exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2024-01-22 to 2024-01-23

MajorDoMo Command Injection
Posted Jan 22, 2024
Authored by Valentin Lobstein, smcintyre-r7 | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in MajorDoMo versions before 0662e5e.

tags | exploit
advisories | CVE-2023-50917
SHA-256 | a64c3d5f624bfad203f1e2566417514a7d618f792becc950fdc3d537aaa74a64
Ivanti Connect Secure Unauthenticated Remote Code Execution
Posted Jan 22, 2024
Authored by sfewer-r7 | Site metasploit.com

This Metasploit module chains an authentication bypass vulnerability and a command injection vulnerability to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions 9.x and 22.x prior to the vendor mitigation are vulnerable. It is unknown if unsupported versions 8.x and below are also vulnerable.

tags | exploit, remote, code execution, bypass
advisories | CVE-2023-46805, CVE-2024-21887
SHA-256 | 235751e74f9357d3f5aa7ff467bad9f4d651f9abdd57e2b7b20c332ee6e579fa
Packet Fence 13.1.0
Posted Jan 22, 2024
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: This release holds 4 new features, 10 enhancements, and 6 bug fixes.
tags | tool, remote
systems | unix
SHA-256 | a94047116abd15e4d8424e3d8efb27871ba3c8e9f0d4426d64137bef92318a8d
Gentoo Linux Security Advisory 202401-26
Posted Jan 22, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-26 - Multiple vulnerabilities have been found in Apache XML-RPC, the worst of which could result in arbitrary code execution. Versions less than or equal to 3.1.3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2016-5002, CVE-2016-5003, CVE-2019-17570
SHA-256 | e5a4b01ce01a0da4be625d294152099c16e3fe042a0e485ff40acb81e736e82a
Ubuntu Security Notice USN-6587-2
Posted Jan 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6587-2 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | a2f2ac645eb8776253c7cf930c98b38768999c8680aec52b641d1aada93ccae6
Ubuntu Security Notice USN-6591-1
Posted Jan 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6591-1 - Timo Longin discovered that Postfix incorrectly handled certain email line endings. A remote attacker could possibly use this issue to bypass an email authentication mechanism, allowing domain spoofing and potential spamming. Please note that certain configuration changes are required to address this issue. They are not enabled by default for backward compatibility.

tags | advisory, remote, spoof
systems | linux, ubuntu
advisories | CVE-2023-51764
SHA-256 | cd5cc57d32efc49d552e07491f59c17b34bb117d5119591cdbe4d6acf87220b6
EzServer 6.4.017 Denial Of Service
Posted Jan 22, 2024
Authored by Fernando Mengali

EzServer version 6.4.017 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 40ce8670718260143aeca22be1ac711053e5e38099e4a63a2f3ae0d2e32e8784
xbtitFM 4.1.18 SQL Injection / Shell Upload / Traversal
Posted Jan 22, 2024
Authored by Who cares anyway

xbtitFM versions 4.1.18 and below suffer from remote shell upload, remote SQL injection, and path traversal vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection, file inclusion
SHA-256 | ef1507c81f76ecec6734de5bc13c14f9dd0d27fd26b16cae52e43d8b56f7e84b
Golden FTP Server 2.02b Denial Of Service
Posted Jan 22, 2024
Authored by Fernando Mengali

Golden FTP Server version 2.02b remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | db9661030d63a67fedd89939619feabe045fe616d1085e8aebb060bf84a876d1
Traceroute 2.1.2 Privilege Escalation
Posted Jan 22, 2024
Authored by g30ff1rl

In Traceroute versions 2.0.12 through to 2.1.2, the wrapper scripts mishandle shell metacharacters, which can lead to privilege escalation if the wrapper scripts are executed via sudo. The affected wrapper scripts include tcptraceroute, tracepath, traceproto, and traceroute-nanog. Version 2.1.3 addresses this issue.

tags | exploit, shell
advisories | CVE-2023-46316
SHA-256 | eee3332e9c084609d76f6804cef55683b3ac0269232445ffe0616c2e821e1a45
TrojanSpy Win32 Nivdort MVID-2024-0668 Insecure Permissions
Posted Jan 22, 2024
Authored by malvuln | Site malvuln.com

TrojanSpy Win32 Nivdort malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 07b40fbb6021397864a451ae058f9ce4a25bc6a349ce285a033ab5429f0d1070
ProSysInfo TFTP Server TFTPDWIN 0.4.2 Denial Of Service
Posted Jan 22, 2024
Authored by Fernando Mengali

ProSysInfo TFTP Server TFTPDWIN version 0.4.2 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 66e786abe148913defa36dbcbc0f63c2c1443710ace4366f5ef9f1c49191452c
Red Hat Security Advisory 2024-0310-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0310-03 - An update for openssl is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-5363
SHA-256 | d0396378dbfbc86737348e88da6a5be9ca8812adb6f269f14e35deccf3f3cee5
Red Hat Security Advisory 2024-0273-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0273-03 - Red Hat OpenShift Virtualization release 4.12.9 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-39325
SHA-256 | 7d6dc48a300a56764286234cc29b8a38012a8f5f7ce3342fa362205027d419fe
Red Hat Security Advisory 2024-0271-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0271-03 - There is a moderate update for the the Logging Subsystem 5.8.2. Red Hat OpenShift security update.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-26159
SHA-256 | c46cb48839bc4c6e2164b921ecb268f81706c37c46db59aa937e72ac6858f6c8
Red Hat Security Advisory 2024-0268-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat OpenShift security update. Issues addressed include a file disclosure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-38037
SHA-256 | ee60938615c80cda4549885ca7b9234cdff737ddeef22c46e29e5b027a2f4ad5
Red Hat Security Advisory 2024-0204-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0204-03 - Red Hat OpenShift Container Platform release 4.14.9 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-45142
SHA-256 | 13c452422b7d390cd40733ec7dd5ef03b1bcdc41397d15a90f041d64ae8f0ae5
Red Hat Security Advisory 2024-0198-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0198-03 - Red Hat OpenShift Container Platform release 4.12.47 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41723
SHA-256 | a50f43d5a01136740b2ffd6b0cd23e289f41546ac9d11ca66a3284f5669554a5
Red Hat Security Advisory 2024-0193-03
Posted Jan 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0193-03 - An update is now available for Red Hat OpenShift Container Platform 4.13.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20329
SHA-256 | 7d73569ecbfbdf3744880535a156eae4437e33c9a0cb07c053342f205027bf56
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close