what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

Files Date: 2021-12-06

Ubuntu Security Notice USN-5173-1
Posted Dec 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5173-1 - It was discovered that libmodbus incorrectly handled inputs. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-14462
MD5 | 601b2593d2653d53e96a9c8e2897bacd
Auerswald COMpact 8.0B Backdoors
Posted Dec 6, 2021
Site redteam-pentesting.de

RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access to the device. Versions 8.0B and below are affected.

tags | exploit, web
advisories | CVE-2021-40859
MD5 | e4c9651f9fb00e5022c3f5f8e57036f7
Ubuntu Security Notice USN-5172-1
Posted Dec 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5172-1 - It was discovered that uriparser mishandled certain input. An attacker could use this vulnerability to cause uriparser to crash or possibly execute arbitrary code. It was discovered that uriparser incorrectly handled certain URIs. An attacker could use this vulnerability to cause a crash or possibly leak sensitive information.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-19198, CVE-2018-20721
MD5 | b665785c4aa95ee4e2437ad46c171d01
Auerswald COMpact 8.0B Arbitrary File Disclosure
Posted Dec 6, 2021
Site redteam-pentesting.de

RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system. Versions 8.0B and below are affected.

tags | exploit, web
advisories | CVE-2021-40858
MD5 | 6b12631ec9252acedf7bd9b0f426869e
runc / libcontainer Bind Mount Sources Insecure Handling
Posted Dec 6, 2021
Authored by Google Security Research, Felix Wilhelm

The recent commit #9c4440 introduces two vulnerabilities to libcontainer that can be exploited by an attacker with partial control over the bind mount sources of a new container.

tags | exploit, vulnerability
advisories | CVE-2021-43784
MD5 | 7de968fb3e742581314cf7629bfd1f9c
Ubuntu Security Notice USN-5171-1
Posted Dec 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5171-1 - It was discovered that Long Range ZIP incorrectly handled certain specially crafted lrz files. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-8844, CVE-2018-10685, CVE-2018-5786
MD5 | 07e3fbd46037a8b0af7fb998bd30e0d3
Auerswald COMpact 8.0B Privilege Escalation
Posted Dec 6, 2021
Site redteam-pentesting.de

RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged users to access passwords of administrative user accounts. Affected versions include 8.0B and below.

tags | exploit, web
advisories | CVE-2021-40857
MD5 | 780f01dfb90eac4b20a7c3cab2d5e816
Auerswald COMfortel 1400/2600/3600 IP 2.8F Authentication Bypass
Posted Dec 6, 2021
Site redteam-pentesting.de

RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in the web-based management interface without authentication. Versions 2.8F and below are affected.

tags | exploit, web
advisories | CVE-2021-40856
MD5 | e626d4f344acc528a6cb77680384b9bd
Croogo 3.0.2 Remote Code Execution
Posted Dec 6, 2021
Authored by Deha Berkin Bir

Croogo version 3.0.2 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 6d2d1a5cf85bc8370d04c49ba21b5b7a
Microsoft Internet Explorer Active-X Control Security Bypass
Posted Dec 6, 2021
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Internet Explorer suffers from an active-x related bypass vulnerability. Microsoft will not address the issue as it is end of life.

tags | exploit, activex, bypass
MD5 | e68a94cb25733b4e5da3286a750a9fdb
Ubuntu Security Notice USN-5174-1
Posted Dec 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5174-1 - Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, remote, local, root
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25722, CVE-2021-3671
MD5 | 36154f364ec799ffdf2210a0c6ceff95
HCL Lotus Notes 12 Unquoted Service Path
Posted Dec 6, 2021
Authored by Mert Das

HCL Lotus Notes version 12 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 595d4dbaba8c15912ba9dc0af38e6123
Simple Online Men's Salon Management System 1.0 SQL Injection
Posted Dec 6, 2021
Authored by nu11secur1ty

Simple Online Men's Salon Management System version 1.0 appears to suffer from a time-based remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0ff9c235bb0c8f1fc99b9b6c56fd1d6d
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    23 Files
  • 27
    Jan 27th
    24 Files
  • 28
    Jan 28th
    14 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close