exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files Date: 2022-05-10

Samhain File Integrity Checker 4.4.9
Posted May 10, 2022
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added a fix for double newline stripping when reading from database.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 9f02f9145915ba4b5ef6657d539d3dbdbd9a4ad9fd35308bb9bb64509f6c4015
Printix 1.3.1106.0 Privileged API Abuse
Posted May 10, 2022
Authored by Logan Latvala | Site github.com

An "Incorrect Use of a Privileged API" vulnerability in PrintixService.exe in Printix's "Printix Secure Cloud Print Management" versions 1.3.1106.0 and below allows a local or remote attacker the ability change all HKEY Windows Registry values as SYSTEM context via the UITasks.PersistentRegistryData parameter.

tags | exploit, remote, local, registry
systems | windows
advisories | CVE-2022-25089
SHA-256 | e26119f8d98f860e7ac7059a0d25e15dfc9acdbc0d49faa1f612da8efaf64cdc
Printix 1.3.1106.0 Privilege Escalation
Posted May 10, 2022
Authored by Logan Latvala | Site github.com

A "Creation of Temporary Files in Directory with Insecure Permissions" vulnerability in PrintixService.exe in Printix's "Printix Secure Cloud Print Management" versions 1.3.1106.0 and below allows any logged in user to elevate any executable or file to the SYSTEM context. This is achieved by exploiting race conditions in the creation of the Installer's temp.ini file.

tags | exploit
advisories | CVE-2022-25090
SHA-256 | 962985a116482c4dadbf77096ef08deaadaf5eff443d79735b06e3812d725e3e
Spring4Shell Spring Framework Class Property Remote Code Execution
Posted May 10, 2022
Authored by vleminator | Site metasploit.com

Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions when running on JDK 9 or above and specifically packaged as a traditional WAR and deployed in a standalone Tomcat instance are vulnerable to remote code execution due to an unsafe data binding used to populate an object from request parameters to set a Tomcat specific ClassLoader. By crafting a request to the application and referencing the org.apache.catalina.valves.AccessLogValve class through the classLoader with parameters such as the following: class.module.classLoader.resources.context.parent.pipeline.first.suffix=.jsp, an unauthenticated attacker can gain remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2022-22965
SHA-256 | 4590ce696ecbca17f3c4027cb21a644324b71e6b9b2bc3d539bb3272e79bf2eb
Ubuntu Security Notice USN-5179-2
Posted May 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5179-2 - USN-5179-1 fixed vulnerabilities in BusyBox. This update provides the corresponding updates for Ubuntu 16.04 ESM. It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-28831
SHA-256 | 231b7864903eb6b1665e3f9a4804563f329ddd5b6254aaf2ab3e503703c713d6
Red Hat Security Advisory 2022-1756-01
Posted May 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1756-01 - Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20316, CVE-2021-44141
SHA-256 | dc6a993b4d4f9a0ace380c06387d7c7aec3a187df60f3e066c47e77d1e88fb98
Red Hat Security Advisory 2022-1747-01
Posted May 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-23177, CVE-2021-31566, CVE-2021-3999, CVE-2021-41771, CVE-2021-41772, CVE-2021-45960, CVE-2021-46143, CVE-2022-0778, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23218, CVE-2022-23219, CVE-2022-23308, CVE-2022-23852, CVE-2022-25235
SHA-256 | 9f53c43845e6989b1ee838b81e5c8b82022554a46d50f3d5c6ed2d4ad233ec23
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    32 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close