Twenty Year Anniversary
Showing 1 - 25 of 2,227 RSS Feed

TCP Files

Chrome OS gRPC garcon Command Execution
Posted Sep 13, 2018
Authored by Jann Horn, Google Security Research

There is a variety of RPC communication channels between the Chrome OS host system and the crosvm guest. This bug report focuses on communication on TCP port 8889, which is used by the "garcon" service. garcon uses gRPC, which is an RPC protocol that sends protobufs over plaintext HTTP/2. (Other system components communicate with the VM over gRPC-over-vsock, but garcon uses gRPC-over-TCP.) For some command types, the TCP connection is initiated by the host; for others, it is initiated by the guest. Both guest and host are listening on [::]:8889; however, the iptables rules of the host prevent an outside host from simply connecting to those sockets. However, apps running on the host are not affected by such restrictions.

tags | exploit, web, tcp, protocol
MD5 | aff1ab159e8069bed85cefa1dff66810
Ubuntu Security Notice USN-3763-1
Posted Sep 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3763-1 - Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, tcp
systems | linux, ubuntu
advisories | CVE-2018-5390
MD5 | 67c8344e6ac27fd52905ff9715d385a4
Samhain File Integrity Checker 4.3.0
Posted Sep 10, 2018
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added support for /etc/subuid, /etc/subgid maps. Fixed compiler warning on Ubuntu 18.04.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 54591d3bbe3ff0ea837d88310d6bb74a
Linux/x86 IPv6 Reverse TCP Shellcode Generator
Posted Aug 31, 2018
Authored by Kevin Kirsche

94 bytes small Linux/x86 IPv6 reverse TCP shellcode generator.

tags | x86, tcp, shellcode
systems | linux
MD5 | 56a1d4c121dd1129c1e1128c8a0c5b07
Linux/x86 Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode
Posted Aug 31, 2018
Authored by Kevin Kirsche

Linux/x86 dual network stack (IPv4 and IPv6) bind TCP shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | 0dd1f19482e4deabce127fe130413c4a
Oracle GlassFish Server 4.1 Directory Traversal
Posted Aug 13, 2018
Authored by Mishra Dhiraj | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability which exits in administration console of Oracle GlassFish Server version 4.1, which is listening by default on port 4848/TCP.

tags | exploit, tcp
advisories | CVE-2017-1000028
MD5 | fd16dd7193f3dbf77f3cec17df7260fc
Ubuntu Security Notice USN-3732-2
Posted Aug 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3732-2 - USN-3732-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, tcp, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-5390
MD5 | 802eb3abdd14bdadb5da2e1595870840
FreeBSD Security Advisory - FreeBSD-SA-18:08.tcp
Posted Aug 7, 2018
Authored by Juha-Matti Tilli | Site security.freebsd.org

FreeBSD Security Advisory - One of the data structures that holds TCP segments uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number of segments in the reassembly queue. An attacker who has the ability to send TCP traffic to a victim system can degrade the victim system's network performance and/or consume excessive CPU by exploiting the inefficiency of TCP reassembly handling, with relatively small bandwidth cost.

tags | advisory, tcp
systems | freebsd, bsd
advisories | CVE-2018-6922
MD5 | 0bdd64abf1fb28bb2f9ee045a5e2a080
Ubuntu Security Notice USN-3732-1
Posted Aug 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3732-1 - Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, tcp
systems | linux, ubuntu
advisories | CVE-2018-5390
MD5 | 43c84ca28d83281850c44600f89423ee
Linux/x86 Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell Shellcode
Posted Aug 3, 2018
Authored by Kartik Durg

86 bytes small Linux/x86 reverse TCP (::FFFF:192.168.1.5:4444/TCP) shell (/bin/sh) + null-free + IPv6 shellcode.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 841854d50e743d5f6ad22336b8cda687
Linux/ARM Bindshell TCP/4444 + IPv6 Shellcode
Posted Aug 3, 2018
Authored by Ken Kitahara

128 bytes small Linux/ARM TCP/4444 IPv6 bindshell shellcode.

tags | tcp, shellcode
systems | linux
MD5 | 96755523a01f3bd24e8c2517eb974c84
Linux/ARM Reverse Shell TCP/4444 Shellcode
Posted Aug 1, 2018
Authored by Ken Kitahara

116 bytes small Linux/ARM reverse shell ::1:4444/TCP with IPv6 shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | b926864087396be941ee4f0a2ef16f49
Linux/x86 TCP/4444 Bindshell Shellcode
Posted Jul 24, 2018
Authored by Kartik Durg

100 bytes small Linux/x86 /bin/sh bindshell IPv6 TCP/4444 shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | 0dc31090de755d284bd719ffb52f6db9
Linux/ARM Bindshell (tcp/1234) Shellcode
Posted Jul 16, 2018
Authored by odzhancode

104 bytes small Linux/ARM bindshell shellcode that binds to tcp/1234.

tags | tcp, shellcode
systems | linux
MD5 | fb5373c92e81a9b35016a05a78e0c5b8
Malbait TCP/UDP Honeypot
Posted Jun 20, 2018
Authored by Batch McNulty | Site github.com

Malbait is a honeypot written in perl. It creates fake servers and supports both TCP and UDP protocols, either singly or in combination. It outputs in CSV format as well as giving more detailed text reports. You can serve fake Telnet, FTP, SMTP, POP3, HTTP, TR-69, IMAP, asciitime, systat and echo servers, as well as serving blank or random output.

tags | tool, web, udp, perl, tcp, imap, protocol, intrusion detection
systems | unix
MD5 | f51667a675e30504d2bfc0f0895042e9
Asterisk Project Security Advisory - AST-2018-007
Posted Jun 11, 2018
Authored by Sean Bright | Site asterisk.org

Asterisk Project Security Advisory - When connected to Asterisk via TCP/TLS if the client abruptly disconnects, or sends a specially crafted message then Asterisk gets caught in an infinite loop while trying to read the data stream. Thus rendering the system as unusable.

tags | advisory, tcp
MD5 | 128c0dfe088bcd61f964d066fe306cc1
GNUnet P2P Framework 0.11.0pre66
Posted Jun 6, 2018
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: This is a pre-release to assist developers and downstream packagers to test the package before the final release after four years of development.
tags | tool, web, udp, tcp, peer2peer
systems | unix
MD5 | 808b7aeee1439935e3e061b3bd84d3db
Linux/x86 TCP/4444 Bindshell Shellcode
Posted May 31, 2018
Authored by Paolo Perego

105 bytes small Linux/x86 bindshell shellcode that spawns on TCP/4444.

tags | x86, tcp, shellcode
systems | linux
MD5 | 843af161ff8f5f667b5b1c61ca684aff
Linux/x86 TCP/5555 Bindshell Shellcode
Posted May 28, 2018
Authored by Luca Di Domenico

98 bytes small Linux/x86 TCP/5555 bindshell shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | 460b0890fcf26db29390427ea3c1ed44
Reptile LKM Rootkit
Posted May 27, 2018
Authored by mempodippy

Reptile is a Linux kernel module rootkit that hides files, processes, etc. It implements ICMP/UDP/TCP port-knocking backdoors, supports kernels 2.6.x/3.x/4.x, and more.

tags | advisory, tool, kernel, udp, tcp
systems | linux
MD5 | 0a1d449c8d146ccda6f1aaa0a27c3261
Linux/x86 Reverse TCP Shell To 10.0.7.17:4444 Shellcode
Posted May 24, 2018
Authored by Jonathan Crosby

101 bytes small Linux/x86 reverse TCP shell shellcode that connects to 10.0.7.17:4444.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 6eeac0567a3fef4c667bd7ed8a53c0af
Linux/x86 IPv6 TCP Bindshell Port 4444 Shellcode
Posted May 24, 2018
Authored by Matteo Malvica

113 bytes small Linux/x86 IPv6 TCP bindshell on port 4444 shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | 0b9eb7ceb9c4c0a8506d11f903a814d1
Linux/x86 Reverse TCP Shell Shellcode
Posted May 24, 2018
Authored by Nuno Freitas

68 bytes small Linux/x86 reverse TCP shell shellcode.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 992c716611405f56f700612608127ead
HPE iMC 7.3 Remote Code Execution
Posted May 18, 2018
Authored by mr_me, trendytofu | Site metasploit.com

This Metasploit module exploits an expression language injection vulnerability, along with an authentication bypass vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04 to achieve remote code execution. The HP iMC server suffers from multiple vulnerabilities allows unauthenticated attacker to execute arbitrary Expression Language via the beanName parameter, allowing execution of arbitrary operating system commands as SYSTEM. This service listens on TCP port 8080 and 8443 by default. This Metasploit module has been tested successfully on iMC PLAT v7.3(E0504P02) on Windows 2k12r2 x64 (EN).

tags | exploit, remote, arbitrary, tcp, vulnerability, code execution, bypass
systems | windows
advisories | CVE-2017-12500, CVE-2017-8982
MD5 | 409c199dae62513789f6016cba7903bd
Red Hat Security Advisory 2018-1372-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1372-01 - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Issues addressed include buffer overflow and denial of service vulnerabilities.

tags | advisory, web, denial of service, overflow, tcp, vulnerability
systems | linux, redhat
advisories | CVE-2018-10184
MD5 | 73567ccdb0af5ca9e37e65140bbb02e5
Page 1 of 90
Back12345Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close