what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files Date: 2021-05-14

Global Socket 1.4.30
Posted May 14, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Fixed a rare occasion where gs-netcat might consume 100% cpu load. Fixed OSX System Protection (workaround).
tags | tool, tcp
systems | unix
SHA-256 | 512c31ebafb9013dfaf82b0123e088f976d3c1b57658ea60a7c8825a1c4bf7c7
Chrome Array Transfer Bypass
Posted May 14, 2021
Authored by Google Security Research, Glazvunov

The fix for CVE-2021-21148 has added a check in |ValueSerializer::WriteJSArrayBuffer| to make sure non-detachable array buffers cannot be transferred. The check can be bypassed with the help of asm.js and property getters.

tags | exploit
advisories | CVE-2021-21148, CVE-2021-21156
SHA-256 | ae2637e1d681177334781f4a6b614cf249946bb30e4223a9dc2793a92ea03f86
Ubuntu Security Notice USN-4954-1
Posted May 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4954-1 - Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the POSIX regex implementation in the GNU C Library did not properly parse alternatives. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, osx, ubuntu
advisories | CVE-2009-5155, CVE-2020-6096
SHA-256 | 0d97bdfb094448b62a9b461045f71712af4a4388f17038f2bff95ef14f66f9a8
CPSIoTSec 2021 Call For Papers
Posted May 14, 2021
Site cpsiotsec.github.io

The Call For Papers has been announced for the 2nd Joint Workshop on CPS and IoT Security and Privacy (CPSIoTSec 2021). It will be held in Seoul, South Korea on November 15, 2021.

tags | paper, conference
SHA-256 | b06d8635ef575b104a9761e12224a79c99747d65270f61cbffee99241b943c7d
Student Management System 1.0 Cross Site Scripting
Posted May 14, 2021
Authored by Mohsen Khashei

Student Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c2ed968611aae4d67e270b9db8f422ff9b74bb04c9a82aac4b86423e0f559011
Ubuntu Security Notice USN-4953-1
Posted May 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4953-1 - Sean Boran discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to access sensitive information.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-1000501, CVE-2020-29600, CVE-2020-35176
SHA-256 | ac6176eda2562f663a4ae131506b3fc6577b2799f55437b5b195d6e4a3f3109c
Podcast Generator 3.1 Cross Site Scripting
Posted May 14, 2021
Authored by Aysenur Karaaslan

Podcast Generator version 3.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 840b593eef104807a7745abe50d24a7b92b240507d60f8d83ef4cac384676b7f
Red Hat Security Advisory 2021-1560-01
Posted May 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1560-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.6.4 serves as a replacement for Red Hat AMQ Streams 1.6.2, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a resource exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-28163, CVE-2021-28164, CVE-2021-28165
SHA-256 | 2ff7911ad453047cb62a6be2eef0f5b3914da0931d3a67bc77cbf2ba4e925c8e
Chamilo LMS 1.11.14 Remote Code Execution
Posted May 14, 2021
Authored by M. Cory Billington

Chamilo LMS version 1.11.14 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2021-31933
SHA-256 | 5acc13c23322a41001bab9b40d04275fecff5dd103b69fecf80f0e2b5f9ab152
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close