exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2023-02-14 to 2023-02-15

Cisco RV Series Authentication Bypass / Command Injection
Posted Feb 14, 2023
Authored by jbaines-r7, Biem Pham, Neterum | Site metasploit.com

This Metasploit module exploits two vulnerabilities, a session ID directory traversal authentication bypass (CVE-2022-20705) and a command injection vulnerability (CVE-2022-20707), on Cisco RV160, RV260, RV340, and RV345 Small Business Routers, allowing attackers to execute arbitrary commands with www-data user privileges. This access can then be used to pivot to other parts of the network. This module works on firmware versions 1.0.03.24 and below.

tags | exploit, arbitrary, vulnerability
systems | cisco
advisories | CVE-2022-20705, CVE-2022-20707
SHA-256 | 8f357dca4573211d50b6f130d21f75a79dc9fb95c2a848b06f3a207e3819eb8e
Ubuntu Security Notice USN-5868-1
Posted Feb 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5868-1 - Jakob Ackermann discovered that Django incorrectly handled certain file uploads. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service, file upload
systems | linux, ubuntu
advisories | CVE-2023-24580
SHA-256 | 11a790e108af509c2a344551f20a1e04c908295aa88e7d1ada09f38e4bf64cc5
Red Hat Security Advisory 2023-0752-01
Posted Feb 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0752-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-2601, CVE-2022-3775
SHA-256 | af66df485ac2959fceb686eff1cf8754215695de74fe4b3124ea36fd1ce5c6e9
Debian Security Advisory 5347-1
Posted Feb 14, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5347-1 - Bryan Gonzalez discovered that the PNG support in Imagemagick could be tricked into embedding the content of an arbitrary file when converting an image file.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2022-44267, CVE-2022-44268
SHA-256 | 175fd77c9755935caa5312662b16cbab3766492c621575380e03418054183b63
Red Hat Security Advisory 2023-0742-01
Posted Feb 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0742-01 - Red Hat Update Infrastructure offers a highly scalable, highly redundant framework that enables you to manage repositories and content. It also enables cloud providers to deliver content and updates to Red Hat Enterprise Linux instances. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-44420, CVE-2022-41323
SHA-256 | d99d91c8f51cbd2dc6058a00325b83debf6066c4e2ed657056d4bd1e3cfa188a
Ubuntu Security Notice USN-5864-1
Posted Feb 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5864-1 - Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-14275, CVE-2020-21530, CVE-2020-21531, CVE-2020-21534, CVE-2020-21535, CVE-2021-32280, CVE-2021-3561
SHA-256 | f151138c147526e359fcd2cc198ff861b6290f5bcc97f6afcd130f27235fe545
XNU Race Condition / Use-After-Free
Posted Feb 14, 2023
Authored by Google Security Research, nedwill

XNU has a race condition leading to use-after-free between the NFSSVC_NFSD command and an upcall worker thread.

tags | advisory
SHA-256 | 558e5741f83f094c1d723a718badc745f6249cf15cef1cd4a50ca6eee80f69f8
XWorm Trojan 2.1 NULL Pointer Dereference
Posted Feb 14, 2023
Authored by Touhami Kasbaoui

XWorm Trojan version 2.1 suffers from a denial of service condition due to a null pointer vulnerability.

tags | exploit, denial of service, trojan
SHA-256 | 218bd6226ffba65f996ca7ad7af99a05782d1270eea9553e6c70e53ec943a018
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close