what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2024-01-22

MajorDoMo Command Injection
Posted Jan 22, 2024
Authored by Valentin Lobstein, smcintyre-r7 | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in MajorDoMo versions before 0662e5e.

tags | exploit
advisories | CVE-2023-50917
SHA-256 | a64c3d5f624bfad203f1e2566417514a7d618f792becc950fdc3d537aaa74a64
Ivanti Connect Secure Unauthenticated Remote Code Execution
Posted Jan 22, 2024
Authored by sfewer-r7 | Site metasploit.com

This Metasploit module chains an authentication bypass vulnerability and a command injection vulnerability to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions 9.x and 22.x prior to the vendor mitigation are vulnerable. It is unknown if unsupported versions 8.x and below are also vulnerable.

tags | exploit, remote, code execution, bypass
advisories | CVE-2023-46805, CVE-2024-21887
SHA-256 | 235751e74f9357d3f5aa7ff467bad9f4d651f9abdd57e2b7b20c332ee6e579fa
Packet Fence 13.1.0
Posted Jan 22, 2024
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: This release holds 4 new features, 10 enhancements, and 6 bug fixes.
tags | tool, remote
systems | unix
SHA-256 | a94047116abd15e4d8424e3d8efb27871ba3c8e9f0d4426d64137bef92318a8d
Gentoo Linux Security Advisory 202401-26
Posted Jan 22, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-26 - Multiple vulnerabilities have been found in Apache XML-RPC, the worst of which could result in arbitrary code execution. Versions less than or equal to 3.1.3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2016-5002, CVE-2016-5003, CVE-2019-17570
SHA-256 | e5a4b01ce01a0da4be625d294152099c16e3fe042a0e485ff40acb81e736e82a
Ubuntu Security Notice USN-6587-2
Posted Jan 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6587-2 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | a2f2ac645eb8776253c7cf930c98b38768999c8680aec52b641d1aada93ccae6
Ubuntu Security Notice USN-6591-1
Posted Jan 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6591-1 - Timo Longin discovered that Postfix incorrectly handled certain email line endings. A remote attacker could possibly use this issue to bypass an email authentication mechanism, allowing domain spoofing and potential spamming. Please note that certain configuration changes are required to address this issue. They are not enabled by default for backward compatibility.

tags | advisory, remote, spoof
systems | linux, ubuntu
advisories | CVE-2023-51764
SHA-256 | cd5cc57d32efc49d552e07491f59c17b34bb117d5119591cdbe4d6acf87220b6
EzServer 6.4.017 Denial Of Service
Posted Jan 22, 2024
Authored by Fernando Mengali

EzServer version 6.4.017 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 40ce8670718260143aeca22be1ac711053e5e38099e4a63a2f3ae0d2e32e8784
xbtitFM 4.1.18 SQL Injection / Shell Upload / Traversal
Posted Jan 22, 2024
Authored by Who cares anyway

xbtitFM versions 4.1.18 and below suffer from remote shell upload, remote SQL injection, and path traversal vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection, file inclusion
SHA-256 | ef1507c81f76ecec6734de5bc13c14f9dd0d27fd26b16cae52e43d8b56f7e84b
Golden FTP Server 2.02b Denial Of Service
Posted Jan 22, 2024
Authored by Fernando Mengali

Golden FTP Server version 2.02b remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | db9661030d63a67fedd89939619feabe045fe616d1085e8aebb060bf84a876d1
Traceroute 2.1.2 Privilege Escalation
Posted Jan 22, 2024
Authored by g30ff1rl

In Traceroute versions 2.0.12 through to 2.1.2, the wrapper scripts mishandle shell metacharacters, which can lead to privilege escalation if the wrapper scripts are executed via sudo. The affected wrapper scripts include tcptraceroute, tracepath, traceproto, and traceroute-nanog. Version 2.1.3 addresses this issue.

tags | exploit, shell
advisories | CVE-2023-46316
SHA-256 | eee3332e9c084609d76f6804cef55683b3ac0269232445ffe0616c2e821e1a45
TrojanSpy Win32 Nivdort MVID-2024-0668 Insecure Permissions
Posted Jan 22, 2024
Authored by malvuln | Site malvuln.com

TrojanSpy Win32 Nivdort malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 07b40fbb6021397864a451ae058f9ce4a25bc6a349ce285a033ab5429f0d1070
ProSysInfo TFTP Server TFTPDWIN 0.4.2 Denial Of Service
Posted Jan 22, 2024
Authored by Fernando Mengali

ProSysInfo TFTP Server TFTPDWIN version 0.4.2 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 66e786abe148913defa36dbcbc0f63c2c1443710ace4366f5ef9f1c49191452c
Red Hat Security Advisory 2024-0310-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0310-03 - An update for openssl is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-5363
SHA-256 | d0396378dbfbc86737348e88da6a5be9ca8812adb6f269f14e35deccf3f3cee5
Red Hat Security Advisory 2024-0273-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0273-03 - Red Hat OpenShift Virtualization release 4.12.9 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-39325
SHA-256 | 7d6dc48a300a56764286234cc29b8a38012a8f5f7ce3342fa362205027d419fe
Red Hat Security Advisory 2024-0271-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0271-03 - There is a moderate update for the the Logging Subsystem 5.8.2. Red Hat OpenShift security update.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-26159
SHA-256 | c46cb48839bc4c6e2164b921ecb268f81706c37c46db59aa937e72ac6858f6c8
Red Hat Security Advisory 2024-0268-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat OpenShift security update. Issues addressed include a file disclosure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-38037
SHA-256 | ee60938615c80cda4549885ca7b9234cdff737ddeef22c46e29e5b027a2f4ad5
Red Hat Security Advisory 2024-0204-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0204-03 - Red Hat OpenShift Container Platform release 4.14.9 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-45142
SHA-256 | 13c452422b7d390cd40733ec7dd5ef03b1bcdc41397d15a90f041d64ae8f0ae5
Red Hat Security Advisory 2024-0198-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0198-03 - Red Hat OpenShift Container Platform release 4.12.47 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41723
SHA-256 | a50f43d5a01136740b2ffd6b0cd23e289f41546ac9d11ca66a3284f5669554a5
Red Hat Security Advisory 2024-0193-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0193-03 - An update is now available for Red Hat OpenShift Container Platform 4.13.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20329
SHA-256 | 7d73569ecbfbdf3744880535a156eae4437e33c9a0cb07c053342f205027bf56
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close