exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files Date: 2024-10-01 to 2024-10-31

Zeek 6.0.8
Posted Oct 4, 2024
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Adding to the POP3 hardening in 6.0.7, the parser now simply discards too many pending commands, rather than any attempting to process them. Further, invalid server responses do not result in command completion anymore. Processing out-of-order commands or finishing commands based on invalid server responses could result in inconsistent analyzer state, potentially triggering null pointer references for crafted traffic.
tags | tool, intrusion detection
systems | unix
SHA-256 | 39e6293f11ec9f7d38e08f2eb076a436f384c9bb45ce026f60a4154064f6c1e0
ABB Cylon Aspect 3.07.02 Authenticated File Disclosure
Posted Oct 4, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect version 3.07.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the file GET parameter through the downloadDb.php script is not properly verified before being used to download database files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

tags | exploit, arbitrary, php
SHA-256 | bdeb7b96ce0490816b5aff85c7d91a69137f224971e0d812190f2924733b54d4
Debian Security Advisory 5784-1
Posted Oct 4, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5784-1 - Fabian Vogt reported that the PAM module in oath-toolkit, a collection of components to build one-time password authentication systems, does not safely perform file operations in users's home directories when using the usersfile feature (allowing to place the OTP state in the home directory of the to-be-authenticated user). A local user can take advantage of this flaw for root privilege escalation.

tags | advisory, local, root
systems | linux, debian
advisories | CVE-2024-47191
SHA-256 | 630b245f04eb1a7ff0cfa42251496c38ea3ce7b755c4c145ac3252c552e621aa
Debian Security Advisory 5783-1
Posted Oct 4, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5783-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2024-9392, CVE-2024-9393, CVE-2024-9394, CVE-2024-9401
SHA-256 | d6e973db117eecd0774e6df97f98106f30600a1abd447da40462c767ea65fcb3
TeamViewer Privilege Escalation
Posted Oct 4, 2024
Authored by Peter Gabaldon | Site github.com

Proof of concept code for a flaw in TeamViewer that enables an unprivileged user to load an arbitrary kernel driver into the system.

tags | exploit, arbitrary, kernel, proof of concept
advisories | CVE-2024-7479, CVE-2024-7481
SHA-256 | 8e84c906525cb3028d5e2434a5ce1ee9c2d79ef078f6024e17e16888fa959853
Ubuntu Security Notice USN-7053-1
Posted Oct 4, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7053-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or potentially leak sensitive information. These vulnerabilities included heap and stack-based buffer overflows, memory leaks, and improper handling of uninitialized values.

tags | advisory, denial of service, overflow, vulnerability, memory leak
systems | linux, ubuntu
advisories | CVE-2019-13135, CVE-2019-13301, CVE-2019-13307, CVE-2019-13454, CVE-2019-16708, CVE-2019-16712, CVE-2019-7175
SHA-256 | c46fa2a8f39b4ff10e8c0dddf0bf320de57a6dc38c9be5fef165226cc363c4a8
Debian Security Advisory 5782-1
Posted Oct 4, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5782-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2023-31083, CVE-2024-27017, CVE-2024-35937, CVE-2024-35943, CVE-2024-35966, CVE-2024-40972, CVE-2024-41016, CVE-2024-41096, CVE-2024-41098, CVE-2024-42228, CVE-2024-42314, CVE-2024-43835, CVE-2024-43859, CVE-2024-43884
SHA-256 | 6b1995cd75513141f3e03b2f430413db5d1f10bd1835463af1502d9622c439b4
Ubuntu Security Notice USN-7055-1
Posted Oct 4, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7055-1 - Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that FreeRADIUS incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses, bypass authentication, and access network devices and services. This update introduces new configuration options called "limit_proxy_state" and "require_message_authenticator" that default to "auto" but should be set to "yes" once all RADIUS devices have been upgraded on a network.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2024-3596
SHA-256 | 271871d1420a0528a26685e8ce5cbcd406f9ca78469177524e1728fd0cf2771e
MD-Pro 1.0.76 Shell Upload / SQL Injection
Posted Oct 4, 2024
Authored by Emiliano Febbi

MD-Pro version 1.0.76 suffers from remote SQL injection and shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | b641856919de4d5b0a61bc35a8e30fb6042f78f529af33b52af81ec5d5f73c4e
Computer Laboratory Management System 2024 1.0 Cross Site Scripting
Posted Oct 4, 2024
Authored by nu11secur1ty

Computer Laboratory Management System 2024 version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1fcd86678b2635e2cdd7247396f54562591ba9b9d9952cdb8f0ee3191c2cbf7a
Ubuntu Security Notice USN-7054-1
Posted Oct 4, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7054-1 - It was discovered that unzip did not properly handle unicode strings under certain circumstances. If a user were tricked into opening a specially crafted zip file, an attacker could possibly use this issue to cause unzip to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-4217
SHA-256 | f929b28b770364cb20cced4b9f7c68ae7cbf43c718918fb91835f47e7343078f
Acronis Cyber Infrastructure 5.0.1-61 Cross Site Request Forgery
Posted Oct 4, 2024
Authored by indoushka

Acronis Cyber Infrastructure version 5.0.1-61 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c2eceedb5e5bb0efa35e17bc56bd524328eb69b0a4975863b7ddd165b1b73695
Vehicle Service Management System 1.0 WYSIWYG Code Injection
Posted Oct 4, 2024
Authored by indoushka

Vehicle Service Management System version 1.0 suffers from a WYSIWYG code injection vulnerability.

tags | exploit
SHA-256 | daeb244d9db94e371d9cc2e37a40f07b6ca949b734ea683afcbe95ac4b4ca130
Vehicle Service Management System 1.0 Code Injection
Posted Oct 4, 2024
Authored by indoushka

Vehicle Service Management System version 1.0 suffers from a PHP code injection vulnerability.

tags | exploit, php
SHA-256 | f9fcf44105743a3a54ea4970cafe882eab97bba4a5694154f79b99123f25e133
Transport Management System 1.0 Arbitrary File Upload
Posted Oct 4, 2024
Authored by indoushka

Transport Management System version 1.0 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | 1cd66e393ca7966dfbaac0ad1a1b3a444b9752a015b512e8517095c91f4717e2
Transport Management System 1.0 Code Injection
Posted Oct 4, 2024
Authored by indoushka

Transport Management System version 1.0 suffers from a PHP code injection vulnerability.

tags | exploit, php
SHA-256 | cd5dd78857336257ee61bcf76cd477a9fa12e3c595be519cef024af5bed57cdb
ManageEngine ADManager 7183 Password Hash Disclosure
Posted Oct 4, 2024
Authored by indoushka

ManageEngine ADManager version 7183 suffers from a password hash disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | ddade0c8d44290aca9a54f0c1621504614026325fdfa745fc4d9c008c6feca03
fastrpc_mmap_create Use-After-Free
Posted Oct 4, 2024
Authored by Google Security Research, Seth Jenkins

A condition exists when fastrpc_mmap_create creates a new globally visible mapping that can lead to a use-after-free.

tags | exploit
advisories | CVE-2024-33060
SHA-256 | f676785fdf4478de819b5665c9ba33c67535e75932f2e0c3889dcb7a0811f410
fastrpc_mmap_find Information Leak
Posted Oct 4, 2024
Authored by Google Security Research, Seth Jenkins

An incorrect searching algorithm in fastrpc_mmap_find can lead to kernel address space information leaks.

tags | advisory, kernel
advisories | CVE-2024-33060
SHA-256 | 46fa1c601050810eb66a262de97a8b9a9dbe879e08b68141820f5aeffa5d1da5
Android qrtr_bpf_filter_detach Double-Free / Use-After-Free
Posted Oct 4, 2024
Authored by Google Security Research

There appears to be some (possibly deprecated) code associated with AF_QIPCRTR sockets in bpf_service.c. Within this file are some ioctl handlers - e.g. qrtr_bpf_filter_attach and qrtr_bpf_filter_detach. In the case of qrtr_bpf_filter_detach, the global pointer bpf_filter is fetched and freed while only holding a socket lock (and an irrelevant rcu_read_lock) - this may lead directly to double frees or use-after-free (kernel memory corruption) if a malicious user is able to call the QRTR_DETTACH_BPF ioctl on multiple AF_QIPCRTR sockets at once. Based on Android SELinux files, it appears this may be possible from some lower-privileged vendor and HAL services.

tags | advisory, kernel
advisories | CVE-2024-38401
SHA-256 | 9a1258e6adb1b608d6d8bf4e2c0f15fb713920d26890f57e49ad4ff67b1e99c1
Haveged 1.9.19
Posted Oct 3, 2024
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: Added --time_interval N to add entropy unconditionally every N seconds. Now synchronizes haveged instances during switch root. Fixed warnings in 90-haveged.rules.
tags | tool
systems | linux, unix
SHA-256 | acbb05776668657012273be9bb3310e3140b79959aa4538e4cca8d30d40c0b8f
Ubuntu Security Notice USN-7021-4
Posted Oct 3, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7021-4 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-26677, CVE-2024-38570, CVE-2024-39496
SHA-256 | f5bd65d2898e9829d211a6a95b234a34eb25f17b8ac37caf94966dce73810534
Debian Security Advisory 5781-1
Posted Oct 3, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5781-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2024-7025, CVE-2024-9369, CVE-2024-9370
SHA-256 | 1ef039858c6f77289a0121b0f10830b4ab7779904de169e39eb4e8d6420d6fe6
Acronis Cyber Infrastructure Default Password Remote Code Execution
Posted Oct 3, 2024
Authored by h00die-gr3y, Acronis International GmbH | Site metasploit.com

Acronis Cyber Infrastructure (ACI) is an IT infrastructure solution that provides storage, compute, and network resources. Businesses and Service Providers are using it for data storage, backup storage, creating and managing virtual machines and software-defined networks, running cloud-native applications in production environments. This Metasploit module exploits a default password vulnerability in ACI which allow an attacker to access the ACI PostgreSQL database and gain administrative access to the ACI Web Portal. This opens the door for the attacker to upload SSH keys that enables root access to the appliance/server. This attack can be remotely executed over the WAN as long as the PostgreSQL and SSH services are exposed to the outside world. ACI versions 5.0 before build 5.0.1-61, 5.1 before build 5.1.1-71, 5.2 before build 5.2.1-69, 5.3 before build 5.3.1-53, and 5.4 before build 5.4.4-132 are vulnerable.

tags | exploit, web, root
advisories | CVE-2023-45249
SHA-256 | 07990b1f6994d1629f554b31888e1fa6a36fccc954738c75a95e2ac86e270498
dizqueTV 1.5.3 Remote Code Execution
Posted Oct 3, 2024
Authored by Ahmed Said Saud Al-Busaidi

dizqueTV version 1.5.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | b18cb14167c97952ef1684789d6a48b83e5c1338a0677edc0b3eaef195497b45
Page 1 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close