exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2022-09-20

Zeek 5.0.2
Posted Sep 20, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed a possible overflow and crash in the ICMP analyzer when receiving a specially crafted packet. Fixed a possible overflow and crash in the IRC analyzer when receiving a specially crafted packet. Fixed a possible overflow and crash in the SMB analyzer when receiving a specially crafted packet. Fixed two possible crashes when converting IP headers for output via the raw_packet event. Fixed a bug that prevented Broker nodes to recover from OpenSSL errors. Fixed handling of buffer sizes that caused Broker to stall despite having sufficient capacity. Fixed an issue with signal handling that could prevent Zeek from exiting via ctrl-c when reading scripts from stdin.
tags | tool, intrusion detection
systems | unix
SHA-256 | 7089fcc06d13803fc7ce19fdc49f96183efd797be3a4fdca083240b9b46e1d2f
Ubuntu Security Notice USN-5619-1
Posted Sep 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5619-1 - It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-19131, CVE-2020-19144, CVE-2022-1354, CVE-2022-1355, CVE-2022-2056
SHA-256 | 874eb330e0f797a6a5f345bf829b68bb90c1d9ebe271887d31824c498314f317
Arm Mali CSF Missing Buffer Size Check
Posted Sep 20, 2022
Authored by Jann Horn, Google Security Research

In the Linux Mali driver, when building with MALI_USE_CSF, the VFS read handler of the main Mali file descriptor (kbase_read()) never looks at its "count" parameter. This means that a simple userspace program that sets up a Mali file descriptor, then calls read(mali_fd, buf, 1), will see read() returning a higher length than requested, and out-of-bounds data in the userspace buffer will be clobbered.

tags | exploit
systems | linux
advisories | CVE-2022-36449
SHA-256 | 3d801b6f86d2cf6dcafab0fab084495a709669823b168ea8d4eaa15c04e2a64c
Arm Mali Race Condition
Posted Sep 20, 2022
Authored by Jann Horn, Google Security Research

The Mali driver frees GPU page tables before removing the higher-level PTEs pointing to those page tables (and, therefore, also before issuing the required flushes). This means a racing memory write instruction on the GPU can write to an attacker-controlled physical address.

tags | exploit
advisories | CVE-2022-36449
SHA-256 | b9314770c55b858e1768dc0c89581aba6dcd511b77abe5a7a6849771f7835386
Arm Mali Physical Address Exposure
Posted Sep 20, 2022
Authored by Jann Horn, Google Security Research

Arm Mali has an issue where a driver exposes physical addresses to unprivileged userspace.

tags | exploit
advisories | CVE-2022-36449
SHA-256 | 0dd6b9f2ab5a6a54b712bd8da62800520f10d77e1129a4be99b021e528de767a
Arm Mali Released Buffer Use-After-Free
Posted Sep 20, 2022
Authored by Jann Horn, Google Security Research

On Mali devices without the new CSF interface, IMPORTED_USER_BUF is released without flushing host-side VMAs, leading to a page use-after-free vulnerability.

tags | exploit
advisories | CVE-2022-36449
SHA-256 | 51a2923bc823fc6d20b96117084be18b4a15d5a3f49b9f2dc2e04e3c069198a0
Backdoor.Win32.Hellza.120 MVID-2022-0641 Remote Command Execution
Posted Sep 20, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hellza.120 malware suffers from a remote command execution vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | cdc70328ddf40e49dc5b1f2be3419c1dac2bfb6b0721efd3f3603444e744fbd5
Backdoor.Win32.Hellza.120 MVID-2022-0642 Authentication Bypass
Posted Sep 20, 2022
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hellza.120 malware suffers from an authentication bypass vulnerability.

tags | exploit, bypass
systems | windows
SHA-256 | adbd455e6069c90acd875b4a68a6da7ff2670fe9ef0da2ea17802f855cdd6cda
Blink1Control2 2.2.7 Weak Password Encryption
Posted Sep 20, 2022
Authored by p1ckzi

Blink1Control2 version 2.2.7 suffers from a weak password encryption vulnerability.

tags | exploit
advisories | CVE-2022-35513
SHA-256 | 016360d6db87acaeaab1ede2ba44809cb5e3890462779d685dd3c26fa995a7ff
ProcessMaker Privilege Escalation
Posted Sep 20, 2022
Authored by Sornram Kampeera

ProcessMaker versions prior to 3.5.4 were discovered to be susceptible to a remote privilege escalation vulnerability.

tags | exploit, remote
advisories | CVE-2022-38577
SHA-256 | 4488144ca6dbc46145755713008b526023b21a1bbfead3548cbfc41eacd84cda
Red Hat Security Advisory 2022-6537-01
Posted Sep 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6537-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2021-38561, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21698, CVE-2022-34903
SHA-256 | 735b783c45f9b58ea138e108a34335ff5637f28e24d124171612b58ece201b35
Buffalo TeraStation Network Attached Storage (NAS) 1.66 Authentication Bypass
Posted Sep 20, 2022
Authored by Jordan Glover

Buffalo TeraStation Network Attached Storage (NAS) version 1.66 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | b25f9ea485651ddd5fbfd1f367341b3088a792a33c6f34e467614dc44f8f1aee
Trojan.Ransom.Ryuk.A MVID-2022-0640 Code Execution
Posted Sep 20, 2022
Authored by malvuln | Site malvuln.com

Trojan.Ransom.Ryuk.A ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. Once loaded the exploit dll will check if the current directory is "C:\Windows\System32" and if not, we grab our process ID and terminate. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit, trojan
systems | windows
SHA-256 | cf8ca0f9491742132b26f99723587a07bd7827506a1fb18e871a77bfbc3b9a62
Bookwyrm 0.4.3 Authentication Bypass
Posted Sep 20, 2022
Authored by Akshay Ravi

Bookwyrm versions 0.4.3 and below suffer from an authentication bypass vulnerability due to a lack of rate limiting on OTP checks.

tags | exploit, bypass
advisories | CVE-2022-2651
SHA-256 | 01182b49f5094c1c536e28a7cca127e1933e717f4d3a739892d462bc0afce375
Trojan-Dropper.Win32.Corty.10 MVID-2022-0639 Insecure Credential Storage
Posted Sep 20, 2022
Authored by malvuln | Site malvuln.com

Trojan-Dropper.Win32.Corty.10 malware suffers from an insecure credential storage vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 32271f7a5d8be605d0185b7cf8397b7bf3093ad269844c0104016e34a6185027
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close