exploit the possibilities
Showing 1 - 13 of 13 RSS Feed

Files Date: 2021-05-10

Ubuntu Security Notice USN-4940-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4940-1 - It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14343
MD5 | 5c9054e5dcb84fcca5e0b7bb231e1dfd
Botan C++ Crypto Algorithms Library 2.18.1
Posted May 10, 2021
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Fixed a build regression in 2.18.0. Fixed a bug which caused decoding a certificate which contained more than one name in a single RDN. Fixed a bug which caused OID lookup failures when run in a locale which uses thousands separators. Fixed an issue where DNS names in name constraints were compared with case sensitivity, which could cause valid certificates to be rejected. A couple of X.509 fixes as well.
tags | library
MD5 | 77c558179f276273e0bf39ef941d36c5
TestSSL 3.0.5
Posted May 10, 2021
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Fixed off by one error in HSTS. Fixed minor output inconsistency in JSON output. Improved compatibility for OpenSSL 3.0. Fixed localization issue for ciphers. Various other updates and fixes.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 85b7b8a6e133d634247b01fd085c8134
AWS CloudShell Terminal Escape Injection / Remote Code Execution
Posted May 10, 2021
Authored by Google Security Research, Felix Wilhelm

The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance.

tags | exploit, remote, javascript, code execution
MD5 | a07ebf4a753f14e46c966e23a4c3cf0b
Ubuntu Security Notice USN-4939-1
Posted May 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4939-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-1788
MD5 | af4558d62abbfd5bae4e9822b097ced0
OpenNetAdmin 18.1.1 Remote Command Execution
Posted May 10, 2021
Authored by Alexandre Zanni

OpenNetAdmin versions 8.5.14 through 18.1.1 remote command execution exploit written in Ruby. This exploit was based on the original discovery of the issue by mattpascoe.

tags | exploit, remote, ruby
MD5 | b2ea2bd02abebc013ca6ae8665950e12
Human Resource Information System 0.1 Cross Site Scripting
Posted May 10, 2021
Authored by Reza Afsahi

Human Resource Information System version 0.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | b3c43dae4a9a9d7796907d56e01016b2
Microweber CMS 1.1.20 Remote Code Execution
Posted May 10, 2021
Authored by sl1nki

Microweber CMS versions 1.1.20 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-28337
MD5 | 0063a431388f4fe7ccd8fa8d5d7c584a
Mikrotik RouterOS 6.46.5 Memory Corruption / Assertion Failure
Posted May 10, 2021
Authored by Qian Chen

MikroTik RouterOS version 6.46.5 suffers from an assertion failure and multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2020-20214, CVE-2020-20222, CVE-2020-20236, CVE-2020-20237
MD5 | f448d3ff32e6262a60ea1772af463096
Backdoor.Win32.Antilam.13.a Code Execution
Posted May 10, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Antilam.13.a malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
MD5 | 90c772b53bfed8c530e96eb7f674a3a4
Linux/x86 setreuid(0) / execve("/bin/sh") Shellcode
Posted May 10, 2021
Authored by Artur Szymczak

29 bytes small Linux/x86 shellcode that performs setreuid to 0 and then executes /bin/sh.

tags | x86, shellcode
systems | linux
MD5 | fb31f0e9f1ee8031f9ee3bdc1516a790
Backdoor.Win32.MotivFTP.12 Authentication Bypass / Code Execution
Posted May 10, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.MotivFTP.12 malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
MD5 | 7cbb3a951f83b7636cd7f2c1f5b4b62d
TFTP Broadband Unquoted Service Path
Posted May 10, 2021
Authored by Erick Galindo

TFTP Broadband version suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 2a34eee910c493c82245123a01b12cae
Page 1 of 1

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    23 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By