exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 40 RSS Feed

Files Date: 2021-06-03

Microsoft RDP Remote Code Execution
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Proof of concept exploit for a remote code execution vulnerability in Microsoft's RDP service.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2019-0708
SHA-256 | 6d22c79340f19a7303c4fe1251a1c8e3e6781fc8551886316a0e4e976e9a6dbf
Exim base64d Buffer Overflow
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Exim versions prior to 4.90.1 remote buffer overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
advisories | CVE-2018-6789
SHA-256 | ee8228224f1f993d6d2342e211a9be7a153342208313db672c854f83eba4d705
Cisco SD-WAN vManage 19.2.2 Remote Root
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Cisco SD-WAN vManage version 19.2.2 remote root shell proof of concept exploit that leverages multiple vulnerabilities.

tags | exploit, remote, shell, root, vulnerability, proof of concept
systems | cisco
advisories | CVE-2020-3387, CVE-2020-3437
SHA-256 | a39fed0dc5f1a0ca97a329bad76e86ccb0fe30addc423eef4129602dce1d82e6
VMware ESXi OpenSLP Heap Overflow
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Proof of concept exploit for the OpenSLP heap overflow in VMware ESXi versions 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, and 6.5 before ESXi650-202102101-SG.

tags | exploit, overflow, proof of concept
advisories | CVE-2021-21974
SHA-256 | 98867efbb2edfda9477bf58e3bab8759183c512ddba44753e9f0bd5f3ee885b5
Ubuntu Security Notice USN-4980-1
Posted Jun 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4980-1 - Kevin Backhouse discovered that polkit incorrectly handled errors in the polkit_system_bus_name_get_creds_sync function. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-3560
SHA-256 | 213aa71cd6a201e8682e8dbf373c1d8b5424d1a9f5b361afee5804eb127e94c3
Red Hat Security Advisory 2021-2229-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2229-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2020-25613, CVE-2021-28965
SHA-256 | 09cf314ddadf612a7ac6a39c7b50c8561ab57a1f8f3498ac527da04b443821a9
Red Hat Security Advisory 2021-2230-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2230-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, information leakage, and insecure permissions vulnerabilities.

tags | advisory, web, denial of service, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255, CVE-2019-3881, CVE-2020-10663, CVE-2020-10933, CVE-2020-25613, CVE-2021-28965
SHA-256 | 7f44016fa2acb5c0eef19435e7da178e870b55a93bc1aadb7ac11648d84d09ce
Wireshark Analyzer 3.4.6
Posted Jun 3, 2021
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: The Windows installers now ship with Npcap 1.31. They previously shipped with Npcap 1.10. The Windows installers now ship with Qt 5.15.2. They previously shipped with Qt 5.12.1. 6 bugs fixed and updated protocol support for DNP, DVB-S2-BB, ProtoBuf, PTP, QUIC, RANAP, and TACACS.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 12a678208f8cb009e6b9d96026e41a6ef03c7ad086b9e1029f42053b249b4628
Gstreamer Matroska Demuxing Use-After-Free
Posted Jun 3, 2021
Authored by Google Security Research, natashenka

Gstreamer suffers from a use-after-free vulnerability in Matroska demuxing.

tags | exploit
advisories | CVE-2021-3498
SHA-256 | c5185c2d6107c05661116151a51a24e93e1142b438889272be0f92a6c3fe8e61
Red Hat Security Advisory 2021-2238-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2238-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3560
SHA-256 | 5e9083d73e530734bf896a8a509c1112f48c10315ef95fd00b7e0fa2ad35bde5
Gitlab 13.9.3 Remote Code Execution
Posted Jun 3, 2021
Authored by enox

Gitlab version 13.9.3 authenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | caf8edec9ec8c7e7c6f9952908afef2e43a89a4f0838ce4fa452b92c75110fc9
Red Hat Security Advisory 2021-2235-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2235-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-3551
SHA-256 | eb391bd2d3303657fe6950aedc6b1211ef59ac3bac0d67d7aef5d5c2fd693a11
Red Hat Security Advisory 2021-2237-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2237-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3560
SHA-256 | 3c32ee1de3ef51edd28fe7a7bd1adf9921adc32272578d5fd2c7b2f10835bfb0
Red Hat Security Advisory 2021-2243-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2243-01 - Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-vendor plugin, and required libraries. This enhancement update adds the rust-toolset-1.49 packages to Red Hat Developer Tools. Issues addressed include double free and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-36317, CVE-2020-36318
SHA-256 | 0ed2d247ae96bf5cc06f1987e49ffc6e43939c9b63d8ff9063d3daaf2fcdbb46
4Images 1.8 Cross Site Scripting
Posted Jun 3, 2021
Authored by Piyush Patil

4Images version 1.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-27308
SHA-256 | f519b14402eb44d9f5a308b7def339e59c9e163f6a70a480d0f6eb8632b0c6f1
XAMPP File Overwrite Vulnerability
Posted Jun 3, 2021
Authored by Ravindu Priyankara

This is a whitepaper that details exploitation of the XAMPP file overwrite vulnerability.

tags | paper
SHA-256 | 599c840a9119e2c8108281701779707886926208b2da13457cc0150074c5afdf
Red Hat Security Advisory 2021-2239-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2239-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-25659, CVE-2020-28196, CVE-2020-36242
SHA-256 | 13b71d1ef01267b6c2e0fb4f7f3a0d82b98063134604c6dc75f8e5443dc0cbb3
FUDForum 3.1.0 Cross Site Scripting
Posted Jun 3, 2021
Authored by Piyush Patil

FUDForum version 3.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-27519, CVE-2021-27520
SHA-256 | fe7b64574dc2b81991d7b182c0da48971e6375658dd719d6d02f0db5b6c43e77
Red Hat Security Advisory 2021-2233-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2233-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.11.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-29967
SHA-256 | ce9a9a1018a56339479bcd12d5c0073ba9ee016d48d3db0c4b033019ecd0c90e
Zeek 4.0.2
Posted Jun 3, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Five bug fixes and two denial of service conditions addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | 550713a9d3fd348783f39c959af7e569164c95b96cc3be28d7d5557bdeebfd95
Red Hat Security Advisory 2021-2236-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2236-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3560
SHA-256 | e8bbbc7c3bf663e195be9b7e612688b70f2855d9e322dec18604ee2628e77563
Ubuntu Security Notice USN-4979-1
Posted Jun 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4979-1 - Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-25670, CVE-2020-25673, CVE-2021-28660, CVE-2021-28964, CVE-2021-28971, CVE-2021-28972, CVE-2021-29647, CVE-2021-31916, CVE-2021-33033, CVE-2021-3428, CVE-2021-3483
SHA-256 | 90a7c669862e49045b1de1c602699d7bb48ce1cffe8fc4484aa9b83a8c441860
Ubuntu Security Notice USN-4978-1
Posted Jun 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4978-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, re-enable camera devices without an additional permission prompt, spoof the browser UI, or execute arbitrary code. It was discovered that filenames printed from private browsing mode were incorrectly retained in preferences. A local attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, spoof
systems | linux, ubuntu
advisories | CVE-2021-29959, CVE-2021-29960, CVE-2021-29966, CVE-2021-29967
SHA-256 | ce7cb751faf214f237878175293abf7868671eed89542795ea494fa088d21830
Ubuntu Security Notice USN-4977-1
Posted Jun 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4977-1 - Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-25670, CVE-2020-25673, CVE-2021-29155, CVE-2021-3501
SHA-256 | e08eead12351b562c8393556b5d0d894119bfeac691f89307ba19ce69383d1de
Red Hat Security Advisory 2021-2214-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2214-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.11.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-29967
SHA-256 | 2af68b619e68343bd947935bef3bee43ccf842dee9cb8f5ebe381cafad6a2be4
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close