what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2022-02-18

Ubuntu Security Notice USN-5295-1
Posted Feb 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5295-1 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, unix, ubuntu
advisories | CVE-2021-22600, CVE-2021-4083, CVE-2021-4155, CVE-2022-0330, CVE-2022-22942
SHA-256 | b547d8a973a224e901b06eaeedecd20d12b7bfbede9c1be88b6689532cb1a805
WordPress MasterStudy LMS 2.7.5 Account Creation
Posted Feb 18, 2022
Authored by numan turle

WordPress MasterStudy LMS plugin version 2.7.5 suffers from a missing access control allowing an unauthenticated party the ability to create an administrative account.

tags | exploit
advisories | CVE-2022-0441
SHA-256 | a3a490fa31272315dc3b33abac3a970e548d08d2ce2376d9748f5e401a62604f
WordPress UpdraftPlus 1.22.2 Backup Disclosure
Posted Feb 18, 2022
Authored by Marc Montpass | Site wordfence.com

WordPress UpdraftPlus versions 1.16.7 through 1.22.2 suffer from a backup disclosure vulnerability.

tags | advisory, info disclosure
advisories | CVE-2022-0633
SHA-256 | b497726806b3d3cd3a57bcd3b91fab0d6c64ec521a48183b3477b06789862f15
Ubuntu Security Notice USN-5292-3
Posted Feb 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5292-3 - USN-5292-1 fixed several vulnerabilities in snapd. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local attacker could possibly use this issue to inject arbitrary AppArmor policy rules, resulting in a bypass of intended access restrictions. The Qualys Research Team discovered that snapd did not properly validate the location of the snap-confine binary. A local attacker could possibly use this issue to execute other arbitrary binaries and escalate privileges. The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing a private mount namespace for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-3155, CVE-2021-4120, CVE-2021-44730, CVE-2021-44731
SHA-256 | 23fb2407472813360c266bf4444366a9b1f39826d88b86b3b54675092a32d4ec
WordPress dzs-zoomsounds 6.60 Shell Upload
Posted Feb 18, 2022
Authored by Overthinker1877

WordPress dzs-zoomsounds plugin version 6.60 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 6e96492b3bf0c53feb2e28da2e7826b4b660705ff00d0ce838e33bbfbb07bf95
Ubuntu Security Notice USN-5292-2
Posted Feb 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5292-2 - USN-5292-1 fixed vulnerabilities in snapd. This update provides the corresponding update for the riscv64 architecture. James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-3155, CVE-2021-4120, CVE-2021-44730, CVE-2021-44731
SHA-256 | 0c6bd21fafc633dfdaa09088d54dc04cc7a81354d0f9a2be6b57f8f4dccd6efa
Fortinet Fortimail 7.0.1 Cross Site Scripting
Posted Feb 18, 2022
Authored by Braiant Giraldo Villa

Fortinet Fortimail version 7.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-43062
SHA-256 | 7f8798b7aa7700d879a636522b5f36adeafdc2272b48d2974f728dabead950cd
Ubuntu Security Notice USN-5294-1
Posted Feb 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5294-1 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-22600, CVE-2021-39685, CVE-2021-4083, CVE-2021-4155, CVE-2021-4202, CVE-2021-43975, CVE-2022-0330, CVE-2022-22942
SHA-256 | 1366df82d8fcd6815d5088e53ffe7f4c0a5200426d7806e8827105451bd46108
Ubuntu Security Notice USN-5292-1
Posted Feb 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5292-1 - James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local attacker could possibly use this issue to inject arbitrary AppArmor policy rules, resulting in a bypass of intended access restrictions.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2021-3155, CVE-2021-4120, CVE-2021-44730, CVE-2021-44731
SHA-256 | cd903c8b5359411ecb8e840d467ea204ce37f54e4b2751f2d53a192802d1ce9d
Hotel Druid 3.0.3 Remote Code Execution
Posted Feb 18, 2022
Authored by 0z09e

Hotel Druid version 3.0.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2022-22909
SHA-256 | 7744db6e72d7f36eeaaf02fcc2e34ca731580136eb6a6685b03172941236ce62
Red Hat Security Advisory 2022-0580-01
Posted Feb 18, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0580-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-4658, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-24370, CVE-2021-20231, CVE-2021-20232, CVE-2021-20271, CVE-2021-22876, CVE-2021-22898, CVE-2021-22925, CVE-2021-27645, CVE-2021-28153, CVE-2021-3200, CVE-2021-33560, CVE-2021-33574
SHA-256 | 14e508f8b5ba4605bd8db42f72278f20a3b7e049cd664a90973860fae75556f7
OPENSSLDIR Privilege Escalation
Posted Feb 18, 2022
Authored by Marlon Petry

Whitepaper called OPENSSLDIR - The adventures of hidden folder to privilege escalation.

tags | paper
advisories | CVE-2021-2307
SHA-256 | 169de44bba1064b1fdf63754db8a9eba9c5bd777fa8e4e5dd12cb47dfe4af528
Cosmetics And Beauty Product Online Store 1.0 SQL Injection
Posted Feb 18, 2022
Authored by nu11secur1ty

Cosmetics and Beauty Product Online Store version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8c96834a21c7c1412cd4faf4cbbcbefa7d9d6c0ab4c866b01e5136099c7e1647
Cosmetics And Beauty Product Online Store 1.0 Cross Site Scripting
Posted Feb 18, 2022
Authored by nu11secur1ty

Cosmetics and Beauty Product Online Store version 1.0 suffers from an html injection vulnerability that may allow for cross site scripting attacks.

tags | exploit, xss
SHA-256 | 57638540f832830c3b440d78b2f5475814d86031a79a01dbb9864f7e31ab7ac5
Solaris/SPARC chmod() Shellcode
Posted Feb 18, 2022
Authored by Marco Ivaldi

64 bytes small Solaris/SPARC setuid(0) + chmod (/bin/ksh) + exit(0) shellcode.

tags | shellcode
systems | solaris
SHA-256 | ac0a8ce6fdd207649a67626e1818a1afd680783d1a46fb94677718a1d1994210
Solaris/SPARC execve() Shellcode
Posted Feb 18, 2022
Authored by Marco Ivaldi

60 bytes small Solaris/SPARC setuid(0) + execve (/bin/ksh) shellcode.

tags | shellcode
systems | solaris
SHA-256 | d785c150823ddd32cb42d29580182ea9055608bea403fff7662eca6bf006f946
Linux/MIPS N32 MSB Reverse Shell Shellcode
Posted Feb 18, 2022
Authored by Marco Ivaldi

Linux/MIPS N32 MSB reverse shell shellcode that showcases various techniques to avoid badchars.

tags | shell, shellcode
systems | linux
SHA-256 | b1b0100dc2ab1910886ea650ac52df457851a4b14a3d07a98e33678c077b6d6e
Solaris/SPARC chmod() Shellcode
Posted Feb 18, 2022
Authored by Marco Ivaldi

Solaris/SPARC chmod() shellcode with a max size of 36 bytes.

tags | shellcode
systems | solaris
SHA-256 | 844bef47108ea6b399c1949416ca0526422e2fc8ce504d583c3f36aaa4144470
TOSHIBA DVD PLAYER Navi Support Service 1.00.0000 Unquoted Service Path
Posted Feb 18, 2022
Authored by SamAlucard

TOSHIBA DVD PLAYER Navi Support Service version 1.00.0000 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 2cc1d1500b86df40a56c75f038edc816da6770b8e20d92d568bd6cf54a307371
Bluetooth Application 5.4.277 Unquoted Service Path
Posted Feb 18, 2022
Authored by SamAlucard

Bluetooth Application version 5.4.277 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 64649e4b03d676074e058a4bea1629b478b9bf31f364383beb81f3e04a484dd8
File Santizer For HP ProtectTools 5.0.1.3 Unquoted Service Path
Posted Feb 18, 2022
Authored by SamAlucard

File Sanitizer for HP ProtectTools version 5.0.1.3 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 75b26f7c0d16235054a3bca106f8e5ac092ce5691cfad937f93f63af339eb225
Intel Management Engine Components 6.0.0.1189 Unquoted Service Path
Posted Feb 18, 2022
Authored by SamAlucard

Intel Management Engine Components version 6.0.0.1189 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | aa2df716adf81cc23d4c42c366ac98e98cb2749914b61ff2e6120564771c8fa8
Connectify Hotspot 2018 Unquoted Service Path
Posted Feb 18, 2022
Authored by SamAlucard

Connectify Hotspot 2018 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 5c8e18583e7d44bd1da428fa8bcf86559a8aafd3b288374ca36284015731ccc2
Wondershare Dr.Fone 11.4.9 Unquoted Service Path
Posted Feb 18, 2022
Authored by Luis Martinez

Wondershare Dr.Fone version 11.4.9 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 106d0419943583c10a56662e06074859f3acce2402478d51934b850d8ab8a3dd
Wondershare MobileTrans 3.5.9 Unquoted Service Path
Posted Feb 18, 2022
Authored by Luis Martinez

Wondershare MobileTrans 3.5.9 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 08be95dd8b24bfc66887fde06b5d3154e9353d19ee69f3fce7e7a634c84bd765
Page 1 of 2
Back12Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    6 Files
  • 24
    Mar 24th
    47 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close