exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2024-01-09

Ubuntu Security Notice USN-6571-1
Posted Jan 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6571-1 - Youssef Rebahi-Gilbert discovered that Monit did not properly process credentials for disabled accounts. An attacker could possibly use this issue to login to the platform with an expired account and a valid password.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-26563
SHA-256 | 3d13188efb2c2dfe9c731ed925b14616eee9675899cd1d0a8e2ad2bc25bb709e
Ubuntu Security Notice USN-6038-2
Posted Jan 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6038-2 - USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.

tags | advisory, remote, web, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-1705, CVE-2022-28131, CVE-2022-2879, CVE-2022-2880, CVE-2022-29526, CVE-2022-30629, CVE-2022-30631, CVE-2022-30633, CVE-2022-32148, CVE-2022-41717, CVE-2023-24537, CVE-2023-24538
SHA-256 | 96428fafe2ad31ad48b8e46a45e50a86a01fb944d7fa801a9d326ac37683dc05
cpio 2.13 Privilege Escalation
Posted Jan 9, 2024
Authored by Georgi Guninski

cpio version 2.13 suffers from a privilege escalation vulnerability via setuid files in a cpio archive.

tags | exploit
SHA-256 | e4948bd6237737a1ce41d6d861ca14bf4316c0d417e7e9b48c670388f66f760a
Ubuntu Security Notice USN-6568-1
Posted Jan 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6568-1 - The ClamAV package was updated to a new upstream version to remain compatible with signature database downloads.

tags | advisory
systems | linux, ubuntu
SHA-256 | 8e1c2faf0f799f5f8132dc7280b767a27a45d53b9745a8a388ce443e5c8ce587
SSH-Snake: Automated SSH-Based Network Traversal
Posted Jan 9, 2024
Authored by Joshua Rogers | Site github.com

SSH-Snake is a powerful tool designed to perform automatic network traversal using SSH private keys discovered on systems, with the objective of creating a comprehensive map of a network and its dependencies, identifying to what extent a network can be compromised using SSH and SSH private keys starting from a particular system. SSH-Snake can automatically reveal the relationship between systems which are connected via SSH, which would normally take a tremendous amount of time and effort to perform manually.suffers from bypass and traversal vulnerabilities.

tags | tool, scanner, vulnerability, file inclusion
systems | unix
SHA-256 | 955ae990d1d900f97e789c6f6cb04dd954898e032e8e00fc6d4354e9508c09ae
OX App Suite 7.10.6 Access Control / Cross Site Scripting
Posted Jan 9, 2024
Authored by Martin Heiland

OX App Suite version 7.10.6-rev51 suffers from an access control vulnerability. Version 7.10.6-rev34 suffers from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2023-29051, CVE-2023-29052, CVE-2023-41710
SHA-256 | 80185f3d2633831b5738bc1126710375d2e7d24e073ff394c679caa4c61efc56
OX App Suite 7.10.6 XSS / Command Execution / LDAP Injection
Posted Jan 9, 2024
Authored by Martin Heiland

OX App Suite version 7.10.6-rev50 suffers from remote code execution and LDAP injection vulnerabilities. Version 7.10.6-rev33 suffers from a cross site scripting vulnerability.

tags | advisory, remote, vulnerability, code execution, xss
advisories | CVE-2023-29048, CVE-2023-29049, CVE-2023-29050
SHA-256 | 592f2b04fcdcc6f8a886a43ccea679f6723dca85956b3e11029cce5b8e4022ec
liveSite 2019.1 Remote Code Execution
Posted Jan 9, 2024
Authored by tmrswrr

liveSite version 2019.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | b37493bb3255b58a4615f905b81120f48fc0c45ea3546c91403104640924bd53
Intrasrv Simple Web Server 1.0 Denial Of Service
Posted Jan 9, 2024
Authored by Fernando Mengali

Intrasrv Simple Web Server version 1.0 suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
SHA-256 | d7370c79e707e5078287413c0fbc8380ee94a508c9537f6674c99c31529baf05
AdvantechWeb/SCADA 9.1.5U SQL Injection
Posted Jan 9, 2024
Authored by Cody Sixteen | Site code610.blogspot.com

AdvantechWeb/SCADA version 9.1.5U suffers from a post authentication remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c61d51ef9791032ac5aeeaa9f4123f947e54a3c585126f417601ad70cf5716cc
Ubuntu Security Notice USN-6569-1
Posted Jan 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6569-1 - it was discovered that libclamunrar incorrectly handled directories when extracting RAR archives. A remote attacker could possibly use this issue to overwrite arbitrary files and execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. It was discovered that libclamunrar incorrectly validated certain structures when extracting RAR archives. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-30333, CVE-2023-40477
SHA-256 | b81771e4d8b0760cfe218cfa3429b18ca1622f8f2c85cd6d4ac1ca217536f86f
Microsoft SQL Server db_ddladmin Privilege Escalation
Posted Jan 9, 2024
Authored by Emad Al-Mousa

Microsoft SQL Server versions 2014 through 2022 suffers from a db_ddladmin privilege escalation vulnerability. When escalated to Microsoft as a concern, they instead opted to update their documentation to note that this is possible instead of addressing the issue.

tags | advisory
SHA-256 | cac3f425f4cca8e96dd9616578d2788098261640c115710127e2b2ec6da21b6c
Red Hat Security Advisory 2024-0089-03
Posted Jan 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0089-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-4622
SHA-256 | d105e9ac9c6738478835aa25b4df7921aec1cee0a47be65b0d1f2d61eb6ee6ce
tc Tor Chat Client
Posted Jan 9, 2024
Authored by fausto

tc is a low-tech free software to chat anonymously and ciphered over Tor circuits in PGP. Use it to protected your communication end-to-end with RSA/DSA encryption and keep yourself anonymously reachable by anyone who only knows your .onion address and your public key. All this and more in 2400 lines of C code that compile and run on BSD and Linux systems with an IRC like GUI. As this is a rolling release and does not have an official build yet, the prior version on Packet Storm was replaced with this updated code base.

tags | tool
systems | linux, unix, bsd
SHA-256 | bae7c904763360a82e8b3a4a6720b31c22f9c49b63eca777df474d4383d39f97
Ubuntu Security Notice USN-6567-1
Posted Jan 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6567-1 - Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and escalate privileges. This issue only affected Ubuntu 20.04 LTS.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-14394, CVE-2020-24165, CVE-2021-3611, CVE-2021-3638, CVE-2023-1544, CVE-2023-2861, CVE-2023-3180, CVE-2023-3255, CVE-2023-3301, CVE-2023-3354, CVE-2023-40360, CVE-2023-4135, CVE-2023-42467, CVE-2023-5088
SHA-256 | 822fd59a00f432568a1ff02767caa245fcfcf6843527f21aad32e7fa00321108
OpenSSL Security Advisory 20240109
Posted Jan 9, 2024
Site openssl.org

OpenSSL Security Advisory 20240109 - The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions.

tags | advisory
advisories | CVE-2023-6129
SHA-256 | 96d61a8c58cb14bf75cc794f7eb487fcc526fb0873fe97c3c9779d86fc65cb31
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close