exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2022-09-05

Cisco ASA-X With FirePOWER Services Authenticated Command Injection
Posted Sep 5, 2022
Authored by jbaines-r7 | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual machine allows the attacker to pivot to the inside network, and access the outside network. Also, the SFR virtual machine is running snort on the traffic flowing through the ASA, so the attacker should have access to this diverted traffic as well. This module requires ASDM credentials in order to traverse the ASDM interface. A similar attack can be performed via Cisco CLI (over SSH), although that isn't implemented here. Finally, it's worth noting that this attack bypasses the affects of the lockdown-sensor command (e.g. the virtual machine's bash shell shouldn't be available but this attack makes it available). Cisco assigned this issue CVE-2022-20828. The issue affects all Cisco ASA that support the ASA FirePOWER module (at least Cisco ASA-X with FirePOWER Service, and Cisco ISA 3000). The vulnerability has been patched in ASA FirePOWER module versions 6.2.3.19, 6.4.0.15, 6.6.7, and 7.0.21. The following versions will receive no patch: 6.2.2 and earlier, 6.3.*, 6.5.*, and 6.7.*.

tags | exploit, web, shell, root, bash
systems | cisco, linux
advisories | CVE-2022-20828
SHA-256 | 68e16d3ce86c6321808a38fd985d56e82e3e74f93b1ebe13be653fa09e00432e
cryptmount Filesystem Manager 6.0
Posted Sep 5, 2022
Authored by RW Penney | Site cryptmount.sourceforge.net

cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.

Changes: Revised algorithm test-cases in mudslinger script to align to OpenSSL-3.0. Refreshed cipher algorithm names to match OpenSSL/libgcrypt conventions. Converted default libgcrypt keycipher to aes256-xts and keyhash to sha256. Converted setup-script to use LUKS format by default. Various other updates.
tags | tool, kernel, encryption
systems | linux, unix
SHA-256 | 86528a9175e1eb53f60613e3c3ea6ae6d69dbfe5ac2b53b2f58ba0f768371e7e
GNUnet P2P Framework 0.17.5
Posted Sep 5, 2022
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: Multiple bug fixes.
tags | tool, web, udp, tcp, peer2peer
systems | unix
SHA-256 | 8a744ff7a95d1e83215cce118050640f6c12261abe4c60a56bcf88e500f0023d
Ubuntu Security Notice USN-5595-1
Posted Sep 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5595-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33061, CVE-2021-33656
SHA-256 | 2803f1f2b9d21ecc0759524ee3c5baf5531c1bca5517154ecf398d41f56c6639
Ubuntu Security Notice USN-5596-1
Posted Sep 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5596-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33061, CVE-2021-33655
SHA-256 | 9717fd4e1b6daa46b6a95f20260d473f01dc55fdd2063c76cfd161c3f60376fd
Ubuntu Security Notice USN-5591-4
Posted Sep 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5591-4 - It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33656
SHA-256 | 4717428abbcf5e071293a2c07a694fdfd1b2c3c902b90513fa0826cfd44a94a7
Online Market Place Site 1.0 Cross Site Scripting
Posted Sep 5, 2022
Authored by Joe Pollock

Online Market Place Site version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-30003
SHA-256 | 6dbdfadfd046c1d428d90778b682265b97787399b579cf8c236ae782a910255b
Online Market Place Site 1.0 SQL Injection
Posted Sep 5, 2022
Authored by Joe Pollock

Online Market Place Site version 1.0 suffers from an unauthenticated blind SQL injection vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection.

tags | exploit, remote, sql injection
advisories | CVE-2022-30004
SHA-256 | 055275be279445d5466385d61a0e67c90bd2c9c88469b4e802f1402fe98446be
Mobile Mouse 3.6.0.4 Remote Code Execution
Posted Sep 5, 2022
Authored by Chokri Hammedi

Mobile Mouse version 3.6.0.4 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 2509530b624f14ddbe319dfa5afe878c807b92ada8714c91def25fbb67763a6e
Apple macOS Remote Events Memory Corruption
Posted Sep 5, 2022
Authored by Jeremy Brown

This is a proof of concept exploit for the Apple macOS remote events remote memory corruption vulnerability. It serves as a toolkit to help debug and trigger crashes.

tags | exploit, remote, proof of concept
systems | apple
advisories | CVE-2022-22630
SHA-256 | b71c042ede4f92abca7d1cc98ba26d58de335a31e253ab82c25fea5b3120ba80
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close