exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2024-01-05

Wireshark Analyzer 4.2.2
Posted Jan 5, 2024
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: 5 vulnerabilities and 23 bugs have been fixed.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2024-0207, CVE-2024-0208, CVE-2024-0209, CVE-2024-0210, CVE-2024-0211
SHA-256 | 9e3672be8c6caf9279a5a13582d6711ab699ae2a79323e92a99409c1ead98521
Themebleed Windows 11 Themes Arbitrary Code Execution
Posted Jan 5, 2024
Authored by Spencer McIntyre, bwatters-r7, gabe_k | Site metasploit.com

When an unpatched Windows 11 host loads a theme file referencing an msstyles file, Windows loads the msstyles file, and if that file's PACKME_VERSION is 999, it then attempts to load an accompanying dll file ending in _vrf.dll. Before loading that file, it verifies that the file is signed. It does this by opening the file for reading and verifying the signature before opening the file for execution. Because this action is performed in two discrete operations, it opens the procedure for a time of check to time of use vulnerability. By embedding a UNC file path to an SMB server we control, the SMB server can serve a legitimate, signed dll when queried for the read, but then serve a different file of the same name when the host intends to load/execute the dll.

tags | exploit
systems | windows
advisories | CVE-2023-38146
SHA-256 | 44f044cbc901c8010a0b6712cedc87c1cc39134506044dd22466b8aac564f4b8
Ubuntu Security Notice USN-6549-4
Posted Jan 5, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6549-4 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-37453, CVE-2023-3773, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-39198, CVE-2023-42754, CVE-2023-5158, CVE-2023-5178, CVE-2023-5717
SHA-256 | 539ba7d0aa479fefcb8407162e60fe82e47e6a303e65db69861090b736eddaff
Gentoo Linux Security Advisory 202401-06
Posted Jan 5, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-6 - A vulnerability has been found in CUPS filters where remote code execution is possible via the beh filter. Versions greater than or equal to 1.28.17-r2 are affected.

tags | advisory, remote, code execution
systems | linux, gentoo
advisories | CVE-2023-24805
SHA-256 | 04d9291041ba5fcc090e28f0ff4049fffa42d1e6dc39d668ae3efd16ce11f10b
Gentoo Linux Security Advisory 202401-05
Posted Jan 5, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-5 - A vulnerability has been found in RDoc which allows for command injection. Versions greater than or equal to 6.3.2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2021-31799
SHA-256 | 8c234efb417149feb22af3d5937b58ea19a4a01f0e98fe8cc0b8e6d103242de2
Gentoo Linux Security Advisory 202401-04
Posted Jan 5, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-4 - Several vulnerabilities have been found in WebKitGTK+, the worst of which can lead to remote code execution. Versions greater than or equal to 2.42.3:4 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2023-28198, CVE-2023-28204, CVE-2023-32370, CVE-2023-32373, CVE-2023-32393, CVE-2023-32439, CVE-2023-37450, CVE-2023-38133, CVE-2023-38572, CVE-2023-38592, CVE-2023-38594, CVE-2023-38595, CVE-2023-38597, CVE-2023-38599
SHA-256 | 863910f6ba20827a0b5c37c0acc5ae9e63a2fc484662aacd6eba8330d97af93e
Gentoo Linux Security Advisory 202401-03
Posted Jan 5, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-3 - Multiple vulnerabilities have been discovered in Bluez, the worst of which can lead to privilege escalation. Versions greater than or equal to 5.70-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2023-45866
SHA-256 | 00bcf7d7f39e7957ade6ec3d65eccb58e969676ea0a1c77b50884d272960344f
Gentoo Linux Security Advisory 202401-02
Posted Jan 5, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-2 - Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity. Versions greater than or equal to 1.19.0 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-3672, CVE-2022-4904
SHA-256 | f55f7b8be0123269cf0a3020e3f41c3abd725971d2971cd48e32c027598008a2
Debian Security Advisory 5597-1
Posted Jan 5, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5597-1 - It was discovered that Exim, a mail transport agent, can be induced to accept a second message embedded as part of the body of a first message in certain configurations where PIPELINING or CHUNKING on incoming connections is offered.

tags | advisory
systems | linux, debian
advisories | CVE-2023-51766
SHA-256 | c07124cdc31734b4be52276427c0adc4c564e3e489e29e0b9d3007047f785ba9
Debian Security Advisory 5596-1
Posted Jan 5, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5596-1 - Multiple security vulnerabilities have been discovered in Asterisk, an Open Source Private Branch Exchange.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2023-37457, CVE-2023-38703, CVE-2023-49294, CVE-2023-49786
SHA-256 | c9359b6983497697c00903ccf8711da8c38c58bb9a04feff50dc4b063da49212
Debian Security Advisory 5595-1
Posted Jan 5, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5595-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-0222, CVE-2024-0223, CVE-2024-0224, CVE-2024-0225
SHA-256 | 72ee96f98d942b476c2ea37011c4d11f0573ac25aa0b2dedd32a66c7be41c7a6
Easy Chat Server 3.1 Denial Of Service
Posted Jan 5, 2024
Authored by Fernando Mengali

Easy Chat Server version 3.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 1d2001e55316de5dd8f3bcd93da739cea8c1437cc7b058758318e13bfca63ad4
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close