9c6d39ba4a101027be85
Apache Flink JAR Upload Java Code Execution
Posted Feb 23, 2021
Authored by Brendan Coles, bigger.wing, Henry Chen | Site metasploit.com

This Metasploit module uses job functionality in the Apache Flink dashboard web interface to upload and execute a JAR file, leading to remote execution of arbitrary Java code as the web server user. This module has been tested successfully on Apache Flink versions: 1.9.3 on Ubuntu 18.04.4; 1.11.2 on Ubuntu 18.04.4; 1.9.3 on Windows 10; and 1.11.2 on Windows 10.

tags | exploit, java, remote, web, arbitrary
systems | linux, windows, ubuntu
SHA-256 | c4af5d4222df2b897758547790bace5a4fc29668737046e86bcb9bdee4ee6038
CIRA Canadian Shield Man-In-The-Middle
Posted Feb 23, 2021
Authored by David Coomber

The Canadian Internet Registration Authority (CIRA) Canadian Shield iOS application versions 4.0.12 and below do not validate the SSL certificate it receives when connecting to the application server.

tags | advisory
systems | ios
advisories | CVE-2021-27189
SHA-256 | 45101c457e72359c021a13cf5308d10f34eba950e27a433202de650671c113b1
Ubuntu Security Notice USN-4467-3
Posted Feb 23, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4467-3 - USN-4467-1 fixed vulnerabilities in QEMU. The fix for CVE-2020-13754 introduced a regression in certain environments. This update fixes the problem. Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko discovered that the QEMU incorrectly handled certain msi-x mmio operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-13754
SHA-256 | 0af9f05cea9149bfe3ca52b755be60ad5124e2d45b7d3706d47f59dfa1ef633c
Batflat CMS 1.3.6 Cross Site Scripting
Posted Feb 23, 2021
Authored by Tadjmen

Batflat CMS version 1.3.6 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d607d6b6b12d1abb1b361fd3bd0fbdfd9cf588f5663e8b1bee73a35f5ad78e5c
HFS (HTTP File Server) 2.3.x Remote Code Execution
Posted Feb 23, 2021
Authored by Pergyz

HFS (HTTP File Server) version 2.3.x remote code execution exploit.

tags | exploit, remote, web, code execution
advisories | CVE-2014-6287
SHA-256 | d5259779819e2ec48d535d544c03503c184fbc5382e90d8a57b7ba07265969f1
VLC 3.0.11 / 3.0.12 Type Confusion
Posted Feb 23, 2021
Authored by Ofir Moskovitch

VLC media player versions 3.0.11 and 3.0.12 suffer from a type confusion vulnerability.

tags | advisory
SHA-256 | 34da71e6f84b4e0ef9663b1e0477bc2098452f78415636931e4bb3ad209479c1
Monica 2.19.1 Cross Site Scripting
Posted Feb 23, 2021
Authored by BouSalman

Monica version 2.19.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-27370
SHA-256 | 9a749153f4cd4394f9758c02f0debd7df8c4212f83fd0ccbdfa4aa5fef9a7378
eChat 1.0 SQL Injection
Posted Feb 23, 2021
Authored by sML

eChat version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ae150e4fcab44e39b6a08ed633d7b544d1982a81eea8cc0645401ff70b803c5b
Product Key Explorer 4.2.7 Denial Of Service
Posted Feb 23, 2021
Authored by Sinem Sahin

Product Key Explorer version 4.2.7 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 44d3470f58a697d73857e77298e36651d116ac93496ef4851d39debbcd34fe99
Windows/x86 Add User Alfred Shellcode
Posted Feb 23, 2021
Authored by Armando Huesca Prida

240 bytes small Windows/x86 add user Alfred to administrators/remote desktop users group shellcode.

tags | remote, x86, shellcode
systems | windows
SHA-256 | 87baea02c93852f7ff91efddf99dce46312ecdece68e0c0d68050ac306f14f2d
Mobile Security And Penetration Testing
Posted Feb 23, 2021
Authored by Furkan Enes Polatoglu

Whitepaper called Mobile Security and Penetration Testing. Written in Turkish.

tags | paper
SHA-256 | 56bcdaf3cd7bc5cd83f8a5559d8985f7fe6e7e70d6985f586acb76d64834d173
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close