exploit the possibilities
Showing 1 - 13 of 13 RSS Feed

Files Date: 2021-07-01

Packet Storm New Exploits For June, 2021
Posted Jul 1, 2021
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 217 exploits added to Packet Storm in June, 2021.

tags | exploit
MD5 | 8cdee75fa80ead30de07c10f2d824f7d
TOR Virtual Network Tunneling Tool 0.4.6.6
Posted Jul 1, 2021
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: Tor 0.4.6.6 makes several small fixes on 0.4.6.5, including one that allows Tor to build correctly on older versions of GCC.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 7cc00f21c6da776da98d6b92de89e23e
Falco 0.29.1
Posted Jul 1, 2021
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 3 minor rule changes.
tags | tool, intrusion detection
systems | unix
MD5 | c815acae6550b3c0ebbf85ffaeea1a07
Docker Container Escape
Posted Jul 1, 2021
Authored by Christophe de la Fuente, Spencer McIntyre, Nick Frichette, Borys Poplawski, Adam Iwaniuk | Site metasploit.com

This Metasploit module leverages a flaw in runc to escape a Docker container and get command execution on the host as root. This vulnerability is identified as CVE-2019-5736. It overwrites the runc binary with the payload and waits for someone to use docker exec to get into the container. This will trigger the payload execution. Note that executing this exploit carries important risks regarding the Docker installation integrity on the target and inside the container.

tags | exploit, root
advisories | CVE-2019-5736
MD5 | 54b0ec13cde2be7ef0f09cb5fd1fa5d3
Ubuntu Security Notice USN-4905-2
Posted Jul 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4905-2 - USN-4905-1 fixed a vulnerability in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3472
MD5 | 782c6de0abd4e4ecbf16c037ab26708d
WordPress XCloner 4.2.12 Remote Code Execution
Posted Jul 1, 2021
Authored by Ron Jost

WordPress XCloner plugin version 4.2.12 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-35948
MD5 | 581e68bb604ff584a896a790f85b522f
WinWaste.NET 1.0.6183.16475 Local Privilege Escalation
Posted Jul 1, 2021
Authored by Andrea Intilangelo

WinWaste.NET version 1.0.6183.16475 allows a local unprivileged user to replace the executable with a malicious file that will be executed with LocalSystem privileges.

tags | exploit, local
advisories | CVE-2021-34110
MD5 | 8bfb28d74e827558dd843fd417bf057a
Red Hat Security Advisory 2021-2634-01
Posted Jul 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2634-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-33196
MD5 | d3be33d227544f663a98f375cab10423
Online Voting System 1.0 Remote Code Execution
Posted Jul 1, 2021
Authored by deathflash1411

Online Voting System version 1.0 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 06b7f378b9c0cd0ed30203d4fdb20e9b
Online Voting System 1.0 SQL Injection
Posted Jul 1, 2021
Authored by deathflash1411

Online Voting System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 62a549dfd165fd72a615881ca99f9506
Red Hat Security Advisory 2021-2517-01
Posted Jul 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2517-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.462. Issues addressed include XML injection, cross site request forgery, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2020-27216, CVE-2020-27218, CVE-2020-27223, CVE-2021-21642, CVE-2021-21643, CVE-2021-21644, CVE-2021-21645
MD5 | aa73b5835efa9ebd222364f886c48be6
Vianeos OctoPUS 5 SQL Injection
Posted Jul 1, 2021
Authored by Audencia Business School

Vianeos OctoPUS version 5 suffers from a remote time-based SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b23e2b025834a8ba12c912db046a0052
Samhain File Integrity Checker 4.4.5
Posted Jul 1, 2021
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed a memory leak introduced in 4.4.4.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 67ae752dc862c44a941be84fa5513fca
Page 1 of 1
Back1Next

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    12 Files
  • 30
    Jul 30th
    9 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close