what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2022-02-01

Packet Storm New Exploits For January, 2022
Posted Feb 1, 2022
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 167 exploits added to Packet Storm in January, 2022.

tags | exploit
SHA-256 | 59424b5985270be954c39ce70a7b75882e806ee381f7b65bb3be2aacbd31cd2b
Cisco Small Business RV Series Authentication Bypass / Command Injection
Posted Feb 1, 2022
Authored by jbaines-r7, Takeshi Shiomitsu | Site metasploit.com

This Metasploit module exploits an authentication bypass (CVE-2021-1472) and command injection (CVE-2021-1473) in the Cisco Small Business RV series of VPN/routers. The device does not adequately verify the credentials in the HTTP Authorization field when requests are made to the /upload endpoint. Then the upload.cgi binary will use the contents of the HTTP Cookie field as part of a curl request aimed at an internal endpoint. The curl request is executed using popen and allows the attacker to inject commands via the Cookie field. A remote and unauthenticated attacker using this module is able to achieve code execution as www-data. This module affects the RV340, RV340w, RV345, and RV345P using firmware versions 1.0.03.20 and below.

tags | exploit, remote, web, cgi, code execution
systems | cisco
advisories | CVE-2021-1472, CVE-2021-1473
SHA-256 | d5c273af97dd2e97fb770967821e9b90847b04e11e1abb75510669721ee38b45
Ubuntu Security Notice USN-5259-1
Posted Feb 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5259-1 - It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker could possibly use this issue to perform a privilege escalation attack. Florian Weimer discovered that Cron incorrectly handled certain memory operations during crontab file creation. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-9525, CVE-2019-9704, CVE-2019-9705, CVE-2019-9706
SHA-256 | 7708b42ed0cb12cf75a820c930eeee446f370eea62c1f51b9719302793412a84
Ubuntu Security Notice USN-5260-1
Posted Feb 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5260-1 - Orange Tsai discovered that the Samba vfs_fruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code as root. Michael Hanselmann discovered that Samba incorrectly created directories. In certain configurations, a remote attacker could possibly create a directory on the server outside of the shared directory.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2021-43566, CVE-2021-44142, CVE-2022-0336
SHA-256 | 1150766a9f5acaee9066e266cb394d5fcb11a48e64845279538c22bdac77ac58
Ubuntu Security Notice USN-5260-2
Posted Feb 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5260-2 - Orange Tsai discovered that the Samba vfs_fruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code as root.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2021-44142
SHA-256 | 69faabb25cfae22c65e81b78d83b23a53e6dc20c613861ebb9a20102dff021b1
Red Hat Security Advisory 2022-0335-02
Posted Feb 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0335-02 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-4155
SHA-256 | 28ab25503628b93cc521824fbc1ee106e907622271239a73c240598166c82341
Gentoo Linux Security Advisory 202202-01
Posted Feb 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202202-1 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Versions less than 2.34.4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-1788, CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826, CVE-2021-1844, CVE-2021-1871, CVE-2021-21775, CVE-2021-21779, CVE-2021-21806, CVE-2021-30661, CVE-2021-30663, CVE-2021-30665, CVE-2021-30666, CVE-2021-30682, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744, CVE-2021-30749, CVE-2021-30758, CVE-2021-30761, CVE-2021-30762, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799, CVE-2021-30809
SHA-256 | d7b81acd976ea4556319720db72f4fff64adcb599b6250a5fa8a28bd2243c7c4
Red Hat Security Advisory 2022-0331-02
Posted Feb 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0331-02 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, protocol
systems | linux, redhat
advisories | CVE-2021-44142
SHA-256 | b8f30ccd23b3e0f66db6c5a7359357dd88cb0641e3f05cf3757237c4f4bfb800
Red Hat Security Advisory 2022-0325-02
Posted Feb 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0325-02 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a null pointer vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20196
SHA-256 | 2f756be831daa8b04039f8fa6ef306f944e0c3dcb2f24b69f92dcdd73479c8c7
Red Hat Security Advisory 2022-0330-03
Posted Feb 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0330-03 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, protocol
systems | linux, redhat
advisories | CVE-2021-44142
SHA-256 | b2f254aa360d7b8861c19b3c476da577a3c2b4bb3cd562551bc6ea8e7aa9d2ea
Red Hat Security Advisory 2022-0328-03
Posted Feb 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0328-03 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, protocol
systems | linux, redhat
advisories | CVE-2021-44142
SHA-256 | 4243661bbd489d368993c4c81e920d82efc02d858a7a20ff23c8f9407c54ca1f
Red Hat Security Advisory 2022-0329-03
Posted Feb 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0329-03 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, protocol
systems | linux, redhat
advisories | CVE-2021-44142
SHA-256 | aae3fdc17aec7fb3a0a2061effdd7bf6501d64cc49554d153cfa115981d9b7c8
Red Hat Security Advisory 2022-0332-02
Posted Feb 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0332-02 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, protocol
systems | linux, redhat
advisories | CVE-2021-44142
SHA-256 | 2fa894567eb4210f09e0e50a2f5c5bfd6dac89b01f090048afe409dda2e1a233
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close