exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

Files Date: 2021-07-30

Pi-Hole Remove Commands Linux Privilege Escalation
Posted Jul 30, 2021
Authored by h00die, Emanuele Barbeno | Site metasploit.com

Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters before passing to sed. When executed as the www-data user, this allows for a privilege escalation to root since www-data is in the sudoers.d/pihole file with no password.

tags | exploit, root
advisories | CVE-2021-29449
MD5 | dac4dfce514725aab909b2548e85e3ee
Panasonic Sanyo CCTV Network Camera 2.03-0x Cross Site Request Forgery
Posted Jul 30, 2021
Authored by LiquidWorm | Site zeroscience.mk

Panasonic Sanyo CCTV Network Camera version 2.03-0x allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. These actions can be exploited to perform authentication detriment and account password change with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web
MD5 | 144372220bfafa4d89dbf4f8e47b37df
Red Hat Security Advisory 2021-2965-01
Posted Jul 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2965-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.8 serves as a replacement for Red Hat Single Sign-On 7.4.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
MD5 | a0114d53b577918564cb95687a4409bb
Ubuntu Security Notice USN-5026-1
Posted Jul 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5026-1 - It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-18020, CVE-2021-36978
MD5 | 1df5275a8531c053a169685e8b2d82e6
Ubuntu Security Notice USN-5027-1
Posted Jul 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5027-1 - It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-32610
MD5 | e229b5ed152b516f5a258a11fdafd755
ObjectPlanet Opinio 7.13 Shell Upload
Posted Jul 30, 2021
Authored by Daniel Tan, Khor Yong Heng, Timothy Tan, Yu Enhui

ObjectPlanet Opinio version 7.13 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2020-26806
MD5 | 428a660ba8fcf617d5de88b7920acbe4
ObjectPlanet Opinio 7.13 Expression Language Injection
Posted Jul 30, 2021
Authored by Daniel Tan, Khor Yong Heng, Timothy Tan, Yu Enhui

ObjectPlanet Opinio version 7.13 suffers from an expression language injection vulnerability.

tags | exploit
advisories | CVE-2020-26565
MD5 | e4ac02c7c40ce27bf82fc181349ac136
ObjectPlanet Opinio 7.13 / 7.14 XML Injection
Posted Jul 30, 2021
Authored by Daniel Tan, Khor Yong Heng, Timothy Tan, Yu Enhui

ObjectPlanet Opinio versions 7.13 and 7.14 suffer from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2020-26564
MD5 | 42b0801a736a8c5f0e5d56cd04363a4e
Demystifying Nmap Scans At The Packet Level
Posted Jul 30, 2021
Authored by Aditya Srivastava | Site adityasrivastava2762.blogspot.com

This paper contains a step by step detailed walk-through of different nmap scanning techniques and how the nmap traffic looks like in wireshark for each scan. The objective of documenting the paper is to get a better understanding of packets while initiating any nmap scan so that it can help in bypassing firewalls or debugging what went wrong between the source and destination. It can also help in writing basic firewall rules.

tags | paper
MD5 | d7c2cc86d7a9d259f00455f3d755ec57
Page 1 of 1
Back1Next

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    12 Files
  • 30
    Jul 30th
    9 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close