what you don't know can hurt you
Showing 1 - 25 of 26 RSS Feed

Files Date: 2021-05-03

OATH Toolkit 2.6.7
Posted May 3, 2021
Site nongnu.org

OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

Changes: Update to pam_oath. Updated gnulib files. Some build and documentation fixes.
tags | tool
systems | unix
MD5 | 0a3c0d9e1f8095c88657bfea8ad5d59f
IGEL OS Secure VNC/Terminal Command Injection
Posted May 3, 2021
Authored by Rob Vinson, Marisa Mack, James Smith, James Brytan, Steven Laura, Sergey Pashevkin | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in IGEL OS Secure Terminal and Secure Shadow services.

tags | exploit
MD5 | 30b646459635ecfc87e1d9c073784c46
Google Chrome XOR Typer Out-Of-Bounds Access / Remote Code Execution
Posted May 3, 2021
Authored by Niklas Baumstark, Grant Willcox, Rajvardhan Agarwal, Bruno Keith | Site metasploit.com

This Metasploit module exploits an issue in the V8 engine on x86_x64 builds of Google Chrome versions prior to 89.0.4389.128/90.0.4430.72 when handling XOR operations in JIT'd JavaScript code. Successful exploitation allows an attacker to execute arbitrary code within the context of the V8 process. As the V8 process is normally sandboxed in the default configuration of Google Chrome, the browser must be run with the --no-sandbox option for the payload to work correctly.

tags | exploit, arbitrary, javascript
advisories | CVE-2021-21220
MD5 | 63f07081f5cf627d484d2e1962bd0302
SQLMAP - Automatic SQL Injection Tool 1.5.5
Posted May 3, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 2423575bab9b29b2cb5a2f5b97d36e86
Epic Games Rocket League 1.95 Stack Buffer Overrun
Posted May 3, 2021
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Rocket League version 1.95 suffers from a stack-based buffer overflow vulnerability. The issue is caused due to a boundary error in the processing of a UPK format file, which can be exploited to cause a stack buffer overflow when a user crafts the file with a large array of bytes inserted in the vicinity offset after the magic header. Successful exploitation could allow execution of arbitrary code on the affected machine.

tags | exploit, overflow, arbitrary
MD5 | ba2e463a8ce18d40968287a8781e6309
Epic Games Rocket League 1.95 Insecure Permissions
Posted May 3, 2021
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Rocket League versions 1.95 and below suffer from an insecure permissions vulnerability.

tags | exploit
MD5 | 9ed5a4f67cb00f02b0ffb67ded384d2c
Kernel Live Patch Security Notice LSN-0076-1
Posted May 3, 2021
Authored by Benjamin M. Romer

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux
advisories | CVE-2021-29154, CVE-2021-3493
MD5 | b564ede11c90d1a439897db81efbd24b
GitLab Community Edition (CE) 13.10.3 User Enumeration
Posted May 3, 2021
Authored by 4D0niiS

GitLab Community Edition (CE) version 13.10.3 suffers from multiple user enumeration vulnerabilities.

tags | exploit, vulnerability
MD5 | 1e771f1c306635410687ca65cc0935eb
Gadget Works Online Ordering System 1.0 SQL Injection / Code Execution
Posted May 3, 2021
Authored by Richard Jones

Gadget Works Online Ordering System version 1.0 remote SQL injection to remote code execution exploit.

tags | exploit, remote, code execution, sql injection
MD5 | 54fabd3d8fd2ef1bf66e8982e1447134
Gadget Works Online Ordering System 1.0 SQL Injection
Posted May 3, 2021
Authored by Richard Jones

Gadget Works Online Ordering System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | a2eaa3a011a8f97e9215605c8c9e6fb1
Red Hat Security Advisory 2021-1478-01
Posted May 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1478-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
MD5 | 6ab653186cfdee43a38f8820eaa98241
Red Hat Security Advisory 2021-1477-01
Posted May 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1477-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
MD5 | 1e85b6ccea569aad3f3c4af33b3acbf3
Red Hat Security Advisory 2021-1479-01
Posted May 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1479-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
MD5 | 1d23373ebb175cd0e834ec00c680ea3b
Red Hat Security Advisory 2021-1475-01
Posted May 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1475-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
MD5 | f2a0fdb9823f1f6e8815828cafaae173
Red Hat Security Advisory 2021-1476-01
Posted May 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1476-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-25215
MD5 | 786c1aa6a01afdeba261b5724a376584
Gentoo Linux Security Advisory 202104-10
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-10 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 88.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-23961, CVE-2021-23968, CVE-2021-23969, CVE-2021-23970, CVE-2021-23971, CVE-2021-23972, CVE-2021-23973, CVE-2021-23974, CVE-2021-23975, CVE-2021-23976, CVE-2021-23977, CVE-2021-23978, CVE-2021-23981, CVE-2021-23982, CVE-2021-23983, CVE-2021-23984, CVE-2021-23985, CVE-2021-23986, CVE-2021-23987, CVE-2021-23988, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945
MD5 | 4a4d41e18018c457ccf1476fd1a1da84
Gentoo Linux Security Advisory 202104-09
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-9 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 78.10.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-23961, CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978, CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
MD5 | e91e12fed2987d793090726d1bf8df74
Gentoo Linux Security Advisory 202104-08
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-8 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 90.0.4430.93 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-21142, CVE-2021-21143, CVE-2021-21144, CVE-2021-21145, CVE-2021-21146, CVE-2021-21147, CVE-2021-21148, CVE-2021-21149, CVE-2021-21150, CVE-2021-21151, CVE-2021-21152, CVE-2021-21153, CVE-2021-21154, CVE-2021-21155, CVE-2021-21156, CVE-2021-21157, CVE-2021-21159, CVE-2021-21160, CVE-2021-21161, CVE-2021-21162, CVE-2021-21163, CVE-2021-21165, CVE-2021-21166, CVE-2021-21167, CVE-2021-21168, CVE-2021-21169
MD5 | b395ce481d579899f2b7fc5247d90258
Gentoo Linux Security Advisory 202104-07
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-7 - A vulnerability in ClamAV could lead to a Denial of Service condition. Versions less than 0.103.2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2021-1405
MD5 | 0be046e369d06d827c57d69d586adefe
Gentoo Linux Security Advisory 202104-06
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-6 - Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in the execution of arbitrary code. Versions less than 4.2.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-35521, CVE-2020-35522, CVE-2020-35523, CVE-2020-35524
MD5 | 7d955b64a198f17eb6eadd9edbd510c0
Gentoo Linux Security Advisory 202104-05
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-5 - Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. Versions less than 2.06_rc1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-14372, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
MD5 | 8cc497c35fa19595a39d6cbcaef63e9d
Gentoo Linux Security Advisory 202104-04
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-4 - Multiple vulnerabilities have been found in Python, the worst of which might allow attackers to access sensitive information. Versions less than 3.9.2_p1 are affected.

tags | advisory, vulnerability, python
systems | linux, gentoo
advisories | CVE-2021-23336, CVE-2021-3426
MD5 | e0e6beeb977ada2ce23c78cffec1ab55
Gentoo Linux Security Advisory 202104-03
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-3 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Versions less than 2.30.6 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-13558, CVE-2020-27918, CVE-2020-29623, CVE-2020-9947, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870
MD5 | 1f178a01cea47fe97e0251da30dfa123
Gentoo Linux Security Advisory 202104-02
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-2 - A vulnerability in X.Org X Server may allow users to escalate privileges. Versions less than 1.20.11 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2021-3472
MD5 | d8c7c9f1ca136a31af6cfc9ba0989f49
Gentoo Linux Security Advisory 202104-01
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-1 - A vulnerability has been found in Git that could allow a remote attacker to execute arbitrary code. Versions less than 2.26.3 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2021-21300
MD5 | ece8db17175da3a175f99db2c818ccfa
Page 1 of 2
Back12Next

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    2 Files
  • 13
    Jun 13th
    1 Files
  • 14
    Jun 14th
    32 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close