exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2022-07-06

Zeek 5.0.0
Posted Jul 6, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Zeek now requires at least CMake version 3.15.0. The script-land union and timer types have been removed. Broker now uses a new network backend with a custom network protocol that is incompatible with the pre-5.0 backend. A large amount of new functionality and changes to functionality have been made in this release and it is suggested you review the entire changelog.
tags | tool, intrusion detection
systems | unix
SHA-256 | d0d300fd8d9a1a485a0198c52e9773db7c532820faaea797e4c63aafac63fd7e
Windows Kerberos Redirected Logon Buffer Privilege Escalation
Posted Jul 6, 2022
Authored by James Forshaw, Google Security Research

On Windows, the buffer for redirected logon context does not protect against spoofing resulting in arbitrary code execution in the LSA leading to local elevation of privilege.

tags | exploit, arbitrary, local, spoof, code execution
systems | windows
advisories | CVE-2022-24545, CVE-2022-30165
SHA-256 | e5fb08a6edcf0b1b0510543eebe8a2074c96f610873eefbc81fd441dc6b36c39
Xen PV Guest Non-SELFSNOOP CPU Memory Corruption
Posted Jul 6, 2022
Authored by Jann Horn, Google Security Research

On CPUs without SELFSNOOP support, a Xen PV domain that has access to a PCI device (which grants the domain the ability to set arbitrary cache attributes on all its pages) can trick Xen into validating an L2 pagetable that contains a cacheline that is marked as clean in the cache but actually differs from main memory. After the pagetable has been validated, an attacker can flush the "clean" cacheline, such that on the next load, unvalidated data from main memory shows up in the pagetable.

tags | exploit, arbitrary
advisories | CVE-2022-26364
SHA-256 | 0ca3bec4eaa9cefc4bd68628da583653303fb2bb08f1b14700118565ff032f9c
Red Hat Security Advisory 2022-5498-01
Posted Jul 6, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5498-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include HTTP request smuggling, buffer overflow, bypass, code execution, cross site scripting, denial of service, heap overflow, information leakage, privilege escalation, remote shell upload, remote SQL injection, and traversal vulnerabilities.

tags | advisory, remote, web, denial of service, overflow, shell, vulnerability, code execution, xss, sql injection
systems | linux, redhat
advisories | CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-30151, CVE-2021-3200, CVE-2021-32839, CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938, CVE-2021-3584, CVE-2021-41136, CVE-2021-4142, CVE-2021-42550
SHA-256 | c0789250da6e85f6ddbf1eff137427983e596902d3fa57015a6fd21b598eac60
Ubuntu Security Notice USN-5502-1
Posted Jul 6, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5502-1 - Alex Chernyakhovsky discovered that OpenSSL incorrectly handled AES OCB mode when using the AES-NI assembly optimized implementation on 32-bit x86 platforms. A remote attacker could possibly use this issue to obtain sensitive information.

tags | advisory, remote, x86
systems | linux, ubuntu
advisories | CVE-2022-2097
SHA-256 | b7685024ea08064a48df0cc02c966bbdef3aaaac3fe59662c6702428963a6223
Ubuntu Security Notice USN-5503-1
Posted Jul 6, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5503-1 - Demi Marie Obenour discovered that GnuPG incorrectly handled injection in the status message. A remote attacker could possibly use this issue to forge signatures.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2022-34903
SHA-256 | 0b69d827a44a79e269df3e86d3912b4f936dff6c6042fcd9d52ca24d9c84dfd5
EQS Integrity Line Cross Site Scripting / Information Disclosure
Posted Jul 6, 2022
Authored by Giovanni Pellerano | Site ush.it

EQS Integrity Line versions through 2022-07-01 suffer from cross site scripting and sensitive information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2022-34007
SHA-256 | 21a47b9fbd11e6b29f25b46678eefbe67cd2ecd6ec063d64543e0d2d12795718
Magnolia CMS 6.2.19 Cross Site Scripting
Posted Jul 6, 2022
Authored by Giulio Garzia

Magnolia CMS versions 6.2.19 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-33098
SHA-256 | 289cfd7e8ab83c714ebf68612f0144514c8350c9893a24195c411ff0823a4ab5
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close