what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 65 RSS Feed

Files Date: 2022-06-20

SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting
Posted Jun 20, 2022
Authored by Steffen Robertz | Site sec-consult.com

SIEMENS-SINEMA Remote Connect versions 3.0.1.0-01.01.00.02 and below suffer from a cross site scripting vulnerability.

tags | exploit, remote, xss
advisories | CVE-2022-29034
SHA-256 | a3bce9850f8342f5aa74a6bc3820d1c8dfe51fd338fcf68fc68e9703dfacb807
Ubuntu Security Notice USN-5486-1
Posted Jun 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5486-1 - It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2021-0127, CVE-2021-0145, CVE-2021-0146, CVE-2021-33117, CVE-2021-33120, CVE-2022-21127, CVE-2022-21151, CVE-2022-21166
SHA-256 | 7154bcd5aff205c57ae30b210e1bde57d7de007b20d635b85df4852970237c7e
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor
Posted Jun 20, 2022
Authored by T. Weber | Site sec-consult.com

Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components.

tags | exploit
advisories | CVE-2015-0235, CVE-2015-7547, CVE-2015-9261, CVE-2017-16544, CVE-2022-32985
SHA-256 | 811819aa67b6ad1bef552d7cc55544b3fd1c366dc092a396d3d23c2d49bd1e36
Kernel Live Patch Security Notice LSN-0087-1
Posted Jun 20, 2022
Authored by Benjamin M. Romer

Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2022-1966, CVE-2022-1972
SHA-256 | da3d1ebf8a062796a4bf895e4a7b5810ebe229e969e2a6e2a191ecc53f90dbfe
Lepin EP-KP001 KP001_V19 Authentication Bypass
Posted Jun 20, 2022
Authored by Matthias Deeg | Site syss.de

When analyzing the USB flash drive Lepin EP-KP001, Matthias Deeg found out that it uses an insecure hardware design which allows an attacker to bypass the password-based user authentication.

tags | exploit
advisories | CVE-2022-29948
SHA-256 | aab63ef3bc7b1c7a28a491f23ff3e38331ea8654041288aca94a8bd6d5435366
Ubuntu Security Notice USN-5485-1
Posted Jun 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5485-1 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-21123, CVE-2022-21125, CVE-2022-21166
SHA-256 | 712ea0fa8cca54c56dcdee1163b6c9f9af4877ee2b821344703659e1956a2b24
Red Hat Security Advisory 2022-4947-01
Posted Jun 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4947-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.59. Issues addressed include cross site scripting and memory exhaustion vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2022-1708, CVE-2022-29036, CVE-2022-29046
SHA-256 | d1ce1176e259b983636a9265a4a9cdd09184aa0d9186c1f832c5cc5af990572c
Mitel 6800/6900 Series SIP Phones Backdoor Access
Posted Jun 20, 2022
Authored by Moritz Abrell | Site syss.de

Mitel 6800/6900 Series SIP Phones excluding 6970 and Mitel 6900 Series IP (MiNet) Phones have a flow to spawn a telnet backdoor on the device with a static root password enabled. Affected versions include Rel 5.1 SP8 (5.1.0.8016) and earlier, Rel 6.0 (6.0.0.368) to 6.1 HF4 (6.1.0.165), and MiNet 1.8.0.12 and earlier.

tags | exploit, root
advisories | CVE-2022-29854, CVE-2022-29855
SHA-256 | f64facd6fb1f0b3cf63d9849292f052e8efccb8ebd488f773fe95e1a28e11171
Verbatim Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 Insufficient Verification
Posted Jun 20, 2022
Authored by Matthias Deeg | Site syss.de

When analyzing the Verbatim Executive Fingerprint Secure SSD, Matthias Deeg found out that the content of the emulated CD-ROM drive containing the Windows and macOS client software can be manipulated. The content of this emulated CD-ROM drive is stored as ISO-9660 image in the "hidden" sectors of the USB drive that can only be accessed using special IOCTL commands, or when installing the drive in an external disk enclosure.

tags | advisory
systems | windows
advisories | CVE-2022-28385
SHA-256 | 26ff4e832d69529801ce9581fa340d311be8da080d073cf03ef28644ddb30a51
Ubuntu Security Notice USN-5484-1
Posted Jun 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5484-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-39713, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21499
SHA-256 | 6ec0ae0395c19c7e5a1cccd288c838331c898658993f20553714a1b880f284f3
Wireshark Analyzer 3.6.6
Posted Jun 20, 2022
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: 5 bug fixes and updated protocol support for DTLS, F5 Capture Information, F5 Ethernet Trailer, FlexRay, MBIM, TFTP, TLS, and ZigBee ZCL.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | beba27aeb4d3bb78df6202e88dda69e1dba9b0561044957bcac47e68b6ac28ba
TOR Virtual Network Tunneling Tool 0.4.7.8
Posted Jun 20, 2022
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: This version fixes several bugfixes including a High severity security issue categorized as a Denial of Service. Everyone running an earlier version should upgrade to this version.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2022-33903
SHA-256 | 9e9a5c67ad2acdd5f0f8be14ed591fed076b1708abf8344066990a0fa66fe195
Ubuntu Security Notice USN-5482-1
Posted Jun 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5482-1 - It was discovered that SPIP incorrectly validated inputs. An authenticated attacker could possibly use this issue to execute arbitrary code. Charles Fol and Theo Gordyjan discovered that SPIP is vulnerable to cross site scripting. If a user were tricked into browsing a malicious SVG file, an attacker could possibly exploit this issue to execute arbitrary code. This issue was only fixed in Ubuntu 21.10.

tags | advisory, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2020-28984, CVE-2021-44120, CVE-2021-44122, CVE-2021-44123
SHA-256 | ec423457adbd941159570ceada40a93cb7cafd6e65d11c01f0d4e43ecb1639b6
SoftGuard SNMP Network Management Extension HTML Injection / File Download
Posted Jun 20, 2022
Authored by Philipp Espernberger | Site sec-consult.com

SoftGuard Web (SGW) versions prior to 5.1.5 suffer from html injection and arbitrary file system access allow for file downloads.

tags | exploit, web, arbitrary
advisories | CVE-2022-31201, CVE-2022-31202
SHA-256 | 76ee74097962529e003cf64b8fba1a3e1b9794c172699cc4c97189ef5a243d7c
Ubuntu Security Notice USN-5476-1
Posted Jun 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5476-1 - Han Zheng discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue was addressed in Ubuntu 21.10 and Ubuntu 22.04 LTS. It was discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-26981, CVE-2022-31783
SHA-256 | 311eba3b5bb97ad471b80b129811339b0c16d61a6545b8a77220a470939fc446
Red Hat Security Advisory 2022-4951-01
Posted Jun 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4951-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.43. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1708
SHA-256 | b3becf7c5a684f3894350693f083de3b75e23f8f1e59c2313e79aa641b3166eb
Verbatim Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 Missing Trust
Posted Jun 20, 2022
Authored by Matthias Deeg | Site syss.de

When analyzing the Verbatim Executive Fingerprint Secure SSD, Matthias Deeg found out that the validation of the firmware for the USB-to-SATA bridge controller INIC-3637EN only consists of a simple CRC-16 check (XMODEM CRC-16). Thus, an attacker is able to store malicious firmware code for the INIC-3637EN with a correct checksum on the used SPI flash memory chip (XT25F01D), which then gets successfully executed by the USB-to-SATA bridge controller.

tags | advisory
advisories | CVE-2022-28383
SHA-256 | 6fe888a83e3d60fa3dff9cbd864af7c01af27b2dbd4a6cda8d208d3d0a240337
WordPress Ninja Forms Code Injection
Posted Jun 20, 2022
Authored by Ramuel Gall | Site wordfence.com

The Wordfence Threat Intelligence team uncovered a code injection vulnerability that made it possible for unauthenticated attackers to call a limited number of methods in various Ninja Forms classes, including a method that unserialized user-supplied content, resulting in Object Injection. This could allow attackers to execute arbitrary code or delete ar bitrary files on sites where a separate POP chain was present. This flaw has been fully patched in versions 3.0.34.2, 3.1.10, 3.2.28, 3.3.21.4, 3.4.34.2, 3.5.8.4, and 3.6.11.

tags | advisory, arbitrary
SHA-256 | e25d000d7a2df2172a646831088ba3e0f1083e02893c12d290f821c392cde8a3
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization
Posted Jun 20, 2022
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities.

tags | exploit, java, vulnerability, xss
advisories | CVE-2022-30981, CVE-2022-30982
SHA-256 | e4580392eca1aaa2baef87c51030e06d2fcb0c618e86aa5b369549cadf1c84c3
Verbatim Fingerprint Secure Portable Hard Drive #53650 Insufficient Verification
Posted Jun 20, 2022
Authored by Matthias Deeg | Site syss.de

When analyzing the Verbatim Fingerprint Secure Portable Hard Drive, Matthias Deeg found out that the content of the emulated CD-ROM drive containing the Windows and macOS client software can be manipulated. The content of this emulated CD-ROM drive is stored as ISO-9660 image in the "hidden" sectors of the USB drive that can only be accessed using special IOCTL commands, or when installing the drive in an external disk enclosure.

tags | advisory
systems | windows
advisories | CVE-2022-28385
SHA-256 | 820817b00f35d5e9cdd824108c5f8d3d74d064b3343d74f7c689cef4f9919f97
Verbatim Fingerprint Secure Portable Hard Drive #53650 Missing Trust
Posted Jun 20, 2022
Authored by Matthias Deeg | Site syss.de

When analyzing the Fingerprint Secure Portable Hard Drive, Matthias Deeg found out that the validation of the firmware for the USB-to-SATA bridge controller INIC-3637EN only consists of a simple CRC-16 check (XMODEM CRC-16). Thus, an attacker is able to store malicious firmware code for the INIC-3637EN with a correct checksum on the used SPI flash memory chip (XT25F01B), which then gets successfully executed by the USB-to-SATA bridge controller.

tags | advisory
advisories | CVE-2022-28383
SHA-256 | 5cf09b9a6a7dc17bc2bc9248633676029f1f2f7c319f1bda1a93395588b69053
Red Hat Security Advisory 2022-5099-01
Posted Jun 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5099-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736, CVE-2022-28737
SHA-256 | 34246ffd9ca1956890fda4c9acb6dd38a6ae9f42ef9783e9b8715b92cd6d5e58
Red Hat Security Advisory 2022-5100-01
Posted Jun 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5100-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736, CVE-2022-28737
SHA-256 | 4ae68bf8d9609c4f243193d9fe7abc4a8a8aa94b680c713f385e474d83725f7a
Verbatim Fingerprint Secure Portable Hard Drive #53650 Risky Crypto
Posted Jun 20, 2022
Authored by Matthias Deeg | Site syss.de

When analyzing the Verbatim Fingerprint Secure Portable Hard Drive, Matthias Deeg found out that the firmware of the USB-to-SATA bridge controller INIC-3637EN uses AES-256 with the ECB (Electronic Codebook) mode. This operation mode of block ciphers like AES encrypts identical plaintext data, in this case blocks of 16 bytes, always to identical ciphertext data. For some data, for instance bitmap images, the lack of the cryptographic property called diffusion concerning the ECB mode can leak sensitive information even in encrypted data.

tags | advisory
advisories | CVE-2022-28382
SHA-256 | 5957d6ef4f65feb57e39fb3699989b7271db9a941fefc0a0ecfcc6d07e41f538
Verbatim Fingerprint Secure Portable Hard Drive #53650 Risky Crypto
Posted Jun 20, 2022
Authored by Matthias Deeg | Site syss.de

When analyzing the Verbatim Fingerprint Secure Portable Hard Drive, Matthias Deeg found out it uses an insecure design which allows retrieving the currently used password and thus the ability to unlock and access the stored data in an unauthorized way.

tags | advisory
advisories | CVE-2022-28387
SHA-256 | bf98542c479e3621d63c8f97f240d1176143d928dd39fcee82bda83c3c2f65d1
Page 1 of 3
Back123Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close