exploit the possibilities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2021-11-16

Sitecore Experience Platform (XP) Remote Code Execution
Posted Nov 16, 2021
Authored by gwillcox-r7, AssetNote | Site metasploit.com

This Metasploit module exploits a deserialization vulnerability in the Report.ashx page of Sitecore XP 7.5 to 7.5.2, 8.0 to 8.0.7, 8.1 to 8.1.3, and 8.2 to 8.2.7. Versions 7.2.6 and earlier and 9.0 and later are not affected. The vulnerability occurs due to Report.ashx's handler, located in Sitecore.Xdb.Client.dll under the Sitecore.sitecore.shell.ClientBin.Reporting.Report definition, having a ProcessRequest() handler that calls ProcessReport() with the context of the attacker's request without properly checking if the attacker is authenticated or not. This request then causes ReportDataSerializer.DeserializeQuery() to be called, which will end up calling the DeserializeParameters() function of Sitecore.Analytics.Reporting.ReportDataSerializer, if a "parameters" XML tag is found in the attacker's request. Then for each subelement named "parameter", the code will check that it has a name and if it does, it will call NetDataContractSerializer().ReadObject on it. NetDataContractSerializer is vulnerable to deserialization attacks and can be trivially exploited by using the TypeConfuseDelegate gadget chain. By exploiting this vulnerability, an attacker can gain arbitrary code execution as the user that IIS is running as, aka NT AUTHORITY\NETWORK SERVICE. Users can then use technique 4 of the "getsystem" command to use RPCSS impersonation and get SYSTEM level code execution.

tags | exploit, arbitrary, shell, code execution
advisories | CVE-2021-42237
MD5 | cdadfd61899fe57ebdfb290f0c923b2b
Red Hat Security Advisory 2021-4687-02
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4687-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385
MD5 | 06129973440262186fe9c03e031eeaa5
Red Hat Security Advisory 2021-4692-02
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4692-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-36385, CVE-2021-3653
MD5 | 099d1ce8175e8a2b268c39f553a0b6c4
Online Learning System 2.0 Remote Code Execution
Posted Nov 16, 2021
Authored by djebbaranon

Online Learning System version 2.0 remote code execution exploit that leverages SQL injection, authentication bypass, and file upload vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection, file upload
advisories | CVE-2021-42580
MD5 | f1d60fe020db91363e34d8e5e5d028e1
Red Hat Security Advisory 2021-4694-01
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4694-01 - Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
MD5 | 916070d7fd1a5e624e6378e07d50cd1a
Online Reviewer System 2.4.0 SQL Injection
Posted Nov 16, 2021
Authored by nu11secur1ty

Online Reviewer System version 2.4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e0d67c854d6f65ba496fbc8683da167c
Red Hat Security Advisory 2021-4686-01
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4686-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, web, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-30858
MD5 | 2ad254234ea3cd25e075e0db894e8683
Red Hat Security Advisory 2021-4676-01
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4676-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, java, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-30129, CVE-2021-3629, CVE-2021-3717, CVE-2021-37714
MD5 | 0bf5111ec26f5a268c19ac49b1367322
CMDBuild 3.3.2 Cross Site Scripting
Posted Nov 16, 2021
Authored by Hosein Vita

CMDBuild version 3.3.2 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5c78cbeb9008e6af507f9096fd21c949
Red Hat Security Advisory 2021-4679-01
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4679-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, java, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-30129, CVE-2021-3629, CVE-2021-3717, CVE-2021-37714
MD5 | cda8b431767d1c91cc1d7236e64c8925
Red Hat Security Advisory 2021-4677-01
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4677-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, java, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-30129, CVE-2021-3629, CVE-2021-3717, CVE-2021-37714
MD5 | 53daa4a7aac9e0c64e9da84ce872055f
Pass-The-Hash Attack On Named Pipes Against ESET Server Security
Posted Nov 16, 2021
Authored by Aldair Raya Del Rio

Whitepaper called Pass-The-Hash Attack on Named Pipes against ESET Server Security. Written in Spanish.

tags | paper
MD5 | b56a15df6a1ab6e946ee84af7dceeabd
Page 1 of 1
Back1Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close