exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2023-08-18

Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification
Posted Aug 18, 2023
Authored by Jim Becher | Site korelogic.com

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 suffers from an unpatched vulnerability in sudoedit, allowed by sudo configuration, which permits a low-privilege user to modify arbitrary files as root and subsequently execute arbitrary commands as root.

tags | exploit, arbitrary, root
systems | cisco
advisories | CVE-2023-22809
SHA-256 | 9caf2d86fd42cb7a6098a98695d2f0c8ac71c65afef31f1c6345f008453f417a
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation
Posted Aug 18, 2023
Authored by Jim Becher | Site korelogic.com

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to run arbitrary commands as root via the tcpdump command without a password.

tags | exploit, arbitrary, root
systems | cisco
advisories | CVE-2023-20224
SHA-256 | f0f074bfbbdfcf50b89b456bedfa1d6e2dad916eb9c805528576e82777cae103
Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read
Posted Aug 18, 2023
Authored by Hank Leininger, Jim Becher | Site korelogic.com

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to read root-only files via the dig command without a password.

tags | exploit, root
systems | cisco
advisories | CVE-2023-20217
SHA-256 | 9a639b868d2a607d6808f5cc9c66c20f4c697461ce4034c2ce7534df93c6ec6e
Ubuntu Security Notice USN-6301-1
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6301-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-36691, CVE-2022-0168, CVE-2022-1184, CVE-2022-27672, CVE-2022-4269, CVE-2023-0590, CVE-2023-1611, CVE-2023-1855, CVE-2023-1990, CVE-2023-2124, CVE-2023-2194, CVE-2023-28466, CVE-2023-30772, CVE-2023-3111
SHA-256 | 125a315d2aef538a30c88eeedb76ea1ad66ca679d4531e2f90565d6b90d2edeb
Ubuntu Security Notice USN-6300-1
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6300-1 - William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service. It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-4269, CVE-2022-48502, CVE-2023-0597, CVE-2023-1611, CVE-2023-1855, CVE-2023-1990, CVE-2023-2002, CVE-2023-2124, CVE-2023-2163, CVE-2023-2194, CVE-2023-2235, CVE-2023-2269, CVE-2023-23004, CVE-2023-28466
SHA-256 | 829cc8a82ad61e2a0dec9b102d838ba347daf73a403d600e65767e9f8d3821c0
Ubuntu Security Notice USN-6299-1
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6299-1 - It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-36023
SHA-256 | 144c3965fa3ad3698240515edd82a9dbfe9d853526109e10f7047d5f74eb6e20
Debian Security Advisory 5479-1
Posted Aug 18, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2023-2312, CVE-2023-4349, CVE-2023-4350, CVE-2023-4351, CVE-2023-4352, CVE-2023-4353, CVE-2023-4354, CVE-2023-4355, CVE-2023-4356, CVE-2023-4357, CVE-2023-4358, CVE-2023-4359, CVE-2023-4360, CVE-2023-4361
SHA-256 | aee0f620a740c7ebf8d3a5388c4cb2acee86d35cf2761c6423c720350e0a280f
Ubuntu Security Notice USN-6294-2
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6294-2 - USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Ubuntu 20.04 LTS. Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-40225
SHA-256 | d781113e83bdef2397942d94f0f5327411286b1e5bf60fc0a91451cecd337078
Ubuntu Security Notice USN-6297-1
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6297-1 - It was discovered that Ghostscript incorrectly handled outputting certain PDF files. A local attacker could potentially use this issue to cause a crash, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2023-38559
SHA-256 | 28a766cc78e8818479cc1b035a3452025c8d6af4e2cded153c7353ce30dcb071
Ubuntu Security Notice USN-6298-1
Posted Aug 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6298-1 - Liu Zhu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. YiMing Liu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-7727, CVE-2020-18442
SHA-256 | 726c94156be0fb08522ab35a77ac192d647ae53e93f0134c702c8c11b5eed036
Windows API Exploitation In Real World
Posted Aug 18, 2023
Authored by Akash Sarode

This paper focuses on using Windows APIs to exploit and bypass modern day defense systems. The idea here is to understand the approach of how a modern day threat adversary would definitely help blue teamers to improve their defense mechanism. This article is useful for both blue and red teamers.

tags | paper
systems | windows
SHA-256 | a08987a70023a852cfeef5c85e21b3ba9fa78f1aa30066467583fa799fdca5e3
Chrome IPCZ FragmentDescriptors Missing Validation
Posted Aug 18, 2023
Authored by Google Security Research, Mark Brand

Chrome IPCZ FragmentDescriptors are not validated allowing for an out-of-bounds crash condition.

tags | exploit
advisories | CVE-2023-3732
SHA-256 | adc68a8b0a6ff50085071702ac5d18e4499b667b8b192dadf209cd4cf9ae81ee
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close