exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files Date: 2022-09-16

SAP SAPControl Web Service Interface Local Privilege Escalation
Posted Sep 16, 2022
Authored by M. Li | Site sec-consult.com

SAPControl Web Service Interface (sapstartsrv) suffers from a privilege escalation vulnerability via a race condition.

tags | exploit, web
advisories | CVE-2022-29614
SHA-256 | 5f21a47194e596c49a31455b6731ab60cd1e4e77d9094e16a002d5a7d296e114
Palo Alto Networks Authenticated Remote Code Execution
Posted Sep 16, 2022
Authored by UnD3sc0n0c1d0, Mikhail Klyuchnikov, jheysel-r7, Nikita Abramov | Site metasploit.com

This Metasploit module exploits an OS command injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS versions prior to 10.0.1, 9.1.4 and 9.0.10.

tags | exploit, arbitrary, root
advisories | CVE-2020-2038
SHA-256 | bd8da0b51bb49981c02de534b677f79ab91e97edd6c6f772d526bed01cfe7f69
Packet Fence 12.0.0
Posted Sep 16, 2022
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: 7 new features, 15 enhancements, and 16 bug fixes.
tags | tool, remote
systems | unix
SHA-256 | 58275977606c1d2971491560348e08abe448043ba4cbe4670612a9f7fd02bce0
SAP SAProuter Improper Access Control
Posted Sep 16, 2022
Authored by Fabian Hagg | Site sec-consult.com

SAP SAProuter suffers from an improper access control vulnerability where permitting loopback traffic can lead to unexpected behavior.

tags | exploit
advisories | CVE-2022-27668
SHA-256 | 91240243e7e61439bb89c02bbb4588f61e70077ca27fc537904e51613f2c8bd3
Ubuntu Security Notice USN-5615-1
Posted Sep 16, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5615-1 - It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that SQLite incorrectly handled ALTER TABLE for views that have a nested FROM clause. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only addressed in Ubuntu 20.04 LTS.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-35525, CVE-2020-35527, CVE-2021-20223
SHA-256 | 0a1703f5ce2199a67b12a051081405528c9c13c99cee6f6c919040b70488b5e2
Ubuntu Security Notice USN-5614-1
Posted Sep 16, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5614-1 - It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3782
SHA-256 | bb11f2b39f39d3efa6b1b372c101161078bd4937bfbf50baa0a65f2cf890229f
Social Share Button 2.2.3 SQL Injection
Posted Sep 16, 2022
Authored by nu11secur1ty

Social Share Buttons version 2.2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | edba387a26274cddcb2a94613095db446c2d09af44f88ad54797136ae0a59e31
Rocket LMS 1.6 SQL Injection
Posted Sep 16, 2022
Authored by CraCkEr

Rocket LMS version 1.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 821ae94a2aa85e87e1c3dba2d4d30132a1eb29d3a4a4e465c8a74cbe3661d06f
Chrome LinkToTextMenuObserver::CompleteWithError Heap Use-After-Free
Posted Sep 16, 2022
Authored by Google Security Research, Glazvunov

A use-after-free issue exists in Chrome 104 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process. LinkToTextMenuObserver holds a raw pointer to a RenderFrameHost object, but is not owned by the frame host and does not watch for frame host destruction events. Therefore, if an attacker manages to destroy the frame host right after the observer is created but before the timeout task posted in StartLinkGenerationRequestWithTimeout() is executed, use-after-free will occur.

tags | exploit, web, arbitrary, code execution
advisories | CVE-2022-2998
SHA-256 | 071c2f32b441a15bf0f0c6db3397a3899a646938aeb7df15abb5fc345c9589e8
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close