exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 31,260 RSS Feed

Remote Files

MiniWeb HTTP Server 0.8.1 Denial Of Service
Posted Jan 19, 2024
Authored by Fernando Mengali

MiniWeb HTTP Server version 0.8.1 remote denial of service exploit.

tags | exploit, remote, web, denial of service
SHA-256 | 248b2f630c31c5b087671d0e5ed5e860b24d7c946a245d40497623ce86f5a1ef
WordPress Backup Migration 1.3.7 Remote Command Execution
Posted Jan 18, 2024
Authored by jheysel-r7, Valentin Lobstein, Nex Team | Site metasploit.com

This Metasploit module exploits an unauthenticated remote command execution vulnerability in WordPress Backup Migration plugin versions 1.3.7 and below. The vulnerability is exploitable through the Content-Dir header which is sent to the /wp-content/plugins/backup-backup/includes/backup-heart.php endpoint. The exploit makes use of a neat technique called PHP Filter Chaining which allows an attacker to prepend bytes to a string by continuously chaining character encoding conversions. This allows an attacker to prepend a PHP payload to a string which gets evaluated by a require statement, which results in command execution.

tags | exploit, remote, php
advisories | CVE-2023-6553
SHA-256 | 1feecca12306422ebe993c3821d87be77ad3056e719f9dcbae7c033f156e447f
mqXSS 0.2
Posted Jan 18, 2024
Authored by grandpae | Site github.com

mqXSS is a client to communicate with XSS hooked browsers over MQTT. Similar to xsshunter or beef, mqxss allows interaction with remote browsers that have been injected with a XSS payload. However, instead of having the victim connect back to your server they connect through a Secure Websocket MQTT broker instead. This tool facilitates the JS payload generation and interaction with hooked browsers that communicate over WSS MQTT brokers.

tags | tool, remote, vulnerability, xss
systems | unix
SHA-256 | 8896d3a6c195fd964e3ba8e5a991dcb72d8c6488f787f595e2d0fca71fec9ad8
SpyCamLizard 1.230 Denial Of Service
Posted Jan 18, 2024
Authored by Fernando Mengali

SpyCamLizard version 1.230 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | a7873c3ae31f00a2db87aa16898d36176fa4e56ef20e5000f29595ea163d98f1
Ubuntu Security Notice USN-6559-1
Posted Jan 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6559-1 - It was discovered that ZooKeeper incorrectly handled authorization for the getACL command. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Damien Diederen discovered that ZooKeeper incorrectly handled authorization if SASL Quorum Peer authentication is enabled. An attacker could possibly use this issue to bypass ZooKeeper's authorization system. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-0201, CVE-2023-44981
SHA-256 | 534b6c013d7713c3db3c8290512cdb776320bf30fcdd91612968f64217ae7077
Contiki-NG tinyDTLS Buffer Over-Read / Denial Of Service
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. A buffer over-read exists in the dtls_sha256_update function. This bug allows remote attackers to cause a denial of service (crash) and possibly read sensitive information by sending a malformed packet with an over-large fragment length field, due to servers incorrectly handling malformed packets.

tags | advisory, remote, denial of service
advisories | CVE-2021-42147
SHA-256 | cbd23d5e5c03a89b7797b1140a3998118f6627b3823c690bdae65a977b7770e9
Contiki-NG tinyDTLS Epoch Number Reuse
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive application (data of connected clients).

tags | advisory, remote, tcp
advisories | CVE-2021-42146
SHA-256 | db8a0bf96f7883a8a21b7027f42157c985e59fe2bbc26de4705dacefa635eccf
Contiki-NG tinyDTLS Buffer Over-Read / Denial Of Service
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length of cipher suites, which triggers an infinite loop (consuming all resources) and a buffer over-read that can disclose sensitive information.

tags | advisory, remote, denial of service
advisories | CVE-2021-42143
SHA-256 | 846b82fbb5e4c16ada129d3f8122d5e00f7c07ffd7830416cb4698d8fd258206
Contiki-NG tinyDTLS Denial Of Service
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops.

tags | advisory, remote, denial of service
advisories | CVE-2021-42142
SHA-256 | e1244689736de9338e92f0ce31592afd33da836f554ad8dfaf50a9775596ca5b
Gentoo Linux Security Advisory 202401-25
Posted Jan 17, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-25 - Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution. Versions greater than or equal to 11.0.19_p7:11 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-34169, CVE-2022-39399, CVE-2022-42920, CVE-2023-21830, CVE-2023-21835, CVE-2023-21843
SHA-256 | 0a4fe242d77ea01ee2a725ae008fbefb532aeaf7181a2f1427c642180897d42f
Ubuntu Security Notice USN-6538-2
Posted Jan 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6538-2 - USN-6538-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 18.04 LTS. Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-5868, CVE-2023-5869, CVE-2023-5870
SHA-256 | a70359a1cbdb6b92c5544f755cdb8cd8cd0b12c9fb91bb890c8312a69081d3a4
Ubuntu Security Notice USN-6586-1
Posted Jan 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6586-1 - It was discovered that FreeImage incorrectly handled certain memory operations. If a user were tricked into opening a crafted TIFF file, a remote attacker could use this issue to cause a heap buffer overflow, resulting in a denial of service attack. This issue only affected Ubuntu 16.04 LTS and Ubuntu 20.04 LTS. It was discovered that FreeImage incorrectly processed images under certain circumstances. If a user were tricked into opening a crafted TIFF file, a remote attacker could possibly use this issue to cause a stack exhaustion condition, resulting in a denial of service attack. This issue only affected Ubuntu 16.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, remote, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2019-12211, CVE-2019-12213, CVE-2020-21428, CVE-2020-22524
SHA-256 | e3ce659e6a496d9bd8c7f4537f71ef81bda29203d7b135e65d254dc4c1020188
Red Hat Security Advisory 2024-0214-03
Posted Jan 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0214-03 - An update for python-werkzeug is now available for Red Hat OpenStack Platform 17.1. Issues addressed include denial of service and remote shell upload vulnerabilities.

tags | advisory, remote, denial of service, shell, vulnerability, python
systems | linux, redhat
advisories | CVE-2023-46136
SHA-256 | e72c9c61fc04da0c2c56bb14ee3572f7d800cb7d313211fccb50192eb1de162c
Red Hat Security Advisory 2024-0189-03
Posted Jan 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0189-03 - An update for python-werkzeug is now available for Red Hat OpenStack Platform 17.1. Issues addressed include denial of service and remote shell upload vulnerabilities.

tags | advisory, remote, denial of service, shell, vulnerability, python
systems | linux, redhat
advisories | CVE-2023-46136
SHA-256 | 50c2f21eebdf9757eb666fbf646f7701855b330687977003cfb6ff2ba950f45c
Easy File Sharing FTP 3.6 Denial Of Service
Posted Jan 17, 2024
Authored by Fernando Mengali

Easy File Sharing FTP version 3.6 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 5111fc74e92e1ad74c63ec7bec89bc96ab930b546e17d77beff6a0850a8d22cd
Gentoo Linux Security Advisory 202401-22
Posted Jan 16, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-22 - Multiple vulnerabilities have been discovered in libspf2, the worst of which can lead to remote code execution. Versions greater than or equal to 1.2.11 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2021-20314, CVE-2021-33912, CVE-2021-33913
SHA-256 | 4df9712baaacd6e6f669da956478624a2d0582ad60f2fbd6ecdc17e27f5e2396
Gentoo Linux Security Advisory 202401-19
Posted Jan 16, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-19 - Multiple vulnerabilities have been found in Opera, the worst of which can lead to remote code execution. Versions greater than or equal to 73.0.3856.284 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2020-15999
SHA-256 | d555786617084799df45cfbed82ca07fb4afd6fa168f910245e907df3e94c1a2
Ubuntu Security Notice USN-6585-1
Posted Jan 16, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6585-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2023-48795
SHA-256 | d368df4c0d357987893502f341336db0f44b79a83468cb12d62846d219bc5e7b
Ubuntu Security Notice USN-6584-1
Posted Jan 16, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6584-1 - Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-20314
SHA-256 | 486e45e1623fd297d952a83d392ee0ab81d01bc53495bad464db7ee92f739a3a
Ubuntu Security Notice USN-6582-1
Posted Jan 16, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6582-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2023-42883
SHA-256 | efacb4bdb05b573622a6891d651f7f79948338036201cc4c73c3478731777aee
MailCarrier 2.51 Denial Of Service
Posted Jan 16, 2024
Authored by Fernando Mengali

MailCarrier version 2.51 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 8d7ecacd83b4b1b521a71b23531e9e47816a0daa81b52e8212fa585f7d4ae53a
LightFTP 1.1 Denial Of Service
Posted Jan 16, 2024
Authored by Fernando Mengali

LightFTP version 1.1 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 44982ff8d2df3f166c03d5a967d77f762d6994bee1f7757b01fe4c9887521198
WordPress RSVPMaker 9.3.2 SQL Injection
Posted Jan 15, 2024
Authored by Amirhossein Bahramizadeh

WordPress RSVPMaker plugin versions 9.3.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2022-1768
SHA-256 | 66e514c92c46238d6305ed7cb7d15ec7a2822168dde570f73013b430aa0764fc
Taokeyun SQL Injection
Posted Jan 15, 2024
Authored by Amirhossein Bahramizadeh

Taokeyun versions up to 1.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2024-0480
SHA-256 | 1f422c49bad5c6f9ab4afd9b61892e4f89f1c8e3f531ea9bd64603a009bccfa3
Xitami 2.5 Denial Of Service
Posted Jan 15, 2024
Authored by Fernando Mengali

Xitami version 2.5 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 9cfd6521e63af7bec8aa11d85bcd2bc1d7ebfd7d243fd44b6ff495053f2c4fa2
Page 5 of 1,251
Back34567Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close