what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2022-10-05 to 2022-10-06

Remote Mouse 4.110 Remote Code Execution
Posted Oct 5, 2022
Authored by h00die, 0rphon, H4rk3nz0 | Site metasploit.com

This Metasploit module utilizes the Remote Mouse Server by Emote Interactive protocol to deploy a payload and run it from the server. This module will only deploy a payload if the server is set without a password (default). Tested against 4.110, current at the time of module writing.

tags | exploit, remote, protocol
advisories | CVE-2022-3365
SHA-256 | c755856cc22f5c73769a789fca2bba93c17cf5a3be391dbe30fc988e69e8e0bc
Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation
Posted Oct 5, 2022
Authored by h00die, Maher Azzouzi | Site metasploit.com

This Metasploit module exploits a command injection within Enlightenment's enlightenment_sys binary. This is done by calling the mount command and feeding it paths which meet all of the system requirements, but execute a specific path as well due to a semi-colon being used. This module was tested on Ubuntu 22.04.1 X64 Desktop with enlightenment 0.25.3-1 (current at module write time).

tags | exploit
systems | linux, ubuntu
advisories | CVE-2022-37706
SHA-256 | 2d952d42924466b709a23b5f40edb0a8dcb5cde23f8d5e429d729b94fe696986
Wireshark Analyzer 4.0.0
Posted Oct 5, 2022
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: The macOS packages now ship with Qt 6.2.4 and require macOS 10.14. They previously shipped with Qt 5.15.3. The Windows installers now ship with Npcap 1.71. They previously shipped with Npcap 1.70.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 3dc125ef85e85c2a756a74cc739b3eb11ce38e30a08e085e77d378ee7fdcaded
Ubuntu Security Notice USN-5656-1
Posted Oct 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5656-1 - Joseph Yasi discovered that JACK incorrectly handled the closing of a socket in certain conditions. An attacker could potentially use this issue to cause a crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13351
SHA-256 | 2938b332ff341cbc2af61547c5eedcae82d7415cb363eb4869942690c23880f5
Red Hat Security Advisory 2022-6782-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6782-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-42392, CVE-2021-43797, CVE-2022-0084, CVE-2022-0225, CVE-2022-0866, CVE-2022-2256, CVE-2022-2668
SHA-256 | 3f148abf3e1d7783fdbb7b295faf665cc66091c74ed2574ed8bb517021defb68
Red Hat Security Advisory 2022-6777-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6777-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-41318
SHA-256 | a38afbfa72d96b4ed3b0bfcc500f4af4ca4981c420591e17fdb42ff269ee0db8
Red Hat Security Advisory 2022-6780-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6780-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 7317da340d674c2d8ce692b5b36244ed740f2c4167017da30464bb42c6caf71f
Red Hat Security Advisory 2022-6779-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6779-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 705f768a61d4f507cee20f3b3f7b33cc30f2db1fc918abd572a54071fc080846
Red Hat Security Advisory 2022-6778-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6778-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 781202c28e5a3d8289433d15b4535b9c6ca36818f40069d8c5b9f982d754b0ed
Red Hat Security Advisory 2022-6776-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6776-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-41318
SHA-256 | f5d39ae350312fb0b464023fc94711cbd49472f95446009488173fbcf8643c4d
Red Hat Security Advisory 2022-6774-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6774-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-41318
SHA-256 | d27ae77679f02fb0a2e0c9b04ec7ff5bc8d98118773d54e2faa74e9efd3b4cd2
Red Hat Security Advisory 2022-6775-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6775-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-41318
SHA-256 | cbad397e021455eccf78872f54eb02f133c168f7e386594ebd569fa42884637a
Red Hat Security Advisory 2022-6781-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6781-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-3080, CVE-2022-38177, CVE-2022-38178
SHA-256 | 4a082bb009ab8361bc3b0cc6e4d366ace8d79f220e2ab35018a9886dc46c6a63
Red Hat Security Advisory 2022-6787-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6787-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-42392, CVE-2021-43797, CVE-2022-0084, CVE-2022-0225, CVE-2022-0866, CVE-2022-2256, CVE-2022-2668
SHA-256 | 271756341073654fcee5cc794ed943b6caf607b6082cce3ac034db8a5cd1903a
Red Hat Security Advisory 2022-6783-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6783-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-42392, CVE-2021-43797, CVE-2022-0084, CVE-2022-0225, CVE-2022-0866, CVE-2022-2256, CVE-2022-2668
SHA-256 | c634291e814c5d71d9282254b7ea4a4726267ec9b38abf7abd26f66ed5f82571
Ubuntu Security Notice USN-5655-1
Posted Oct 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5655-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-2318, CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33743, CVE-2022-33744, CVE-2022-34494, CVE-2022-36946
SHA-256 | 3aaf61e627554b283ddaefe994cfe40ef2e17fd36cf71b9be833439e1bc03998
Ubuntu Security Notice USN-5654-1
Posted Oct 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5654-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-1729, CVE-2022-2503, CVE-2022-32296, CVE-2022-36946
SHA-256 | fcef8524d85c9359df4ccd3789bdc823a684d3646a9a354909cc72b92658548a
Canteen Management 1.0-2022 Cross Site Scripting
Posted Oct 5, 2022
Authored by nu11secur1ty

Canteen Management version 1.0-2022 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e458d8a49273df30cb443ba56b148013399d2b2e2d68fe4bf8b689343bae5ee8
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    27 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close