exploit the possibilities
Showing 1 - 25 of 45 RSS Feed

Files Date: 2022-05-12 to 2022-05-13

Red Hat Security Advisory 2022-2234-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2234-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-24070
SHA-256 | c5662ed7973bea954f1d6fe749afaf1dd6826476ffa03aab059638d156549086
Red Hat Security Advisory 2022-2237-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2237-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-24070
SHA-256 | 18d4b592633999696d3ed74d1bb2fbebffbd1bb191c35cff989afd157179fc81
Red Hat Security Advisory 2022-2232-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2232-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 8.3.1 replaces Data Grid 8.3.0 and includes bug fixes and enhancements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-38153, CVE-2022-0084
SHA-256 | 057c7f8520ab2ed56e7d9e82678764871158a2cd733dc5a66c8955746dc99b8f
Ransom.REvil MVID-2022-0600 Code Execution
Posted May 12, 2022
Authored by malvuln | Site malvuln.com

REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's flaw does the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | 523695a11b3ac263c4750ad26a0863bafd1277bc8d7ee5e5f09039a4c903c94c
Ransom.REvil MVID-2022-0599 Code Execution
Posted May 12, 2022
Authored by malvuln | Site malvuln.com

REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's flaw does the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | c812238e5aec810b86cabbd3dbd8ea70c29dd0b071934148238665f8001da715
Ransom.REvil MVID-2022-0598 Code Execution
Posted May 12, 2022
Authored by malvuln | Site malvuln.com

REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's flaw does the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | aa6d045f0425bce26082463e9007553e34835ed1462eb3775f23793b2efde0b9
Ransom.REvil MVID-2022-0597 Code Execution
Posted May 12, 2022
Authored by malvuln | Site malvuln.com

REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's flaw does the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | e50e0f8dd0340a49a1f263f8304a8f67e25520134dc09f97a203083bb23437ee
Ransom.REvil MVID-2022-0595 Code Execution
Posted May 12, 2022
Authored by malvuln | Site malvuln.com

REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's flaw does the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | 4c448e0e5a0914fcc57d5d435b52042feff16ca95bf5c04fea342caeb1515eac
F5 BIG-IP iControl Remote Code Execution
Posted May 12, 2022
Authored by Alt3kx, Ron Bowes, Heyder Andrade, James Horseman | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in the F5 BIG-IP iControl REST service to gain access to the admin account, which is capable of executing commands through the /mgmt/tm/util/bash endpoint. Successful exploitation results in remote code execution as the root user.

tags | exploit, remote, root, code execution, bash, bypass
advisories | CVE-2022-1388
SHA-256 | bb3a5bef34f53053f0da7eec9cad038bc4f47a0997b2e9cd601a17a1f034a0ad
Ubuntu Security Notice USN-5417-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5417-1 - Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-26401, CVE-2022-20008, CVE-2022-25258, CVE-2022-25375, CVE-2022-26490, CVE-2022-26966, CVE-2022-27223, CVE-2022-29156
SHA-256 | 337688d78bd8984c56f452e4bee794482d878f55146f535c4c249b641b2b5f51
Ubuntu Security Notice USN-5418-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5418-1 - Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in the guest.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2021-26401, CVE-2022-23039, CVE-2022-23040, CVE-2022-24958, CVE-2022-25258, CVE-2022-25375, CVE-2022-26490, CVE-2022-26966, CVE-2022-27223
SHA-256 | 5d59c806b66497edbb6af2992f2ae5cce0fa7a093060f86f2d7fbcd7da204b10
Ubuntu Security Notice USN-5416-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5416-1 - Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-1158, CVE-2022-1516, CVE-2022-28388, CVE-2022-28389, CVE-2022-28390
SHA-256 | 7fdbee8afc9e35d51c815cc5cf37dff16b83556969d0fb1ee6bfdc2a05f5d92c
Ubuntu Security Notice USN-5415-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5415-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27820, CVE-2021-26401, CVE-2022-1016, CVE-2022-20008, CVE-2022-25258, CVE-2022-25375, CVE-2022-26490, CVE-2022-27223
SHA-256 | 691a35428f308c736b0b1c54fe6cb68b24805afc0173f36b49281af792f6943a
AppleVideoDecoder CreateHeaderBuffer Out-Of-Bounds Free
Posted May 12, 2022
Authored by Google Security Research, natashenka

AppleVideoDecoder suffers from an out-of-bounds free vulnerability. The attached video file contains a malformed HEVC Decoder Configuration Record that leads to an out-of-bounds free in CreateHeaderBuffer. When copying the VPS, PPS and SPS, the destination pointer is incremented, and if the copied data is larger than the length specified in the input file, it breaks and falls through to a condition that frees the destination pointer, even though it has been incremented. This could free the chunk allocated next to the destination memory.

tags | exploit
advisories | CVE-2022-22666
SHA-256 | a49f6411c8b8733ea1c031b562f4509169b737f83ae46d802b8cf4aed5bd1cb1
Ubuntu Security Notice USN-5413-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5413-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27820, CVE-2021-39713, CVE-2021-4157, CVE-2022-26490, CVE-2022-27223, CVE-2022-28390
SHA-256 | 91244b1f084946d306199917a00cb07c4faa804148fb749c2918a68baf634f4c
Red Hat Security Advisory 2022-2200-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2200-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 5.0.214 and .NET Core Runtime 5.0.17. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-23267, CVE-2022-29117, CVE-2022-29145
SHA-256 | c26287d55371cc0fbad8705a00866c1ec71787f8f77d0897d0b27a77031404b2
Red Hat Security Advisory 2022-2216-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2216-01 - Logging Subsystem 5.4.1 - Red Hat OpenShift. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-37136, CVE-2021-37137, CVE-2021-4028, CVE-2021-43797, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21496, CVE-2022-21698, CVE-2022-25636
SHA-256 | e8448d15067ef4e108e62dd39572f25de537bd0cc05255cb4ff9f26a2036af6d
Red Hat Security Advisory 2022-2199-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2199-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 6.0.105 and .NET Core Runtime 6.0.5. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-23267, CVE-2022-29117, CVE-2022-29145
SHA-256 | 1e7e6b27d176a2a91d3a626c402f344cbea3b1ba3af564d03413c64636e4f0eb
Red Hat Security Advisory 2022-2218-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2218-01 - Openshift Logging Bug Fix Release. Issues addressed include HTTP request smuggling, denial of service, and man-in-the-middle vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-37136, CVE-2021-37137, CVE-2021-4028, CVE-2021-43797, CVE-2022-0759, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21496, CVE-2022-21698, CVE-2022-25636
SHA-256 | 0c5927e91c79b433162241dc82bdfd0e2fdad1d3d97c1f4a6ed341b8c4358a0b
Red Hat Security Advisory 2022-2210-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2210-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2022-0918
SHA-256 | f7cfe142be300e0543c65804cacffd8c136506e51bc9d8cdf64d990f4c7723d1
Red Hat Security Advisory 2022-2201-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2201-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032
SHA-256 | 90d79fe9668c544f11dd426f645dea29a0d0f1ff3e041e19daaead1a2c11fca6
Red Hat Security Advisory 2022-2186-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2186-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-4028, CVE-2022-0492
SHA-256 | a847e5c70c5289c712f0df28eb12a731d4e74f077f18cf417aae88f5d9d94fef
Red Hat Security Advisory 2022-2197-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2197-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032
SHA-256 | b101b00a59e130de1e5bf9ae8a1bc4d33c75cacfcb70a0ae32d6d94497e73bc8
Red Hat Security Advisory 2022-2202-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2202-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.419 and .NET Core Runtime 3.1.25. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-23267, CVE-2022-29117, CVE-2022-29145
SHA-256 | f45ac7d7bdc8cc5c2e56437d7000ad31f99336575de58153fba89b2724dea9d1
Red Hat Security Advisory 2022-2214-01
Posted May 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2214-01 - The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032
SHA-256 | d0b4e87a42f4f91f9529f86431f6fc6cd4dd5f8d5e4d19596e13027358f98a1b
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close