exploit the possibilities
Showing 1 - 25 of 2,016 RSS Feed

Spoof Files

Tor Half-Closed Connection Stream Confusion
Posted Jul 15, 2021
Authored by Jann Horn, Google Security Research

Tor suffers from an issue where half-closed connection tracking ignores layer_hint and due to this, entry/middle relays can spoof RELAY_END cells on half-closed streams, which can lead to stream confusion between OP and exit.

tags | exploit, spoof
advisories | CVE-2021-34548
MD5 | e8e6c45ee71383e0832c1cb3f3a8c903
UFONet 1.7
Posted Jul 14, 2021
Authored by psy | Site ufonet.03c8.net

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

Changes: Bugfixes. Added Deploy, SHIP.TV, and Nodes. Modified and updated the Web GUI. Updated documentation, FAQ, and website.
tags | tool, web, denial of service, spoof
systems | unix
MD5 | e0c779fbf429085d555102ea90c5813f
Ubuntu Security Notice USN-4995-2
Posted Jun 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4995-2 - USN-4995-1 fixed vulnerabilities in Thunderbird. This update provides the corresponding updates for Ubuntu 18.04 LTS. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass security restrictions, or execute arbitrary code. It was discovered that extensions could open popup windows with control of the window title in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spoof a website and trick the user into providing credentials. Multiple security issues were discovered in Thunderbird's OpenPGP integration. If a user were tricked into importing a specially crafted key in some circumstances, an attacker could potentially exploit this to cause a denial of service or confuse the user. A use-after-free was discovered when Responsive Design Mode was enabled. If a user were tricked into opening a specially crafted website with Responsive Design Mode enabled, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. It was discovered that Thunderbird mishandled ftp URLs with encoded newline characters. If a user were tricked into clicking on a specially crafted link, an attacker could potentially exploit this to send arbitrary FTP commands. It was discovered that Thunderbird wrote signatures to disk and read them back during verification. A local attacker could potentially exploit this to replace the data with another signature file. It was discovered that Thunderbird might load an alternative OTR library. If a user were tricked into copying a specially crafted library to one of Thunderbird's search paths, an attacker could potentially exploit this to execute arbitrary code. It was discovered that secret keys imported into Thunderbird were stored unencrypted. A local attacker could potentially exploit this to obtain private keys. It was discovered that Thunderbird did not indicate when an inline signed or encrypted message contained additional unprotected parts. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, spoof, vulnerability
systems | linux, windows, ubuntu
advisories | CVE-2021-23961, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987, CVE-2021-23994, CVE-2021-23995, CVE-2021-23999, CVE-2021-24002, CVE-2021-29948, CVE-2021-29949, CVE-2021-29956, CVE-2021-29957
MD5 | 604927ef5f1aa546db7b29136f6c883b
Ubuntu Security Notice USN-4995-1
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4995-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass security restrictions, or execute arbitrary code. It was discovered that extensions could open popup windows with control of the window title in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spoof a website and trick the user into providing credentials. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, windows, ubuntu
advisories | CVE-2021-23961, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987, CVE-2021-23994, CVE-2021-23995, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29948, CVE-2021-29949, CVE-2021-29956, CVE-2021-29957
MD5 | 20dc83202964373baf16304f35c94c5a
Ubuntu Security Notice USN-4978-1
Posted Jun 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4978-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, re-enable camera devices without an additional permission prompt, spoof the browser UI, or execute arbitrary code. It was discovered that filenames printed from private browsing mode were incorrectly retained in preferences. A local attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, spoof
systems | linux, ubuntu
advisories | CVE-2021-29959, CVE-2021-29960, CVE-2021-29966, CVE-2021-29967
MD5 | 01e79350aca3fc8a59ec16c81063b717
nginx 1.20.0 DNS Resolver Off-By-One Heap Write
Posted May 26, 2021
Authored by Markus Vervier, Eric Sesterhenn, Luis Merino

An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character ('.', 0x2E) out of bounds in a heap allocated buffer. The vulnerability can be triggered by a DNS response in reply to a DNS request from nginx when the resolver primitive is configured. A specially crafted packet allows overwriting the least significant byte of next heap chunk metadata with 0x2E. A network attacker capable of providing DNS responses to a nginx server can achieve Denial-of-Service and likely remote code execution. Due to the lack of DNS spoofing mitigations in nginx and the fact that the vulnerable function is called before checking the DNS Transaction ID, remote attackers might be able to exploit this vulnerability by flooding the victim server with poisoned DNS responses in a feasible amount of time.

tags | exploit, remote, spoof, code execution
advisories | CVE-2021-23017
MD5 | cc733efc4bba424a92fb952d1eefd927
Red Hat Security Advisory 2021-1611-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1611-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2019-3842, CVE-2020-13776
MD5 | 230c271bc5dfa3d7bbb294436ec2c85c
Ubuntu Security Notice USN-4926-1
Posted Apr 27, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4926-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential information, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29947
MD5 | a2f75e727b0492505c0b9c6bf7282daf
Red Hat Security Advisory 2021-1363-01
Posted Apr 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1363-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.10.0 ESR. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
MD5 | 272aa71b90a0c99f81c535b1661b4b81
Red Hat Security Advisory 2021-1361-01
Posted Apr 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1361-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.10.0 ESR. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
MD5 | 1c8f80d3aa62c8c72001a99acdece235
Red Hat Security Advisory 2021-1360-01
Posted Apr 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1360-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.10.0 ESR. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
MD5 | 0e487c45ca915dc01062d4ad0284a08c
Red Hat Security Advisory 2021-1362-01
Posted Apr 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1362-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.10.0 ESR. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, web, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
MD5 | 8039077aadfa8444b1b12870fb3078a5
Red Hat Security Advisory 2021-1350-01
Posted Apr 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1350-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.10.0. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
MD5 | a00880152525e6721f39cd27357c75d7
Red Hat Security Advisory 2021-1352-01
Posted Apr 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1352-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.10.0. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
MD5 | 51854f6fb53070f03f014c82977cb88b
Red Hat Security Advisory 2021-1351-01
Posted Apr 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1351-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.10.0. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
MD5 | b4d4bf725c6e3d1f9e13ae344044bc0e
Red Hat Security Advisory 2021-1353-01
Posted Apr 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1353-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.10.0. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
MD5 | 0783f9190bf9ddeceb6d837fa4b01087
Red Hat Security Advisory 2021-0992-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0992-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 733b0f1a6487f3ea89ed22f34470c0f7
Red Hat Security Advisory 2021-0996-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0996-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 485bd0846f543d3cc7f9a52abaf90a21
Red Hat Security Advisory 2021-0991-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0991-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 1731b7821447c2facdea627ff316d371
Red Hat Security Advisory 2021-0994-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0994-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 67797af2fb70a936c33eea7b4b553d95
Red Hat Security Advisory 2021-0989-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0989-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | f746f33fe09674ebd846f4997a9116b9
Red Hat Security Advisory 2021-0993-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0993-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 4bf3d710a4f1ceafce1c197be71f9dca
Red Hat Security Advisory 2021-0995-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0995-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | 10a9a7a671e4c1aec2fd1223d491c4e1
Red Hat Security Advisory 2021-0990-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0990-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987
MD5 | bb311d79b5aeefbfec98a69bd3281455
FireHOL 3.1.7
Posted Jan 1, 2021
Authored by Costa Tsaousis | Site github.com

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Fix dhcpv6 example to say dhcpv6. Various blacklist updates.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | cebc65cd784a3499c0dfa8e28d654545
Page 1 of 81
Back12345Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close