what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Elastic Search File Read / Append
Posted May 14, 2014
Authored by Jeff Geiger | Site github.com

Elastic Search remote code execution exploit that leverages an issue which allows an attacker to read from and append to files on the system.

tags | exploit, remote, code execution
advisories | CVE-2014-3120
SHA-256 | 3299ff251ab0622ef68d21295c55f1a9622443f4a48b3ce749e6045ef42c4ae0

Related Files

FreeSWITCH 1.10.10 Denial Of Service
Posted Dec 26, 2023
Authored by Sandro Gauci | Site enablesecurity.com

When handling DTLS-SRTP for media setup, FreeSWITCH version 1.10.10 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack.

tags | exploit, denial of service, protocol
advisories | CVE-2023-51443
SHA-256 | 42111d854609afb4221ff75af6db4e27c366baa1bf5886242bf637a8ab822f76
RTPEngine mr11.5.1.6 Denial Of Service
Posted Dec 15, 2023
Authored by Sandro Gauci | Site enablesecurity.com

RTPEngine version mr11.5.1.6 suffers from a denial of service vulnerability via DTLS Hello packets during call initiation.

tags | exploit, denial of service
SHA-256 | 7938f478eab1d8bc840896b24b1e1e899b45b53e89a3e7429e87eaebcefdc333
Asterisk 20.1.0 Denial Of Service
Posted Dec 15, 2023
Authored by Sandro Gauci | Site enablesecurity.com

When handling DTLS-SRTP for media setup, Asterisk version 20.1.0 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack.

tags | exploit, denial of service, protocol
advisories | CVE-2023-49786
SHA-256 | 64a70704bf3c592f3c715409a2cca70dea12a637204ffa690f04e1d61f8e5387
FreeSWITCH 1.10.6 SRTP Packet Denial Of Service
Posted Oct 25, 2021
Authored by Sandro Gauci | Site enablesecurity.com

FreeSWITCH versions 1.10.6 and below suffer from a denial of service vulnerability when handling invalid SRTP packets.

tags | exploit, denial of service
advisories | CVE-2021-41105
SHA-256 | aaad28bb04ce46ebd565a967723a0e8afcd6f7dba90aee94656275d90698725d
FreeSWITCH 1.10.5 SIP SUBSCRIBE Missing Authentication
Posted Oct 25, 2021
Authored by Sandro Gauci | Site enablesecurity.com

FreeSWITCH versions 1.10.5 and below fail to authenticate SIP SUBSCRIBE requests by default.

tags | exploit
advisories | CVE-2021-41157
SHA-256 | ded0b19e81a7730e97640eb6c3d7fda36f567e10ebdd5b999d5b1929484ee8a4
FreeSWITCH 1.10.6 Missing SIP MESSAGE Authentication
Posted Oct 25, 2021
Authored by Sandro Gauci | Site enablesecurity.com

FreeSWITCH versions 1.10.6 and below fails to authenticate SIP MESSAGE requests, leading to spam and message spoofing vulnerabilities.

tags | exploit, spoof, vulnerability
advisories | CVE-2021-37624
SHA-256 | 68dea0d9742f3791b1526264955cdcec061eabf320255b7421f45362fb114013
FreeSWITCH 1.10.6 SIP Flooding Denial Of Service
Posted Oct 25, 2021
Authored by Sandro Gauci | Site enablesecurity.com

FreeSWITCH versions 1.10.6 and below suffer from a SIP flooding denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2021-41145
SHA-256 | 7c18e335775c034ea43225652189228c8adc2e373dc48c484ae01d61e8dc74a9
FreeSWITCH 1.10.6 SIP Digest Leak
Posted Oct 25, 2021
Authored by Sandro Gauci | Site enablesecurity.com

FreeSWITCH versions 1.10.6 and below suffer from a SIP digest leak vulnerability. An attacker can perform a SIP digest leak attack against FreeSWITCH and receive the challenge response of a gateway configured on the FreeSWITCH server. This is done by challenging FreeSWITCH's SIP requests with the realm set to that of the gateway, thus forcing FreeSWITCH to respond with the challenge response which is based on the password of that targeted gateway.

tags | exploit
advisories | CVE-2021-41158
SHA-256 | f3e80023a973da7d0680ad72ce2905cfe9105bbb49758f1e37e5b0f8f8570020
VoIPmonitor 27.6 Buffer Overflow
Posted Mar 15, 2021
Authored by Sandro Gauci | Site enablesecurity.com

A buffer overflow was identified in the VoIPmonitor live sniffer feature. The description variable in the function save_packet_sql is defined as a fixed length array of 1024 characters. The description is set to the value of a SIP request or response line. By setting a long request or response line VoIPmonitor will trigger a buffer overflow.

tags | exploit, overflow
SHA-256 | 145c87a11821afdce38f061bdde93705011a5071747335b1d316604f3d48c582
VoIPmonitor 27.5 Missing Memory Protections
Posted Mar 15, 2021
Authored by Sandro Gauci | Site enablesecurity.com

Static binaries provided for VoIPmonitor version2 7.5 are built without any memory corruption protection in place.

tags | exploit
SHA-256 | 53af2b715bcd85faf66b4d8deafd9d7676f2c8e34de79dd80c738b81bc0fb6da
VoIPmonitor WEB GUI 24.55 Cross Site Scripting
Posted Mar 15, 2021
Authored by Sandro Gauci | Site enablesecurity.com

VoIPmonitor WEB GUI versions 24.53, 24.54, and 24.55 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
SHA-256 | 3a7579f2a72cb2ec95aaa068756e5ed9c00e5774a0e0b1f2a2a7abaee0f242bb
Coturn 4.5.1.x Access Control Bypass
Posted Jan 11, 2021
Authored by Sandro Gauci | Site enablesecurity.com

Coturn version 4.5.1.x suffers from a loopback access control bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2020-26262
SHA-256 | 229c4e41914e88114f7a7cb31815c02ae2d943c82d215356fe5d583cf79c579d
Asterisk 17.6.0 / 17.5.1 Denial Of Service
Posted Nov 6, 2020
Authored by Sandro Gauci | Site enablesecurity.com

Asterisk versions 17.5.1 and 17.6.0 were found vulnerability to a denial of service condition where Asterisk segfaults when receiving an INVITE flood over TCP.

tags | exploit, denial of service, tcp
SHA-256 | 16f54da5d3c7145bd5aa998e183688a666211433fed046580666ec3e14e0913e
Asterisk 15.2.0 chan_pjsip INVITE Denial Of Service
Posted Feb 26, 2018
Authored by Sandro Gauci, Alfred Farrugia

Asterisk running chan_pjsip suffers from an INVITE message denial of service vulnerability. Versions affected include Versions affected include 15.2.0, 15.1.0, 15.0.0, 13.19.0, 13.11.2, and 14.7.5.

tags | exploit, denial of service
advisories | CVE-2018-7286
SHA-256 | f1253625e46f227de8752682b32d8862adf05b987de5b3ce80dd452d37d33ce3
Asterisk 15.2.0 chan_pjsip SDP Media Format Denial Of Service
Posted Feb 26, 2018
Authored by Sandro Gauci, Alfred Farrugia

Asterisk running chan_pjsip suffers from an SDP message related denial of service vulnerability. Versions affected include 13.10.0, 15.1.3, 15.1.4, 15.1.5, and 15.2.0.

tags | exploit, denial of service
SHA-256 | dcd272d0bdc191e8821a8ff0875bcb1f860b59d55a4d240aea12f18340ff7f74
Asterisk 15.2.0 chan_pjsip SDP fmtp Denial Of Service
Posted Feb 26, 2018
Authored by Sandro Gauci, Alfred Farrugia

Asterisk version 15.2.0 running chan_pjsip suffers from an SDP message related denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | bb991ba13071f908ba4e3a364bc5fd50ffb86a758000294812e5c584d0d94d00
Asterisk 15.2.0 chan_pjsip SUBSCRIBE Stack Corruption
Posted Feb 26, 2018
Authored by Sandro Gauci, Alfred Farrugia

Asterisk running chan_pjsip suffers from a SUBSCRIBE message stack corruption vulnerability. Vulnerable versions include 15.2.0, 13.19.0, 14.7.5, and 13.11.2.

tags | exploit
advisories | CVE-2018-7284
SHA-256 | 7ce6eb5d2b74840cec684d30e389db8a84881dd35088091f86c3e601f3984460
Elastic Search 1.1.1 Arbitrary File Read
Posted Jul 30, 2014
Authored by Larry W. Cashdollar, Bouke van der Bijl

Remote exploit for Elastic Search version 1.1.1 that attempts to read /etc/hosts and /etc/passwd.

tags | exploit, remote
advisories | CVE-2014-3120
SHA-256 | 9f77dafb99af40f2c2d5742a9434d5f9d672d2a7b83bbada56a2713e609f8b41
EMC Documentum XSS / Session Fixation
Posted May 9, 2013
Site emc.com

Vulnerabilities exist in several EMC Documentum products that could potentially be exploited by a malicious user. Session fixation vulnerability could be potentially exploited by an unauthorized user to gain privileges to perform actions as a valid user by utilizing techniques to steal or gain access to an authenticated session. Cross-site scripting vulnerability could be potentially exploited for conducting malicious scripting by getting an authenticated user to click on specially-crafted links maliciously embedded within an email, web page or other source. This may lead to execution of malicious html requests or scripts in the context of the authenticated user. Cross Frame Scripting vulnerability could potentially be exploited by an attacker to steal sensitive information by inducing the authenticated user to navigate to a web page the attacker controls.

tags | advisory, web, vulnerability, xss
advisories | CVE-2013-0938, CVE-2013-0939, CVE-2013-0937
SHA-256 | 2e4b137f4062d82c49c23eb897561e7f7972d3850a1d59e1a82bc1f0f78a1318
RSA Archer GRC 5.x XSS / Shell Upload
Posted May 6, 2013
Site emc.com

RSA Archer GRC version 5.x suffers from improper authorization, remote shell upload, and cross site scripting vulnerabilities.

tags | advisory, remote, shell, vulnerability, xss
advisories | CVE-2013-0932, CVE-2013-0933, CVE-2013-0934
SHA-256 | 6a8a5e91e1b57ce0408f1ab97e52945082afdc7c31d4610a7ee64b7b5f03ed2e
EMC Smarts Product Cross Site Scripting
Posted Mar 28, 2013
Site emc.com

EMC Smarts Product versions prior to 9.2 contain a cross site scripting vulnerability that could potentially be exploited by malicious users.

tags | advisory, xss
advisories | CVE-2013-0936
SHA-256 | 883d4810ac2c6054019ce2ac8a31a3711e9315ccc3a0dc8dd3c1d89e8cf6b06d
EMC Smarts NCM Improper Authentication
Posted Mar 27, 2013
Site emc.com

EMC Smarts Network Configuration Manager (NCM) version 9.2 contains fix for a vulnerability that could allow a malicious user to call certain supported Java Remote Method Invocation methods remotely without authentication. In addition, NCM System Management (SysAdmin) Console has known security vulnerabilities and EMC strongly advises customers to disable and not use this console until there is alternative solution from EMC.

tags | advisory, java, remote, vulnerability
advisories | CVE-2013-0935
SHA-256 | 0874e51f0ca690050aecbd9f317a22a366230b83c340be3b95f6baca5690e1b0
RSA Authentication Agent 7.1.1 Access Bypass
Posted Mar 1, 2013
Site emc.com

RSA Authentication Agent version 7.1.1 for Windows suffers from an issue where a user may incorrectly gain access to a desktop or a server.

tags | advisory
systems | windows
advisories | CVE-2013-0931
SHA-256 | 2f238efee7569fbed4654191f68bd99735eb85488927065675a4251d6a5453c0
RSA Archer GRC Traversal / Cross Site Scripting
Posted Feb 3, 2013
Authored by Nello Coppeto | Site emc.com

RSA Archer GRC versions prior to 5.3 and 5.2SP1 suffer from path traversal, cross site scripting, cross-domain policy, and clickjacking vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2012-2293, CVE-2012-2292, CVE-2012-1064, CVE-2012-2294
SHA-256 | 1f1226ddc6dffbd1dea484495b345b9778a28615df5e86d738faf5875fcb8ad3
EMC AlphaStor Buffer Overflow
Posted Jan 30, 2013
Authored by Aniway | Site emc.com

A buffer overflow vulnerability exists in EMC AlphaStor that could potentially be exploited by a malicious user to create a denial of service condition or execute arbitrary code. EMC AlphaStor version 4.0 prior to build 814 is affected.

tags | advisory, denial of service, overflow, arbitrary
advisories | CVE-2013-0930
SHA-256 | c72b06bd5f6d41e9b7fe14bee9a1a610ea2db6a5ca209ce7002b36f8b6c212ec
Page 1 of 4
Back1234Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close