exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2023-06-01

Ubuntu Security Notice USN-6128-1
Posted Jun 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6128-1 - It was discovered that CUPS incorrectly handled logging. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-32324
SHA-256 | 0222261d91edfe69a65c54788ca77efb0b74baf43b567276f958ccd3822638be
Red Hat Security Advisory 2023-3415-01
Posted Jun 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3415-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-24539, CVE-2023-24540, CVE-2023-29400
SHA-256 | 9f844ced4bea3a65fb155e612256ae1b0c62dd6cc34ad0c3e7b08d97c82fc4c8
STARFACE 7.3.0.10 Broken Authentication
Posted Jun 1, 2023
Site redteam-pentesting.de

RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become best practice to protect users' passwords in case of a database compromise, this is rendered ineffective when allowing to authenticate using the password hash. Versions 7.3.0.10 and below are affected.

tags | exploit, web
advisories | CVE-2023-33243
SHA-256 | bf316bc05bcb273edd4ab75c498cf1dd7821da0c8c8f6d0a7544d4d163c7226f
AIEngine 2.4.0
Posted Jun 1, 2023
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a next generation interactive/programmable Python/Ruby/Java/Lua and Go network intrusion detection system engine. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Changes: Support natively of nefilter on the PacketDispatcher on linux systems. Allow more flexible API query parameters on the api. Allow to see in real time over the Rest API the L7 payloads of selected flows. Improvements on the TCP QoS metrics.Flow drop packets and bytes now available. Fix an issue with RST and ICMP unreach with network devices. Support for IP on GRE tunnels.
tags | tool, java, python, ruby
systems | unix
SHA-256 | 9592ddac406040974faa1b34a459f123d010fd293a18114a8468d871b7825c7b
Red Hat Security Advisory 2023-3408-01
Posted Jun 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3408-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include double free and use-after-free vulnerabilities.

tags | advisory, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2022-4304, CVE-2022-4450, CVE-2023-0215
SHA-256 | f72c65031868645261cd4d6a767c461670e58de67837da3bcbb897896baa72fe
Ubuntu Security Notice USN-6127-1
Posted Jun 1, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6127-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1380, CVE-2023-2612, CVE-2023-30456, CVE-2023-31436, CVE-2023-32233
SHA-256 | d5bebd00eb8fbd02af592148b36695e2ef824baceadfe6af62ac658584cf2947
Flexense HTTP Server 10.6.24 Buffer Overflow / Denial Of Service
Posted Jun 1, 2023
Authored by Ege Balci | Site metasploit.com

This Metasploit module triggers a denial of service vulnerability in the Flexense HTTP server. The vulnerability is caused by a user mode write access memory violation and can be triggered with rapidly sending a variety of HTTP requests with long HTTP header values. Multiple Flexense applications that are using Flexense HTTP server versions 10.6.24 and below are vulnerable.

tags | exploit, web, denial of service, overflow
advisories | CVE-2018-8065
SHA-256 | 813816198b6e0b95d0076b6edc4437a705a53f10378492556a643fa2b78999b8
Red Hat Security Advisory 2023-3397-01
Posted Jun 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3397-01 - QATzip is a user space library which builds on top of the Intel QuickAssist Technology user space library, to provide extended accelerated compression and decompression services by offloading the actual compression and decompression request to the Intel Chipset Series. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-36369
SHA-256 | ff4d7d2d2d8fa6eef3ae831663a662eb574962c5c677f55cbfd3a786e8b9310e
Red Hat Security Advisory 2023-3403-01
Posted Jun 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3403-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-27530, CVE-2023-27539
SHA-256 | f54146335675dc694b29a4ff000c8729a11c4be8022e553380c4e6847ff9e34a
Faculty Evaluation System 1.0 Shell Upload
Posted Jun 1, 2023
Authored by Alex Gan

Faculty Evaluation System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2023-33440
SHA-256 | 241254abd3df9a7455cf5f17e73c98c7409c952bdb7ce70c4a493a17b023d043
Red Hat Security Advisory 2023-3387-01
Posted Jun 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3387-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2023-0119
SHA-256 | bfeb105a62114f3860cd24d5a94638c5cd4325a86fb128e404881d888f7ccc2f
Menorah Restaurant 1.0.0 Insecure Settings
Posted Jun 1, 2023
Authored by indoushka

Menorah Restaurant version 1.0.0 appears to leave default credentials installed after installation.

tags | exploit
SHA-256 | 69692a4a3602d1e51c4e360ec7bb6355abdd9cb62f93e70bc2a415f8fc579bff
Red Hat Security Advisory 2023-3394-01
Posted Jun 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3394-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2393, CVE-2022-2414
SHA-256 | 0fdb175c1730eec8a17b98d05a6e28fc03d2a86a2031e2385a64e517d0ca6190
Acelle Email Marketing 3.0.15 Arbitrary File Upload
Posted Jun 1, 2023
Authored by indoushka

Acelle Email Marketing version 1.0 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | 8ab91b141d2a757f5c8139e68bc3122becbc9e84709fafd036525d8dda27931b
Online Security Guards Hiring System 1.0 Cross Site Scripting
Posted Jun 1, 2023
Authored by AFFAN AHMED

Online Security Guards Hiring System version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2023-0527
SHA-256 | 6e95e75a8463307d0fda26a7b0db59884b975be934f81ed140321541ac8f07b1
Red Hat Security Advisory 2023-3388-01
Posted Jun 1, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3388-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-3564, CVE-2022-39188, CVE-2022-42703, CVE-2022-4378
SHA-256 | a5996ba116d7d97a15ea7c093811a9a3c102c48a853d7fb0910bca8327eb216f
Rukovoditel 3.3.1 CSV Injection
Posted Jun 1, 2023
Authored by Mirabbas Agalarov

Rukovoditel version 3.3.1 suffers from a CSV injection vulnerability.

tags | exploit
SHA-256 | f5440dce4d96b638359d12c85611ce549d315848a38eb5897206fe7c0282d5b3
Bumsys Business Management System 1.0.3-beta Shell Upload
Posted Jun 1, 2023
Authored by AFFAN AHMED

Bumsys Business Management System version 1.0.3-beta suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2023-0455
SHA-256 | 9b18d9d9786b65e2dd3bca451efb34b98dda2b60625edec7acca67ab3fa4a44a
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close