Exploit the possiblities
Showing 1 - 25 of 2,193 RSS Feed

TCP Files

Asterisk Project Security Advisory - AST-2018-005
Posted Feb 23, 2018
Authored by Sandro Gauci | Site asterisk.org

Asterisk Project Security Advisory - A crash occurs when a number of authenticated INVITE messages are sent over TCP or TLS and then the connection is suddenly closed. This issue leads to a segmentation fault.

tags | advisory, tcp
advisories | CVE-2018-7286
MD5 | 0733c7c77cd97a87cdc416aef921fea4
Linux/ARM BindShell Shellcode
Posted Feb 19, 2018
Authored by rtmcx

168 bytes small tcp/4444 shell-binding and IP controlled (192.168.1.190) null-free Linux/ARM shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | e2400f0b4e82d6ae3fb4db72afd681e6
TCP Starvation
Posted Feb 12, 2018
Authored by Eplox

Whitepaper called TCP Starvation. It discusses a new variant of a denial of service attack.

tags | paper, denial of service, tcp
MD5 | c256b298d0c5d0f7869895857dde6836
Linux/x64 Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode
Posted Feb 2, 2018
Authored by 0x4ndr3

136 bytes small Linux/x64 bind TCP (4444/TCP) shell (/bin/sh) + password (1234567) shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | d05f6f0b7a7909402854121ee144dd64
Linux/ARM Reverse TCP Shell Null Free Shellcode
Posted Jan 28, 2018
Authored by rtmcx

80 byte small Linux/ARM reverse TCP shell (192.168.1.1:4444/TCP) null-free shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | ca358c6e2e10a456f686560467fee49d
Linux/ARM Password Protected Reverse Shell Shellcode
Posted Jan 19, 2018
Authored by rtmcx

156 bytes small Linux/ARM password protected reverse TCP (192.168.1.1:4444/TCP) shell (/bin/sh) null-free shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | b7131d0642486647b97ab38932c932e3
Linux/ARM (Raspberry Pi) Bind Shell Shellcode
Posted Jan 11, 2018
Authored by Azeria

112 bytes small Linux/ARM (Raspberry Pi) null-free shellcode that binds a shell to 0.0.0.0:4444/TCP.

tags | shell, tcp, shellcode
systems | linux
MD5 | 80fbc5d27e17dc9e5bb4b1bf5f0abea2
HPE iMC dbman RestoreDBase Unauthenticated Remote Command Execution
Posted Jan 10, 2018
Authored by Chris Lyne, sztivi | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04. The dbman service allows unauthenticated remote users to restore a user-specified database (OpCode 10007), however the database connection username is not sanitized resulting in command injection, allowing execution of arbitrary operating system commands as SYSTEM. This service listens on TCP port 2810 by default. This Metasploit module has been tested successfully on iMC PLAT v7.2 (E0403) on Windows 7 SP1 (EN).

tags | exploit, remote, arbitrary, tcp
systems | windows, 7
advisories | CVE-2017-5817
MD5 | 252d40a332488ae10b75261fe5cefc7d
HPE iMC dbman RestartDB Unauthenticated Remote Command Execution
Posted Jan 10, 2018
Authored by Chris Lyne, sztivi | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04. The dbman service allows unauthenticated remote users to restart a user-specified database instance (OpCode 10008), however the instance ID is not sanitized, allowing execution of arbitrary operating system commands as SYSTEM. This service listens on TCP port 2810 by default. This Metasploit module has been tested successfully on iMC PLAT v7.2 (E0403) on Windows 7 SP1 (EN).

tags | exploit, remote, arbitrary, tcp
systems | windows, 7
advisories | CVE-2017-5816
MD5 | 5919ea7fa37b5b123d15780fb9eca50b
Linux x86 Reverse Shell Shellcode
Posted Jan 6, 2018
Authored by Nipun Jaswal

69 bytes small Linux x86 reverse TCP /bin/sh shell null-free shellcode that connects to 127.1.1.1:8888.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 6d533f25a7d4621fb39f38d138aedb06
Samhain File Integrity Checker 4.2.4
Posted Dec 21, 2017
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 95f89b13e3506592ab8c0c75d85f3807
Red Hat Security Advisory 2017-3399-01
Posted Dec 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3399-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for log4j package in Red Hat JBoss Enterprise Application Platform 5.2.0. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645
MD5 | fd3fa5c76fa52ea11d8e205fc0649bcc
Red Hat Security Advisory 2017-3400-01
Posted Dec 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3400-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for log4j package in Red Hat JBoss Enterprise Application Platform 5.2.0. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645
MD5 | df040496bdde37bdd121a27c3c866ad2
Samhain File Integrity Checker 4.2.3
Posted Nov 1, 2017
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 437fb656747dd312044f16e09c35c6aa
Red Hat Security Advisory 2017-2888-01
Posted Oct 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2888-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.4.6 serves as a replacement for Red Hat JBoss BRMS 6.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645, CVE-2017-7957
MD5 | ba560db4bfdf555a5ec7e31fa1dccc6c
Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution
Posted Oct 12, 2017
Authored by mr_me, Mehmet Ince | Site metasploit.com

This Metasploit module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw exists within the management interface, which listens on TCP port 443 by default. Trend Micro IMSVA product have widget feature which is implemented with PHP. Insecurely configured web server exposes diagnostic.log file, which leads to an extraction of JSESSIONID value from administrator session. Proxy.php files under the mod TMCSS folder takes multiple parameter but the process does not properly validate a user-supplied string before using it to execute a system call. Due to combination of these vulnerabilities, unauthenticated users can execute a terminal command under the context of the web server user.

tags | exploit, web, php, tcp, vulnerability
MD5 | c596a4696eab69db88b173ffa1c4b5fb
Kernel Live Patch Security Notice LSN-0031-1
Posted Oct 11, 2017
Authored by Benjamin M. Romer

net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message. Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash).

tags | advisory, denial of service, kernel, local, tcp
systems | linux
advisories | CVE-2017-11600
MD5 | 06dff9f017da1957172af525b25cfd62
Ubuntu Security Notice USN-3443-3
Posted Oct 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3443-3 - Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2017-14106
MD5 | cf13fc16151a8ca7752a3f37d942f30b
Ubuntu Security Notice USN-3445-1
Posted Oct 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3445-1 - Eyal Itkin discovered that the IP over IEEE 1394 implementation in the Linux kernel contained a buffer overflow when handling fragmented packets. A remote attacker could use this to possibly execute arbitrary code with administrative privileges. Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-8633, CVE-2017-14106
MD5 | 4f1cff5d96815c2ffb8075194ffc53da
Ubuntu Security Notice USN-3444-1
Posted Oct 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3444-1 - Jan H. Schonherr discovered that the Xen subsystem did not properly handle block IO merges correctly in some situations. An attacker in a guest vm could use this to cause a denial of service or possibly gain administrative privileges in the host. Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2017-12134, CVE-2017-14106, CVE-2017-14140
MD5 | 69e05e53e6c024f8c444c2dfccbfb315
Ubuntu Security Notice USN-3443-1
Posted Oct 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3443-1 - It was discovered that on the PowerPC architecture, the kernel did not properly sanitize the signal stack when handling sigreturn. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2017-1000255, CVE-2017-14106
MD5 | 0b9e8c257d9b94091abf3f9093e86b5b
Trend Micro OfficeScan Remote Code Execution
Posted Oct 10, 2017
Authored by mr_me, Mehmet Ince | Site metasploit.com

This Metasploit module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw exists within the management interface, which listens on TCP port 443 by default. The Trend Micro Officescan product has a widget feature which is implemented with PHP. Talker.php takes ack and hash parameters but doesn't validate these values, which leads to an authentication bypass for the widget. Proxy.php files under the mod TMCSS folder take multiple parameters but the process does not properly validate a user-supplied string before using it to execute a system call. Due to combination of these vulnerabilities, unauthenticated users can execute a terminal command under the context of the web server user.

tags | exploit, web, php, tcp, vulnerability
MD5 | 02f022c47acfeb55ae34578721c1b3be
Broadcom TCP KeepAlive Offloading DoS / Out-Of-Bounds Read
Posted Sep 27, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from denial of service and out-of-bounds read vulnerabilities in TCP KeepAlive Offloading.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2017-7066
MD5 | 879a8ac244f3f3230f4a9c7db76d35f4
Red Hat Security Advisory 2017-2809-01
Posted Sep 27, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2809-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2015-6644, CVE-2017-2582, CVE-2017-5645, CVE-2017-7536
MD5 | 273ebf6217a47921eed68f2a4c2b449b
Red Hat Security Advisory 2017-2808-01
Posted Sep 27, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2808-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2015-6644, CVE-2017-2582, CVE-2017-5645, CVE-2017-7536
MD5 | d23a481bf31dfe12cac561d6b25e766c
Page 1 of 88
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    16 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    16 Files
  • 23
    Feb 23rd
    31 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close