what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files Date: 2021-03-15

ExpressionEngine 6.0.2 PHP Code Injection
Posted Mar 15, 2021
Authored by EgiX | Site karmainsecurity.com

ExpressionEngine versions 6.0.2 and below suffer from a Translate::save PHP code injection vulnerability.

tags | exploit, php
advisories | CVE-2021-27230
SHA-256 | 194597ced97a35c6d247729d6a66efa739186e83e8e19c865571433ee7b78ee3
Hydra Network Logon Cracker 9.2
Posted Mar 15, 2021
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Fix for http-post-form optional parameters. Enabled gcc 10 support for xhydra. IPv6 support for Host: header for http based modules. Various other updates.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | 1a28f064763f9144f8ec574416a56ef51c0ab1ae2276e35a89ceed4f594ec5d2
VoIPmonitor 27.6 Buffer Overflow
Posted Mar 15, 2021
Authored by Sandro Gauci | Site enablesecurity.com

A buffer overflow was identified in the VoIPmonitor live sniffer feature. The description variable in the function save_packet_sql is defined as a fixed length array of 1024 characters. The description is set to the value of a SIP request or response line. By setting a long request or response line VoIPmonitor will trigger a buffer overflow.

tags | exploit, overflow
SHA-256 | 145c87a11821afdce38f061bdde93705011a5071747335b1d316604f3d48c582
VoIPmonitor 27.5 Missing Memory Protections
Posted Mar 15, 2021
Authored by Sandro Gauci | Site enablesecurity.com

Static binaries provided for VoIPmonitor version2 7.5 are built without any memory corruption protection in place.

tags | exploit
SHA-256 | 53af2b715bcd85faf66b4d8deafd9d7676f2c8e34de79dd80c738b81bc0fb6da
macOS CoreGraphics Integer Overflow / Out-Of-Bounds Write
Posted Mar 15, 2021
Authored by Ivan Fratric, Google Security Research

CoreGraphics can be made to write out-of-bounds memory when rendering a specially crafted font. This vulnerability can also be triggered through Safari. The vulnerability was confirmed on macOS Big Sur version 11.1.

tags | exploit
advisories | CVE-2021-1776
SHA-256 | e8027d05a6dd6acb716ee4876e073b6e72b34b7dfda2f94a9e8c4770517e1ddd
Online News Portal 1.0 Cross Site Scripting
Posted Mar 15, 2021
Authored by Richard Jones

Online News Portal version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version was made by Parshwa Bhavsar in December of 2020.

tags | exploit, xss
SHA-256 | 93bd83259a496629964b3bdfc7dec79cb9f5a745a22f8e019c9a9d41b334cbfd
Online News Portal 1.0 SQL Injection
Posted Mar 15, 2021
Authored by Richard Jones

Online News Portal version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 53685c2005d96fb15b253d8178dcd16aa02f54478a602292b886aa5239cd8046
Trojan.Win32.Siscos.bqe MVID-2021-0127 Insecure Permissions
Posted Mar 15, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Siscos.bqe malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | e052461251dde23e139ced892d115694993299f77e609678001e19c38bb36fbe
Ubuntu Security Notice USN-4764-1
Posted Mar 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4764-1 - It was discovered that GLib incorrectly handled certain symlinks when replacing files. If a user or automated system were tricked into extracting a specially crafted file with File Roller, a remote attacker could possibly create files outside of the intended directory.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-28153
SHA-256 | b0ccfade8f7e573c633257ecf3509299a30824c5a44eca29c99428787a74ddad
Red Hat Security Advisory 2021-0831-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0831-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 25d3e57d2845cf5488b4703b2b853c820eb07cf58ec4ce84a009df10dfab0482
Red Hat Security Advisory 2021-0830-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0830-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 27d899951c6c14385d19692ac6e48d9c4933fa240c1a19dfa60300ad5ab53730
Red Hat Security Advisory 2021-0827-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0827-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | f0ff3d98decc47c338c1b5dfa65168492b861a779911836e4fb4507459f154d6
SonLogger 4.2.3.3 Shell Upload
Posted Mar 15, 2021
Authored by Berkan Er | Site metasploit.com

This Metasploit module exploits an unauthenticated arbitrary file upload via an insecure POST request in SonLogger. It has been tested on version less than 6.4.1 in Windows 10 Enterprise.

tags | exploit, arbitrary, file upload
systems | windows
advisories | CVE-2021-27964
SHA-256 | 545f476ef86fb917ecc86e9949be038a9cf9a65e922e977dc23171d24166bcd6
SonLogger 4.2.3.3 SuperAdmin Account Creation / Information Disclosure
Posted Mar 15, 2021
Authored by Berkan Er

SonLogger version 4.2.3.3 suffers from SuperAdmin account creation and information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | 56e7d17df146559c639aaff1a40016847783570bed8733186cd99df1cc81fbb9
Windows Server 2012 SrClient DLL Hijacking
Posted Mar 15, 2021
Authored by Erik Wynter | Site metasploit.com

All editions of Windows Server 2012 (but not 2012 R2) are vulnerable to DLL hijacking due to the way TiWorker.exe will try to call the non-existent SrClient.dll file when Windows Update checks for updates. This issue can be leveraged for privilege escalation if %PATH% includes directories that are writable by low-privileged users. The attack can be triggered by any low-privileged user and does not require a system reboot. This module has been successfully tested on Windows Server 2012 (x64).

tags | exploit
systems | windows
SHA-256 | a77c7e37688f6a95f721932ff950b80f0f41b82f93c8e93eabed09e3701ff64d
VoIPmonitor WEB GUI 24.55 Cross Site Scripting
Posted Mar 15, 2021
Authored by Sandro Gauci | Site enablesecurity.com

VoIPmonitor WEB GUI versions 24.53, 24.54, and 24.55 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
SHA-256 | 3a7579f2a72cb2ec95aaa068756e5ed9c00e5774a0e0b1f2a2a7abaee0f242bb
Red Hat Security Advisory 2021-0835-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0835-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, protocol, memory leak
systems | linux, redhat
advisories | CVE-2020-27827, CVE-2020-35498
SHA-256 | 304970ae256724244361ab4dc611cc2b38bc271d4307722cf8f07919b3e8ebe8
Interactive Suite 3.6 Unquoted Service Path
Posted Mar 15, 2021
Authored by Luis Martinez

Interactive Suite version 3.6 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | c3d6c1b4db5be6abf1d6fc7a4f36e11850d3279d5464ceed789e39a89fc60730
Privilege Escalation Automated Script Linux And Windows
Posted Mar 15, 2021
Authored by Jeenali Kothari | Site hackingarticles.in

This whitepaper acts as a cheatsheet for methodologies to apply with Linux and Windows privilege escalation.

tags | paper
systems | linux, windows
SHA-256 | f9978ce5a9ca16e00a1d0a0a5a2c07c964a65b40e70e191a128d82f940f14ae3
eBeam Education Suite 2.5.0.9 Unquoted Service Path
Posted Mar 15, 2021
Authored by Luis Martinez

eBeam Education Suite version 2.5.0.9 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 07a48d0a80b6e6fb6cffc7ab3242dea1c5592445f28a09fc4e95014cb6f08235
Red Hat Security Advisory 2021-0837-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0837-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, protocol, memory leak
systems | linux, redhat
advisories | CVE-2020-27827, CVE-2020-35498
SHA-256 | b5c6b91d0c637851865f865ab0ca94947144cf03edf73377b5861526d1b52e75
Realtek Wireless LAN Utility 700.1631 Unquoted Service Path
Posted Mar 15, 2021
Authored by Luis Martinez

Realtek Wireless LAN Utility version 700.1631 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 1e139cd8c4c62e0f05cb836423e27055aa8450584a2ed0f8cb1ee288a1dd97fd
Trojan.Win32.Scar.dxir MVID-2021-0128 Insecure Permissions
Posted Mar 15, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Scar.dxir malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 34a6d50eb81b9596b9bf70eeb9120244f7ccb016c5961684830bc872c36265df
Trojan-Dropper.Win32.Delf.xk MVID-2021-0130 Denial Of Service
Posted Mar 15, 2021
Authored by malvuln | Site malvuln.com

Trojan-Dropper.Win32.Delf.xk malware suffers from a denial of service vulnerability.

tags | exploit, denial of service, trojan
systems | windows
SHA-256 | 8075c9dd64881ffb2208b7c6b92e80708e2a6e2aa84ed484c6a0b8757e72566f
Red Hat Security Advisory 2021-0834-01
Posted Mar 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0834-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, protocol, memory leak
systems | linux, redhat
advisories | CVE-2020-27827, CVE-2020-35498
SHA-256 | d36505e7937c648ec63520c804d19eb9a78a730a831faea43ad730a967acb547
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close