what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files Date: 2021-05-14

Global Socket 1.4.30
Posted May 14, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Fixed a rare occasion where gs-netcat might consume 100% cpu load. Fixed OSX System Protection (workaround).
tags | tool, tcp
systems | unix
SHA-256 | 512c31ebafb9013dfaf82b0123e088f976d3c1b57658ea60a7c8825a1c4bf7c7
Chrome Array Transfer Bypass
Posted May 14, 2021
Authored by Google Security Research, Glazvunov

The fix for CVE-2021-21148 has added a check in |ValueSerializer::WriteJSArrayBuffer| to make sure non-detachable array buffers cannot be transferred. The check can be bypassed with the help of asm.js and property getters.

tags | exploit
advisories | CVE-2021-21148, CVE-2021-21156
SHA-256 | ae2637e1d681177334781f4a6b614cf249946bb30e4223a9dc2793a92ea03f86
Ubuntu Security Notice USN-4954-1
Posted May 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4954-1 - Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the POSIX regex implementation in the GNU C Library did not properly parse alternatives. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, osx, ubuntu
advisories | CVE-2009-5155, CVE-2020-6096
SHA-256 | 0d97bdfb094448b62a9b461045f71712af4a4388f17038f2bff95ef14f66f9a8
CPSIoTSec 2021 Call For Papers
Posted May 14, 2021
Site cpsiotsec.github.io

The Call For Papers has been announced for the 2nd Joint Workshop on CPS and IoT Security and Privacy (CPSIoTSec 2021). It will be held in Seoul, South Korea on November 15, 2021.

tags | paper, conference
SHA-256 | b06d8635ef575b104a9761e12224a79c99747d65270f61cbffee99241b943c7d
Student Management System 1.0 Cross Site Scripting
Posted May 14, 2021
Authored by Mohsen Khashei

Student Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c2ed968611aae4d67e270b9db8f422ff9b74bb04c9a82aac4b86423e0f559011
Ubuntu Security Notice USN-4953-1
Posted May 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4953-1 - Sean Boran discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to access sensitive information.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-1000501, CVE-2020-29600, CVE-2020-35176
SHA-256 | ac6176eda2562f663a4ae131506b3fc6577b2799f55437b5b195d6e4a3f3109c
Podcast Generator 3.1 Cross Site Scripting
Posted May 14, 2021
Authored by Aysenur Karaaslan

Podcast Generator version 3.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 840b593eef104807a7745abe50d24a7b92b240507d60f8d83ef4cac384676b7f
Red Hat Security Advisory 2021-1560-01
Posted May 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1560-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.6.4 serves as a replacement for Red Hat AMQ Streams 1.6.2, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a resource exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-28163, CVE-2021-28164, CVE-2021-28165
SHA-256 | 2ff7911ad453047cb62a6be2eef0f5b3914da0931d3a67bc77cbf2ba4e925c8e
Chamilo LMS 1.11.14 Remote Code Execution
Posted May 14, 2021
Authored by M. Cory Billington

Chamilo LMS version 1.11.14 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2021-31933
SHA-256 | 5acc13c23322a41001bab9b40d04275fecff5dd103b69fecf80f0e2b5f9ab152
Page 1 of 1
Back1Next

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close