what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2021-05-10

Ubuntu Security Notice USN-4940-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4940-1 - It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14343
SHA-256 | 26cf20568e9046c31cde4f52b3870ffa8d590f4ecc4378cfff3a9ec384cb0f1c
Botan C++ Crypto Algorithms Library 2.18.1
Posted May 10, 2021
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Fixed a build regression in 2.18.0. Fixed a bug which caused decoding a certificate which contained more than one name in a single RDN. Fixed a bug which caused OID lookup failures when run in a locale which uses thousands separators. Fixed an issue where DNS names in name constraints were compared with case sensitivity, which could cause valid certificates to be rejected. A couple of X.509 fixes as well.
tags | library
SHA-256 | f8c7b46222a857168a754a5cc329bb780504122b270018dda5304c98db28ae29
TestSSL 3.0.5
Posted May 10, 2021
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Fixed off by one error in HSTS. Fixed minor output inconsistency in JSON output. Improved compatibility for OpenSSL 3.0. Fixed localization issue for ciphers. Various other updates and fixes.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 9de744fe0e51a03d42fa85e4b83340948baeaa7080427f90b0efd23e9106fece
AWS CloudShell Terminal Escape Injection / Remote Code Execution
Posted May 10, 2021
Authored by Google Security Research, Felix Wilhelm

The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance.

tags | exploit, remote, javascript, code execution
SHA-256 | f02320214893002ab2b97694c08e9e2330bbb20f2f2bada5f83933c577f951ef
Ubuntu Security Notice USN-4939-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4939-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-1788
SHA-256 | 9808bdce300a9783018e8b90afd7130708b041ed1c748ae8fe4bb4d22a224efa
OpenNetAdmin 18.1.1 Remote Command Execution
Posted May 10, 2021
Authored by Alexandre Zanni

OpenNetAdmin versions 8.5.14 through 18.1.1 remote command execution exploit written in Ruby. This exploit was based on the original discovery of the issue by mattpascoe.

tags | exploit, remote, ruby
SHA-256 | b82e6c61d40806f2604b1313677e7f7e64221c2886c94d83d210370a8aca9611
Human Resource Information System 0.1 Cross Site Scripting
Posted May 10, 2021
Authored by Reza Afsahi

Human Resource Information System version 0.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ddb51fb8202a76c1f1909c82abbb4a55bf1080b4054cf8017b7fc8cd8799f20a
Microweber CMS 1.1.20 Remote Code Execution
Posted May 10, 2021
Authored by sl1nki

Microweber CMS versions 1.1.20 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-28337
SHA-256 | a612c495257e9218a10262196d355c948092ecce519d2e6039de49d57d829f69
Mikrotik RouterOS 6.46.5 Memory Corruption / Assertion Failure
Posted May 10, 2021
Authored by Qian Chen

MikroTik RouterOS version 6.46.5 suffers from an assertion failure and multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2020-20214, CVE-2020-20222, CVE-2020-20236, CVE-2020-20237
SHA-256 | a64685676fca951c82952a48568cc23b987ea04f6128ac9fa93f1d10f7bfbe11
Backdoor.Win32.Antilam.13.a MVID-2021-0204 Code Execution
Posted May 10, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.13.a malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | d4d9790804f4aaa936d0e8f8677daa344a863454976e162e25e3eaf7eb0f6d5f
Linux/x86 setreuid(0) / execve("/bin/sh") Shellcode
Posted May 10, 2021
Authored by Artur Szymczak

29 bytes small Linux/x86 shellcode that performs setreuid to 0 and then executes /bin/sh.

tags | x86, shellcode
systems | linux
SHA-256 | e6a46129d157e756ab079a8bd8c0b4fb71e4329d98e97809fa092cf1d9ec5876
Backdoor.Win32.MotivFTP.12 MVID-2021-0203 Authentication Bypass / Code Execution
Posted May 10, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.MotivFTP.12 malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
SHA-256 | c42130ba76914e5d9d1d36d47d46f373aa705da2515d9ebf4fc32b2b4d39382a
TFTP Broadband Unquoted Service Path
Posted May 10, 2021
Authored by Erick Galindo

TFTP Broadband version suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | fa82717b2a4daf6f38e42a5d6faf3c0f6245580019a66ac9a5b41dcddeb6e0c1
Page 1 of 1

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By