exploit the possibilities
Showing 1 - 25 of 40 RSS Feed

Files Date: 2021-06-03

Microsoft RDP Remote Code Execution
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Proof of concept exploit for a remote code execution vulnerability in Microsoft's RDP service.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2019-0708
MD5 | ba1bc2933bf6b851671dc70d3284245c
Exim base64d Buffer Overflow
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Exim versions prior to 4.90.1 remote buffer overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
advisories | CVE-2018-6789
MD5 | 6468b402efc15ca33e2db61638ca5cb9
Cisco SD-WAN vManage 19.2.2 Remote Root
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Cisco SD-WAN vManage version 19.2.2 remote root shell proof of concept exploit that leverages multiple vulnerabilities.

tags | exploit, remote, shell, root, vulnerability, proof of concept
systems | cisco
advisories | CVE-2020-3387, CVE-2020-3437
MD5 | a4bd588c350b9a327fc445d03fadab85
VMware ESXi OpenSLP Heap Overflow
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Proof of concept exploit for the OpenSLP heap overflow in VMware ESXi versions 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, and 6.5 before ESXi650-202102101-SG.

tags | exploit, overflow, proof of concept
advisories | CVE-2021-21974
MD5 | 74b3fa0ce957d3e82fb4eb6c32a6c8f6
Ubuntu Security Notice USN-4980-1
Posted Jun 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4980-1 - Kevin Backhouse discovered that polkit incorrectly handled errors in the polkit_system_bus_name_get_creds_sync function. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-3560
MD5 | 90a3ffe491849f5a84754e4a9c0f6641
Red Hat Security Advisory 2021-2229-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2229-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2020-25613, CVE-2021-28965
MD5 | cea33ad0e2b62557766732321333596d
Red Hat Security Advisory 2021-2230-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2230-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, information leakage, and insecure permissions vulnerabilities.

tags | advisory, web, denial of service, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255, CVE-2019-3881, CVE-2020-10663, CVE-2020-10933, CVE-2020-25613, CVE-2021-28965
MD5 | e3874da2921faf9eb845a84c5bf2d476
Wireshark Analyzer 3.4.6
Posted Jun 3, 2021
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: The Windows installers now ship with Npcap 1.31. They previously shipped with Npcap 1.10. The Windows installers now ship with Qt 5.15.2. They previously shipped with Qt 5.12.1. 6 bugs fixed and updated protocol support for DNP, DVB-S2-BB, ProtoBuf, PTP, QUIC, RANAP, and TACACS.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 93e5fca965b7fcd6642aba1f43b80dcd
Gstreamer Matroska Demuxing Use-After-Free
Posted Jun 3, 2021
Authored by Google Security Research, natashenka

Gstreamer suffers from a use-after-free vulnerability in Matroska demuxing.

tags | exploit
advisories | CVE-2021-3498
MD5 | 8295d83b0f5ff21a0ba7ec7f666eeee2
Red Hat Security Advisory 2021-2238-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2238-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3560
MD5 | 44ea276e2a9b9351b510e971657f91a3
Gitlab 13.9.3 Remote Code Execution
Posted Jun 3, 2021
Authored by enox

Gitlab version 13.9.3 authenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | ee6b4d90b2b1a37c5c9f993bb30af022
Red Hat Security Advisory 2021-2235-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2235-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-3551
MD5 | 77051894d54adad2878c960511e90f5c
Red Hat Security Advisory 2021-2237-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2237-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3560
MD5 | ce9c6e70684ac6688c8fe1576f7e4387
Red Hat Security Advisory 2021-2243-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2243-01 - Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-vendor plugin, and required libraries. This enhancement update adds the rust-toolset-1.49 packages to Red Hat Developer Tools. Issues addressed include double free and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-36317, CVE-2020-36318
MD5 | 777df082ece18a624d2ead49dd5cb7dd
4Images 1.8 Cross Site Scripting
Posted Jun 3, 2021
Authored by Piyush Patil

4Images version 1.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-27308
MD5 | 4674a7f7a4902040e42fa9c804d23d17
XAMPP File Overwrite Vulnerability
Posted Jun 3, 2021
Authored by Ravindu Priyankara

This is a whitepaper that details exploitation of the XAMPP file overwrite vulnerability.

tags | paper
MD5 | c3b9c97412d8a06b113be1ba255de4d6
Red Hat Security Advisory 2021-2239-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2239-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-25659, CVE-2020-28196, CVE-2020-36242
MD5 | 365f1ad26e6efd06364c29b4976ba110
FUDForum 3.1.0 Cross Site Scripting
Posted Jun 3, 2021
Authored by Piyush Patil

FUDForum version 3.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-27519, CVE-2021-27520
MD5 | 09961b6dcea24331be0b45002ad2a4c4
Red Hat Security Advisory 2021-2233-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2233-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.11.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-29967
MD5 | 866197a91446ad6261986ed4478850e6
Zeek 4.0.2
Posted Jun 3, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Five bug fixes and two denial of service conditions addressed.
tags | tool, intrusion detection
systems | unix
MD5 | d79d04932d6a656042fdb7e675dd0701
Red Hat Security Advisory 2021-2236-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2236-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3560
MD5 | 171dc563821d453b5508b8ea17ee3edf
Ubuntu Security Notice USN-4979-1
Posted Jun 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4979-1 - Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-25670, CVE-2020-25673, CVE-2021-28660, CVE-2021-28964, CVE-2021-28971, CVE-2021-28972, CVE-2021-29647, CVE-2021-31916, CVE-2021-33033, CVE-2021-3428, CVE-2021-3483
MD5 | 3034b897d2745e89ae5688e5b2c226c9
Ubuntu Security Notice USN-4978-1
Posted Jun 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4978-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, re-enable camera devices without an additional permission prompt, spoof the browser UI, or execute arbitrary code. It was discovered that filenames printed from private browsing mode were incorrectly retained in preferences. A local attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, spoof
systems | linux, ubuntu
advisories | CVE-2021-29959, CVE-2021-29960, CVE-2021-29966, CVE-2021-29967
MD5 | 01e79350aca3fc8a59ec16c81063b717
Ubuntu Security Notice USN-4977-1
Posted Jun 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4977-1 - Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-25670, CVE-2020-25673, CVE-2021-29155, CVE-2021-3501
MD5 | beb0471b09c906908cd367b5a8f72ecc
Red Hat Security Advisory 2021-2214-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2214-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.11.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-29967
MD5 | 80f50636a41191b52ed6664cda134dce
Page 1 of 2
Back12Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close