what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2021-05-10

Ubuntu Security Notice USN-4940-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4940-1 - It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14343
SHA-256 | 26cf20568e9046c31cde4f52b3870ffa8d590f4ecc4378cfff3a9ec384cb0f1c
Botan C++ Crypto Algorithms Library 2.18.1
Posted May 10, 2021
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Fixed a build regression in 2.18.0. Fixed a bug which caused decoding a certificate which contained more than one name in a single RDN. Fixed a bug which caused OID lookup failures when run in a locale which uses thousands separators. Fixed an issue where DNS names in name constraints were compared with case sensitivity, which could cause valid certificates to be rejected. A couple of X.509 fixes as well.
tags | library
SHA-256 | f8c7b46222a857168a754a5cc329bb780504122b270018dda5304c98db28ae29
TestSSL 3.0.5
Posted May 10, 2021
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Fixed off by one error in HSTS. Fixed minor output inconsistency in JSON output. Improved compatibility for OpenSSL 3.0. Fixed localization issue for ciphers. Various other updates and fixes.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 9de744fe0e51a03d42fa85e4b83340948baeaa7080427f90b0efd23e9106fece
AWS CloudShell Terminal Escape Injection / Remote Code Execution
Posted May 10, 2021
Authored by Google Security Research, Felix Wilhelm

The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance.

tags | exploit, remote, javascript, code execution
SHA-256 | f02320214893002ab2b97694c08e9e2330bbb20f2f2bada5f83933c577f951ef
Ubuntu Security Notice USN-4939-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4939-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-1788
SHA-256 | 9808bdce300a9783018e8b90afd7130708b041ed1c748ae8fe4bb4d22a224efa
OpenNetAdmin 18.1.1 Remote Command Execution
Posted May 10, 2021
Authored by Alexandre Zanni

OpenNetAdmin versions 8.5.14 through 18.1.1 remote command execution exploit written in Ruby. This exploit was based on the original discovery of the issue by mattpascoe.

tags | exploit, remote, ruby
SHA-256 | b82e6c61d40806f2604b1313677e7f7e64221c2886c94d83d210370a8aca9611
Human Resource Information System 0.1 Cross Site Scripting
Posted May 10, 2021
Authored by Reza Afsahi

Human Resource Information System version 0.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ddb51fb8202a76c1f1909c82abbb4a55bf1080b4054cf8017b7fc8cd8799f20a
Microweber CMS 1.1.20 Remote Code Execution
Posted May 10, 2021
Authored by sl1nki

Microweber CMS versions 1.1.20 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-28337
SHA-256 | a612c495257e9218a10262196d355c948092ecce519d2e6039de49d57d829f69
Mikrotik RouterOS 6.46.5 Memory Corruption / Assertion Failure
Posted May 10, 2021
Authored by Qian Chen

MikroTik RouterOS version 6.46.5 suffers from an assertion failure and multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2020-20214, CVE-2020-20222, CVE-2020-20236, CVE-2020-20237
SHA-256 | a64685676fca951c82952a48568cc23b987ea04f6128ac9fa93f1d10f7bfbe11
Backdoor.Win32.Antilam.13.a MVID-2021-0204 Code Execution
Posted May 10, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.13.a malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | d4d9790804f4aaa936d0e8f8677daa344a863454976e162e25e3eaf7eb0f6d5f
Linux/x86 setreuid(0) / execve("/bin/sh") Shellcode
Posted May 10, 2021
Authored by Artur Szymczak

29 bytes small Linux/x86 shellcode that performs setreuid to 0 and then executes /bin/sh.

tags | x86, shellcode
systems | linux
SHA-256 | e6a46129d157e756ab079a8bd8c0b4fb71e4329d98e97809fa092cf1d9ec5876
Backdoor.Win32.MotivFTP.12 MVID-2021-0203 Authentication Bypass / Code Execution
Posted May 10, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.MotivFTP.12 malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
SHA-256 | c42130ba76914e5d9d1d36d47d46f373aa705da2515d9ebf4fc32b2b4d39382a
TFTP Broadband 4.3.0.1465 Unquoted Service Path
Posted May 10, 2021
Authored by Erick Galindo

TFTP Broadband version 4.3.0.1465 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | fa82717b2a4daf6f38e42a5d6faf3c0f6245580019a66ac9a5b41dcddeb6e0c1
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close