what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

Files Date: 2021-05-10

Ubuntu Security Notice USN-4940-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4940-1 - It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14343
MD5 | 5c9054e5dcb84fcca5e0b7bb231e1dfd
Botan C++ Crypto Algorithms Library 2.18.1
Posted May 10, 2021
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Fixed a build regression in 2.18.0. Fixed a bug which caused decoding a certificate which contained more than one name in a single RDN. Fixed a bug which caused OID lookup failures when run in a locale which uses thousands separators. Fixed an issue where DNS names in name constraints were compared with case sensitivity, which could cause valid certificates to be rejected. A couple of X.509 fixes as well.
tags | library
MD5 | 77c558179f276273e0bf39ef941d36c5
TestSSL 3.0.5
Posted May 10, 2021
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Fixed off by one error in HSTS. Fixed minor output inconsistency in JSON output. Improved compatibility for OpenSSL 3.0. Fixed localization issue for ciphers. Various other updates and fixes.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 85b7b8a6e133d634247b01fd085c8134
AWS CloudShell Terminal Escape Injection / Remote Code Execution
Posted May 10, 2021
Authored by Google Security Research, Felix Wilhelm

The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance.

tags | exploit, remote, javascript, code execution
MD5 | a07ebf4a753f14e46c966e23a4c3cf0b
Ubuntu Security Notice USN-4939-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4939-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-1788
MD5 | af4558d62abbfd5bae4e9822b097ced0
OpenNetAdmin 18.1.1 Remote Command Execution
Posted May 10, 2021
Authored by Alexandre Zanni

OpenNetAdmin versions 8.5.14 through 18.1.1 remote command execution exploit written in Ruby. This exploit was based on the original discovery of the issue by mattpascoe.

tags | exploit, remote, ruby
MD5 | b2ea2bd02abebc013ca6ae8665950e12
Human Resource Information System 0.1 Cross Site Scripting
Posted May 10, 2021
Authored by Reza Afsahi

Human Resource Information System version 0.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | b3c43dae4a9a9d7796907d56e01016b2
Microweber CMS 1.1.20 Remote Code Execution
Posted May 10, 2021
Authored by sl1nki

Microweber CMS versions 1.1.20 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-28337
MD5 | 0063a431388f4fe7ccd8fa8d5d7c584a
Mikrotik RouterOS 6.46.5 Memory Corruption / Assertion Failure
Posted May 10, 2021
Authored by Qian Chen

MikroTik RouterOS version 6.46.5 suffers from an assertion failure and multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2020-20214, CVE-2020-20222, CVE-2020-20236, CVE-2020-20237
MD5 | f448d3ff32e6262a60ea1772af463096
Backdoor.Win32.Antilam.13.a Code Execution
Posted May 10, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.13.a malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
MD5 | 90c772b53bfed8c530e96eb7f674a3a4
Linux/x86 setreuid(0) / execve("/bin/sh") Shellcode
Posted May 10, 2021
Authored by Artur Szymczak

29 bytes small Linux/x86 shellcode that performs setreuid to 0 and then executes /bin/sh.

tags | x86, shellcode
systems | linux
MD5 | fb31f0e9f1ee8031f9ee3bdc1516a790
Backdoor.Win32.MotivFTP.12 Authentication Bypass / Code Execution
Posted May 10, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.MotivFTP.12 malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
MD5 | 7cbb3a951f83b7636cd7f2c1f5b4b62d
TFTP Broadband 4.3.0.1465 Unquoted Service Path
Posted May 10, 2021
Authored by Erick Galindo

TFTP Broadband version 4.3.0.1465 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 2a34eee910c493c82245123a01b12cae
Page 1 of 1
Back1Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    11 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close