what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2021-12-15

log4j-scan Extensive Scanner
Posted Dec 15, 2021
Authored by fullhunt | Site github.com

log4j-scan is fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts. It supports fuzzing for more than 60 HTTP request headers, JSON data parameters, and HTTP POST Data parameters. It also supports DNS callback for vulnerability discovery and validation and includes WAF bypass payloads.

tags | exploit, java, web
advisories | CVE-2021-44228
MD5 | 38c60c0e9aed9aa2f3b60859520e8318
Log4j Recognizer
Posted Dec 15, 2021
Authored by scitotec | Site github.com

This utility looks for log4j in the currently running JVM. It is useful for systems that allow plugins to introduce their own jars. Therefore, you can find if someone is using log4j with a dangerous version.

tags | tool, java
systems | unix
advisories | CVE-2021-44228
MD5 | 205512e169bfeadb2d5fc4f90e903b6e
Log4j Linux IoC Detector
Posted Dec 15, 2021
Authored by santosomar | Site github.com

This is a basic bash script to detect log4j indicators of compromise (IoCs) in Linux log files.

tags | java, system logging, bash
systems | linux, unix
advisories | CVE-2021-44228
MD5 | 5a76e044b5680eca4e92a01fa243c270
Minecraft Log4j Honeypot
Posted Dec 15, 2021
Authored by Adikso | Site github.com

This honeypot runs a fake Minecraft server waiting to be exploited with log4j. Payload classes are saved to the payloads/ directory.

tags | java, system logging
systems | unix
advisories | CVE-2021-44228
MD5 | 6169dd765f5e7361f46cd4cc52b5cf2e
Log4j Remote Code Execution Word Bypassing
Posted Dec 15, 2021
Authored by Puliczek | Site github.com

Log4j remote code execution exploit with a trick to bypass words blocking patches. Works on Log4j versions 2.14.1 and below.

tags | exploit, java, remote, code execution
advisories | CVE-2021-44228
MD5 | e9d14cbb1c1d1f75fc833cb2df4a3d44
L4sh Log4j Remote Code Execution
Posted Dec 15, 2021
Authored by cyberstruggle | Site github.com

Fully independent log4j exploit that does not require any 3rd party binaries. The exploit sprays the payload to all possible logged HTTP Headers such as X-Forwarding, Server-IP, User-Agent.

tags | exploit, java, web
advisories | CVE-2021-44228
MD5 | 5e90e8de3aa73653350d2132a2ddfad8
SAP Netweaver IUUC_GENERATE_ACPLAN_DELIMITER ABAP Code Injection
Posted Dec 15, 2021
Authored by Raschin Tavakoli | Site sec-consult.com

SAP Netweaver versions SAP DMIS in at least 2011_1_731 SP versions 0013 and below suffer from a remote ABAP code injection vulnerability in IUUC_GENERATE_ACPLAN_DELIMITER.

tags | exploit, remote
MD5 | 16ea84af7726144f99b1c64b6ea84e27
SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG ABAP Code Injection
Posted Dec 15, 2021
Authored by Raschin Tavakoli | Site sec-consult.com

SAP Netweaver version SAP DMIS 2011_1_731 SP 0013 suffers from a remote ABAP code injection vulnerability in IUUC_RECON_RC_COUNT_TABLE_BIG.

tags | exploit, remote
advisories | CVE-2021-33701
MD5 | 31865982a5896dc8aa6bc2517d0edaf0
SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG SQL Injection
Posted Dec 15, 2021
Authored by Raschin Tavakoli | Site sec-consult.com

SAP Netweaver suffers from a remote ADBC SQL injection vulnerability in IUUC_RECON_RC_COUNT_TABLE_BIG. Other software and various versions are also affected.

tags | exploit, remote, sql injection
advisories | CVE-2021-33701
MD5 | 9718ec8991952098b5ca8c34ba66bbce
OpenSSL Toolkit 1.1.1m
Posted Dec 15, 2021
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Made a change to avoid loading of a dynamic engine twice. Fixed building on Debian with kfreebsd kernels. Prioritized DANE TLSA issuer certs over peer certs. Fixed random API for MacOS prior to 10.12.
tags | tool, encryption, protocol
systems | unix
MD5 | 8ec70f665c145c3103f6e330f538a9db
OpenEMR 6.0.0 / 6.1.0-dev SQL Injection
Posted Dec 15, 2021
Authored by Stefan Pietsch | Site trovent.io

OpenEMR versions 6.0.0 and 6.1.0-dev suffer from an authenticated remote SQL injection vulnerability in the calendar search functionality.

tags | exploit, remote, sql injection
advisories | CVE-2021-41843
MD5 | b7a13a30aeb775263a8474635eae347a
Red Hat Security Advisory 2021-5142-02
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5142-02 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25719
MD5 | 2782d4ee7deed2d10de00a922a1a8349
Red Hat Security Advisory 2021-5140-04
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5140-04 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2021-44228
MD5 | 892a3e261b1c8c261773bc44c5e5d861
Red Hat Security Advisory 2021-5133-03
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5133-03 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.6.5 serves as a replacement for Red Hat AMQ Streams 1.6.4, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
MD5 | 5bbd46dab3f00474e0e5349901e19d81
Red Hat Security Advisory 2021-5137-03
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5137-03 - Openshift Logging Bug Fix Release. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-20673, CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2019-13750, CVE-2019-13751, CVE-2019-14615, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-0427, CVE-2020-10001, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-17541, CVE-2020-24370, CVE-2020-24502, CVE-2020-24503
MD5 | e8624eeaef6dbfa7084666bdef656607
Red Hat Security Advisory 2021-5138-04
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5138-04 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.8.4 serves as a replacement for Red Hat AMQ Streams 1.8.0, and includes security and bug fixes, and enhancements. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
MD5 | 3ea50c7348fe6d57237da3f4b60a1579
Red Hat Security Advisory 2021-5134-05
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5134-05 - This release of Red Hat Fuse 7.10.0 serves as a replacement for Red Hat Fuse 7.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, information leakage, memory leak, privilege escalation, server-side request forgery, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, memory leak
systems | linux, redhat
advisories | CVE-2019-10744, CVE-2019-12415, CVE-2020-11987, CVE-2020-11988, CVE-2020-13943, CVE-2020-13949, CVE-2020-15522, CVE-2020-17521, CVE-2020-17527, CVE-2020-26217, CVE-2020-26259, CVE-2020-27218, CVE-2020-27223, CVE-2020-27782, CVE-2020-28491, CVE-2020-2875, CVE-2020-2934, CVE-2020-35510, CVE-2020-9488, CVE-2021-20218, CVE-2021-21290, CVE-2021-21295, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344
MD5 | 2ec6c192f967aaba032e6430137aa593
Red Hat Security Advisory 2021-5132-02
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5132-02 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 8.2.2 replaces Data Grid 8.2.1 and includes bug fixes and enhancements. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
MD5 | e49bb9738fdf172426a649b03019ef7e
Red Hat Security Advisory 2021-5110-05
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5110-05 - The RHEL-8 based Cryostat container images have been updated with a security fix for "CVE-2020-26160 jwt-go: access restriction bypass vulnerability". Users of RHEL-8 based Cryostat container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs, and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images. You can find images updated by this advisory in Red Hat Ecosystem Catalog. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2020-26160
MD5 | 0469911b1c6b47788326407a8c610e1d
Red Hat Security Advisory 2021-5108-02
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5108-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
MD5 | c9f9f5ef62b9f9ebb9d8d81d685fdc22
Red Hat Security Advisory 2021-5093-03
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5093-03 - This release of Red Hat build of Eclipse Vert.x 4.1.5 SP1 includes security updates. For more information, see the release notes listed in the References section. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
MD5 | 6df9ee638d87fcb40b9f540158d99e8f
Red Hat Security Advisory 2021-5126-01
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5126-01 - This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix: log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value. Issues addressed include a code execution vulnerability.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2021-44228
MD5 | f14b2d95dc0f0eed8e346fa1fdeab7e3
Red Hat Security Advisory 2021-5129-06
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5129-06 - Openshift Logging Security and Bug Fix Release. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-17541, CVE-2020-24370, CVE-2020-35521, CVE-2020-35522, CVE-2020-35523, CVE-2020-35524, CVE-2020-36330, CVE-2020-36331
MD5 | b03a8bc5c6bc1a845e313324a78459e5
Red Hat Security Advisory 2021-5127-05
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5127-05 - Openshift Logging Security and Bug Fix Release. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-17541, CVE-2020-24370, CVE-2020-35521, CVE-2020-35522, CVE-2020-35523, CVE-2020-35524, CVE-2020-36330, CVE-2020-36331
MD5 | 4d0c9be93452d87a87822d30c8dbcac7
Red Hat Security Advisory 2021-5128-06
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5128-06 - Openshift Logging Security and Bug Fix Release. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-20673, CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-17541, CVE-2020-24370, CVE-2020-35521, CVE-2020-35522, CVE-2020-35523, CVE-2020-35524, CVE-2020-36330
MD5 | ae058ceaab6c0c1ebeca34699564e84b
Page 1 of 2
Back12Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    23 Files
  • 27
    Jan 27th
    24 Files
  • 28
    Jan 28th
    14 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close