exploit the possibilities
Showing 1 - 25 of 2,942 RSS Feed

Protocol Files

WebLogic Server Deserialization Remote Code Execution
Posted Jun 4, 2020
Authored by Shelby Pace, Y4er, Quynh Le | Site metasploit.com

This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable versions of WebLogic. Leveraging an ExtractorComparator enables the ability to trigger method.invoke(), which will execute arbitrary code.

tags | exploit, java, remote, arbitrary, code execution, protocol
advisories | CVE-2020-2883
MD5 | 70d9c90a8b31214d86ae1cb6e37b7167
Red Hat Security Advisory 2020-2383-01
Posted Jun 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2383-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals as well as an issue where a logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | e92db49e925089bf66c1739a06cdd557
Red Hat Security Advisory 2020-2354-01
Posted Jun 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2354-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include integer overflow and out of bounds write vulnerabilities.

tags | advisory, remote, overflow, vulnerability, protocol
systems | linux, redhat, windows
advisories | CVE-2020-11521, CVE-2020-11523, CVE-2020-11524
MD5 | 15ae8021fd96df0dfb1746fef5b95510
Red Hat Security Advisory 2020-2345-01
Posted Jun 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2345-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 1184c25b0bf931b7f9f86dd4d6f36e7e
Red Hat Security Advisory 2020-2344-01
Posted Jun 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2344-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | d0d173ebdd746f72b192287697bdc301
Red Hat Security Advisory 2020-2336-01
Posted May 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2336-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include integer overflow and out of bounds write vulnerabilities.

tags | advisory, remote, overflow, vulnerability, protocol
systems | linux, redhat, windows
advisories | CVE-2020-11521, CVE-2020-11523, CVE-2020-11524
MD5 | 5d2cb273c144cc065dffa6f4c7e8801b
Red Hat Security Advisory 2020-2338-01
Posted May 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2338-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | a2e80d58f6aebde69885e7fefe2a3aee
Red Hat Security Advisory 2020-2335-01
Posted May 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2335-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include integer overflow and out of bounds write vulnerabilities.

tags | advisory, remote, overflow, vulnerability, protocol
systems | linux, redhat, windows
advisories | CVE-2020-11521, CVE-2020-11523, CVE-2020-11524
MD5 | 94dc2ae5b432b336772822bec529e6b5
Red Hat Security Advisory 2020-2334-01
Posted May 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2334-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include integer overflow and out of bounds write vulnerabilities.

tags | advisory, remote, overflow, vulnerability, protocol
systems | linux, redhat, windows
advisories | CVE-2020-11521, CVE-2020-11523, CVE-2020-11524
MD5 | 607b4d3ddb74a2f874c8211b7f179b43
Red Hat Security Advisory 2020-2295-01
Posted May 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2295-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and integer overflow vulnerabilities.

tags | advisory, remote, denial of service, overflow, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-10722, CVE-2020-10723, CVE-2020-10724, CVE-2020-10725, CVE-2020-10726
MD5 | 3833a7bec9b95f38885612d757a4d717
Red Hat Security Advisory 2020-2298-01
Posted May 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2298-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an integer overflow vulnerability.

tags | advisory, remote, overflow, protocol
systems | linux, redhat
advisories | CVE-2020-10722, CVE-2020-10723
MD5 | 3670350c61bcda6ba4d3758af2f9a224
Red Hat Security Advisory 2020-2296-01
Posted May 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2296-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an integer overflow vulnerability.

tags | advisory, remote, overflow, protocol
systems | linux, redhat
advisories | CVE-2020-10722, CVE-2020-10723, CVE-2020-10724
MD5 | 8d312b0df6cfec0e6337720146dbce57
Red Hat Security Advisory 2020-2297-01
Posted May 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2297-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an integer overflow vulnerability.

tags | advisory, remote, overflow, protocol
systems | linux, redhat
advisories | CVE-2020-10722, CVE-2020-10723, CVE-2020-10724
MD5 | 9aa0f2b0fe3bfbd7b93ff9ff2ee6c6d3
WebLogic Server Deserialization Remote Code Execution
Posted May 21, 2020
Authored by Shelby Pace, Y4er, Jang | Site metasploit.com

This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable WebLogic servers.

tags | exploit, java, remote, code execution, protocol
advisories | CVE-2020-2555
MD5 | e3a30f51596b55d810e3f2ed09788c15
Wireshark Analyzer 3.2.4
Posted May 20, 2020
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: The Windows installers now ship with Qt 5.12.8. They previously shipped with Qt 5.12.6. One dissector bug fix.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 4bbee1bdd5b88343733590fabfffddf3
Microsoft Windows Task Scheduler Security Feature Bypass
Posted May 15, 2020
Authored by Sylvain Heiniger

Compass Security identified a security feature bypass vulnerability in Microsoft Windows. Due to the absence of integrity verification requirements for the RPC protocol and in particular the Task Scheduler, a man-in-the-middle attacker can relay his victim's NTLM authentication to a target of his choice over the RPC protocol. Provided the victim has administrative privileges on the target, the attacker can execute code on the remote target.

tags | exploit, remote, protocol, bypass
systems | windows
advisories | CVE-2020-1113
MD5 | 9657b7615782fe7083c7fe7350cc206a
Red Hat Security Advisory 2020-2070-01
Posted May 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2070-01 - Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2020-1763
MD5 | 4d581f9af9c072fe9c4077fa039eae3e
Red Hat Security Advisory 2020-2071-01
Posted May 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2071-01 - Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2020-1763
MD5 | 2b5ac34e1b4a0738ed31ce4aff3f0fc4
Red Hat Security Advisory 2020-2069-01
Posted May 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2069-01 - Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2020-1763
MD5 | 93ef46868aa6a8c942dc472ee7af12cb
TestSSL 3.0.2
Posted May 8, 2020
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This is another bugfix release of the stable branch 3.0.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 23f32eb9dee4e088a704a11bd2a2339a
Red Hat Security Advisory 2020-1998-01
Posted Apr 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1998-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. An issue was addressed where the DTLS client hello contains a random value of all zeroes.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-11501
MD5 | 4a83a76e05c1e7e9d4017a440d5453b2
OpenSCAP Libraries 1.3.3
Posted Apr 30, 2020
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Added a Python script that can be used for CLI tailoring. Added timezone to XCCDF TestResult start/end time. Added yamlfilecontent independent probe. Various other updates and improvements.
tags | protocol, library
systems | unix
MD5 | 2f7be789b8d36ac362490ddbdabe9ec8
Red Hat Security Advisory 2020-1845-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1845-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-6477
MD5 | 86c3a71f8a3ae1fafce7d4ee58bcd4a1
Red Hat Security Advisory 2020-1878-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1878-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-10197, CVE-2019-10218, CVE-2019-14907
MD5 | e538168e223211505173551f3a20f93e
Red Hat Security Advisory 2020-1792-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1792-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include buffer overflow and double free vulnerabilities.

tags | advisory, web, overflow, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2019-5436, CVE-2019-5481, CVE-2019-5482
MD5 | 18d77e36f531d8ecfa916126fffa8ef4
Page 1 of 118
Back12345Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    15 Files
  • 4
    Jun 4th
    25 Files
  • 5
    Jun 5th
    8 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close