what you don't know can hurt you
Showing 1 - 20 of 20 RSS Feed

Files Date: 2021-03-31

Faraday 3.14.3
Posted Mar 31, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added last_run to executors and agents. Added ignore info vulns option (from faraday-plugins 1.4.3). Multiple other modifications and additions. Added three new plugins and fixed some old versions of nessus plugins.
tags | tool, rootkit
systems | unix
SHA-256 | dc241b17b59a387f4a0a397d3ba88e61bd2916595008a16d8ae62d8d08bf9c49
Scapy Packet Manipulation Tool 2.4.5rc1
Posted Mar 31, 2021
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Release candidate 1 for 2.4.5. Various updates.
tags | tool, scanner, python
systems | unix
SHA-256 | 45f868edd4381e47b6d7beb0cabaaa40290660912190b8b2a1df4b1f090300c6
Backdoor.Win32.Burbul.b MVID-2021-0154 Authentication Bypass / Man-In-The-Middle
Posted Mar 31, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Burbul.b malware suffers from bypass and man-in-the-middle vulnerabilities.

tags | exploit, vulnerability
systems | windows
SHA-256 | ad0e9ad069b7a492e94bc717fcb4d4cb336ceb2993d94d7301f2e8e08d2538e4
IRC-Worm.Win32.Silentium.a MVID-2021-0153 Insecure Permissions
Posted Mar 31, 2021
Authored by malvuln | Site malvuln.com

IRC-Worm.Win32.Silentium.a malware suffers from an insecure permissions vulnerability.

tags | exploit, worm
systems | windows
SHA-256 | a858aa6f954f6eb267908dd506d8e509ad0831de083ae345353bd5a536e89ff5
Red Hat Security Advisory 2021-1050-01
Posted Mar 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1050-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, protocol, memory leak
systems | linux, redhat
advisories | CVE-2020-27827, CVE-2020-35498
SHA-256 | 828795c93b0161574d19f6ec50e5a79355295024799c77249b9eeffe0c9f5f99
Red Hat Security Advisory 2021-1051-01
Posted Mar 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1051-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-27827
SHA-256 | d5b5450b7bf7fc70a68cede4a2ead2ad68a8cbac211c0ee9719042885f5c1325
Gentoo Linux Security Advisory 202103-04
Posted Mar 31, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202103-4 - A vulnerability in SQLite could lead to remote code execution. Versions less than 3.34.1 are affected.

tags | advisory, remote, code execution
systems | linux, gentoo
advisories | CVE-2021-20227
SHA-256 | 5625e3bdd66a5b53a44d160b6c5f203b8d7b93933168af583a26a6ed947477db
Gentoo Linux Security Advisory 202103-03
Posted Mar 31, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202103-3 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.1.1k are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-23840, CVE-2021-23841, CVE-2021-3449, CVE-2021-3450
SHA-256 | 566847b7af0fcb3a90dc25f29b5036c3ee69853cd7da288df1e5db323975f5ee
DD-WRT 45723 Buffer Overflow
Posted Mar 31, 2021
Authored by Selim Enes Karaduman

DD-WRT 45723 UPNP buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | a012a17d9ce0e0d95f7e95db692e5e14fa8c4f7101947dc62ddf80c2c524236d
Gentoo Linux Security Advisory 202103-02
Posted Mar 31, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202103-2 - A vulnerability in Redis could lead to remote code execution. Versions less than 6.0.12 are affected.

tags | advisory, remote, code execution
systems | linux, gentoo
advisories | CVE-2021-21309
SHA-256 | 0c57e716e17c05df9d7c490ffeca4fca4f648e2031e8a4f6ab255a0d9a8ad43f
Gentoo Linux Security Advisory 202103-01
Posted Mar 31, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202103-1 - Multiple vulnerabilities have been found in Salt, the worst of which could allow remote attacker to execute arbitrary commands. Versions less than 3000.8 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-28243, CVE-2020-28972, CVE-2020-35662, CVE-2021-25281, CVE-2021-25282, CVE-2021-25283, CVE-2021-25284, CVE-2021-3144, CVE-2021-3148, CVE-2021-3197
SHA-256 | 1fb0dacbd9c9195812a7ba36af666c1b8eadeff44eb24cd158f8df8aba52a654
CourseMS 2.1 Cross Site Scripting
Posted Mar 31, 2021
Authored by cptsticky

CourseMS version 2.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | dbf55a8d9aec923ba1b50113fb4b0695591fcc4cfb9d14287a183c8e0842791d
Ubuntu Security Notice USN-4898-1
Posted Mar 31, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4898-1 - Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information. Mingtao Yang discovered that curl incorrectly handled session tickets when using an HTTPS proxy. A remote attacker in control of an HTTPS proxy could use this issue to bypass certificate checks and intercept communications. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2021-22876, CVE-2021-22890
SHA-256 | 22173ed9e34384a637f436fbee924cd1e6f822bde6b4c5d87b6d0061740ea569
Red Hat Security Advisory 2021-0943-01
Posted Mar 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0943-01 - This release of Red Hat build of Eclipse Vert.x 4.0.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-21290, CVE-2021-21295
SHA-256 | 27c674ff4f5e0a45d001eff7db180d83be456fa355fe2cf5504e6c2520ed865c
Ubuntu Security Notice USN-4897-1
Posted Mar 31, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4897-1 - Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a specially crafted file, a remote attacker could cause Pygments to hang or consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-27291
SHA-256 | 8d14c1970e19c85fe938c7a2bd2f1ae9abe96b5bd45ec7c3cf9f7a44e1634445
Ubuntu Security Notice USN-4896-1
Posted Mar 31, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4896-1 - It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting attacks.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2021-28957
SHA-256 | 93f52472d7a4524528bf2ff0ab669aad6e78f49528a1b838c29d43bc6b763650
Zabbix 3.4.7 Cross Site Scripting
Posted Mar 31, 2021
Authored by Radmil Gazizov

Zabbix version 3.4.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c09e97f233a32d679c9284d9f2b902da7ba1cd81163c6a8b9a66ac3aa77e5f7a
Red Hat Security Advisory 2021-0956-01
Posted Mar 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0956-01 - ed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.23. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-15586, CVE-2020-16845
SHA-256 | 861071f6bf0e5dba4d9f1ef1b918a46dc934467d99bbcf4137cae83ba99e5cc9
Red Hat Security Advisory 2021-1044-01
Posted Mar 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1044-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management, and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.10.1 serves as an update to Red Hat Process Automation Manager 7.10.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-9488
SHA-256 | 797bd042bd64f6d3fc9fc559347999470fa3a64e11160e24236ffa68caed892f
Red Hat Security Advisory 2021-1039-01
Posted Mar 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1039-01 - MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-27928
SHA-256 | e85777d3c06c78c93ad82ae48b3e5185e3b60d607f9f00d001350c6f9339dd5f
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close