exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2024-01-24 to 2024-01-25

Zeek 6.0.3
Posted Jan 24, 2024
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release fixes 1 security bug and 6 non-security bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 227edf0e1e6b54dc9893cfd1ecd8621291cc85d1d06808874394aad555f8a8a4
GL.iNet Unauthenticated Remote Command Execution
Posted Jan 24, 2024
Authored by h00die-gr3y, DZONERZY | Site metasploit.com

A command injection vulnerability exists in multiple GL.iNet network products, allowing an attacker to inject and execute arbitrary shell commands via JSON parameters at the gl_system_log and gl_crash_log interface in the logread module. This Metasploit exploit requires post-authentication using the Admin-Token cookie/sessionID (SID), typically stolen by the attacker. However, by chaining this exploit with vulnerability CVE-2023-50919, one can bypass the Nginx authentication through a Lua string pattern matching and SQL injection vulnerability. The Admin-Token cookie/SID can be retrieved without knowing a valid username and password. Many products are vulnerable.

tags | exploit, arbitrary, shell, sql injection
advisories | CVE-2023-50445, CVE-2023-50919
SHA-256 | b2bca998991626f23b36c98d002d2080249ea5f70d1ddbf836bc60a85c0470df
Saltstack Minion Payload Deployer
Posted Jan 24, 2024
Authored by h00die, c2Vlcgo | Site metasploit.com

This Metasploit exploit module uses saltstack salt to deploy a payload and run it on all targets which have been selected (default all). Currently only works against nix targets.

tags | exploit
SHA-256 | 089952eb6cbf532bc25c3176998f1732aa55627e24f74d1317773bc48528a206
Gentoo Linux Security Advisory 202401-29
Posted Jan 24, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-29 - A vulnerability has been discovered in sudo which can lead to execution manipulation through rowhammer-style memory manipulation. Versions less than 1.9.15_p2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2023-42465
SHA-256 | c143e72940de2f1c32f8d40256913db81b8bf24204c3b33d0e07ab146d0af245
Gentoo Linux Security Advisory 202401-28
Posted Jan 24, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-28 - Multiple vulnerabilities have been discovered in GOCR, the worst of which could lead to arbitrary code execution. Versions below or equal to 0.52-r1 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2021-33479, CVE-2021-33480, CVE-2021-33481
SHA-256 | 6fc7dddef1557df666bc93f37aa520ad50514ef1ce878fb8642ee85c979fe0ed
Debian Security Advisory 5604-1
Posted Jan 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5604-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking sensitive data to log files, denial of service or bypass of sandbox restrictions.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
SHA-256 | 25108b8a08605a9bce524bb051d237998769db2d9c500fc6fcae6a5d10cb1173
Ubuntu Security Notice USN-6596-1
Posted Jan 24, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6596-1 - It was discovered that Apache::Session::LDAP incorrectly handled invalid X.509 certificates. If a user or an automated system were tricked into opening a specially crafted invalid X.509 certificate, a remote attacker could possibly use this issue to perform spoofing and obtain sensitive information.

tags | advisory, remote, spoof
systems | linux, ubuntu
advisories | CVE-2020-36658
SHA-256 | 648f53945f35e3b5a8f8450fb3c2d2f3f18eee03cb15064323f9661e13fbc080
Red Hat Security Advisory 2024-0381-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0381-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-2163
SHA-256 | efdbfa0ef3d75feae3bac1603132f7ffa28bd7da0f04de8568a24ec4c563b305
Red Hat Security Advisory 2024-0378-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0378-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2023-2163
SHA-256 | 05369fc29d2e250d5abc52bc4a100600fa926587abbf4341a7afc37973bdc699
Red Hat Security Advisory 2024-0376-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0376-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-2163
SHA-256 | 99df553bf670245ea57409bb670a32b2a4b4ac9da7932278aecb483005a1f1cd
Red Hat Security Advisory 2024-0374-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0374-03 - An update for python-pip is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a traversal vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2007-4559
SHA-256 | aca7268546fe5f209e0fa0512ae242587576a7d22a54acf950b7abcdf24acef6
Red Hat Security Advisory 2024-0371-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0371-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-42753
SHA-256 | bcff02c4ab2cee65f1d0c78f46d013a7803b2ab50b3df645a9521c51a6c36292
Red Hat Security Advisory 2024-0347-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0347-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-42753
SHA-256 | caac303ef44faa91543aae28d16b4fcc89acdd1d124c830f7a7491d5dec8e02b
Red Hat Security Advisory 2024-0346-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0346-03 - An update for kernel is now available for Red Hat Enterprise Linux 7.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-42753
SHA-256 | 83f80ef6f2ed477c1ec131a801e8f01c6bd6e072945fc43503e009b6f0aea9ea
Red Hat Security Advisory 2024-0345-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0345-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 7.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2023-44271
SHA-256 | 577f221d2e76f426fe238a8135c7fae4c7d1338480e41329e362e8922a5d1576
Red Hat Security Advisory 2024-0343-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0343-03 - An update for LibRaw is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-32142
SHA-256 | 075d7069c79ec7e12b87469938c378682c5007a7c2ff8646d54827ddac707a4a
Red Hat Security Advisory 2024-0340-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0340-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3812
SHA-256 | dab68529b81279c9fc67dc5aa812d200f1c9f79fc5cab36fd927305135b37f1f
Red Hat Security Advisory 2024-0337-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0337-03 - Updated images are now available for Red Hat Advanced Cluster Security 4.2.4. The updated images includes security fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-5868
SHA-256 | 19db80999a77e4ecb8dde82547a8badfdbf0c2a5a8ecd5b431a7cd5d48b66672
Red Hat Security Advisory 2024-0293-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0293-03 - Red Hat OpenShift Container Platform release 4.14.10 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29406
SHA-256 | b9617c742c1952bb71f5efa61a3ecba1f86618087a9fd9f38b7a9b98f45a79f9
Red Hat Security Advisory 2024-0292-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0292-03 - Red Hat build of MicroShift release 4.14.10 is now available with updates to packages and images that fix several bugs.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-29409
SHA-256 | fe3f9cc6b23f67d337419f1bd8e7c5a5e680199779cf1aea42105d23bb5f5172
Red Hat Security Advisory 2024-0290-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0290-03 - Red Hat OpenShift Container Platform release 4.14.10 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-39325
SHA-256 | e51d95e8f7abd8b3cad2fb79d59dd19b709f17a3b1cdd651c8441d81900c5b7b
Red Hat Security Advisory 2024-0288-03
Posted Jan 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0288-03 - Red Hat OpenShift Container Platform release 4.13.30 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-47108
SHA-256 | bce672f8eac787c14f0dca12101a53da182c172b3ee819dcabd2169baf60d4b6
Debian Security Advisory 5603-1
Posted Jan 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5603-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | 65170e720390016746938ce39410c03723012788646a60ef3f1d3cd9788338a3
Gentoo Linux Security Advisory 202401-27
Posted Jan 24, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-27 - Multiple vulnerabilities have been discovered in Ruby, the worst of which could lead to execution of arbitrary code. Multiple versions are affected.

tags | advisory, arbitrary, vulnerability, ruby
systems | linux, gentoo
advisories | CVE-2020-25613, CVE-2021-31810, CVE-2021-32066, CVE-2021-33621, CVE-2021-41816, CVE-2021-41817, CVE-2021-41819, CVE-2022-28738, CVE-2022-28739, CVE-2023-28755, CVE-2023-28756
SHA-256 | 94bd32b96511589b4ae3eae1e1b96022fbaeeb99eb332b00a775c863282498ba
Employee Management System 1.0 SQL Injection
Posted Jan 24, 2024
Authored by Ozlem Balci

Employee Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2cdd7465daf80c1c6af2cb65f841da2c989782f7f35a4a454a78069803f07728
Page 1 of 2
Back12Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close