what you don't know can hurt you
Showing 1 - 25 of 2,314 RSS Feed

TCP Files

Barco wePresent Admin Credential Exposure
Posted Nov 20, 2020
Authored by Jim Becher | Site korelogic.com

An attacker armed with hardcoded API credentials from KL-001-2020-004 (CVE-2020-28329) can issue an authenticated query to display the admin password for the main web user interface listening on port 443/tcp for Barco wePresent WiPG-1600W version 2.5.1.8.

tags | exploit, web, tcp
advisories | CVE-2020-28329, CVE-2020-28330
MD5 | 3ad24677ecaeff25f5cac17ee343f4a9
Global Socket 1.4.22
Posted Nov 19, 2020
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

tags | tool, tcp
systems | unix
MD5 | 697aff8d6aa465252692af99375ce8f7
Asterisk 17.6.0 / 17.5.1 Denial Of Service
Posted Nov 6, 2020
Authored by Sandro Gauci | Site enablesecurity.com

Asterisk versions 17.5.1 and 17.6.0 were found vulnerability to a denial of service condition where Asterisk segfaults when receiving an INVITE flood over TCP.

tags | exploit, denial of service, tcp
MD5 | 9a5d9ec730691495e303171a44bcc12b
Red Hat Security Advisory 2020-4619-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4619-01 - FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, denial of service, tcp, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-12831
MD5 | 0edbca111a4f4b5b6e9df0234bfa4526
Samhain File Integrity Checker 4.4.3
Posted Nov 2, 2020
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Now allows console logging to a unix domain socket. Fixed spurious cppcheck warnings, gcc 10 compiler warning in sh_audit.c, gcc 10 compiler warning in sh_ipvx.c, gcc 10 compile problem in sh_tiger1_64.c, and gcc 10 compiler warning in sh_portcheck.c.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 5a314bb9e345e93012bf2e9b2ffb7b24
Nmap Port Scanner 7.91
Posted Oct 12, 2020
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Various bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | a071afc6a4b5f4a5dc93d1aef82dfa9d
Nmap Port Scanner 7.90
Posted Oct 3, 2020
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Upgraded Npcap. Integrated over 800 service/version detection fingerprints submitted since August 2017. Integrated over 330 of the most-frequently-submitted IPv4 OS fingerprints since August 2017. Added 26 fingerprints, bringing the new total to 5,678. Various other additions and improvements.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | c8bda5e6a7177c97efedccdcff00ef55
Cisco AnyConnect Privilege Escalation
Posted Sep 30, 2020
Authored by Yorick Koster, Christophe de la Fuente, Antoine Goichot | Site metasploit.com

The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.9.00086 is vulnerable to a DLL hijacking and allows local attackers to execute code on the affected machine with with system level privileges. Both attacks consist in sending a specially crafted IPC request to the TCP port 62522 on the loopback device, which is exposed by the Cisco AnyConnect Secure Mobility Agent service.

tags | exploit, arbitrary, local, tcp
systems | cisco, windows
advisories | CVE-2020-3153, CVE-2020-3433
MD5 | 6dab51a6758b6569e7dba4af74f482ed
Linux/x86 Reverse TCP Shellcode
Posted Aug 24, 2020
Authored by Xenofon Vassilakopoulos

84 bytes small Linux/x86 reverse TCP shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | d27c925e63f6be65e2fe56789bbf7646
Ericom Access Server 9.2.0 Server-Side Request Forgery
Posted Aug 22, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Ericom Access Server allows attackers to initiate SSRF requests making outbound connections to arbitrary hosts and TCP ports. Attackers, who can reach the AccessNow server can target internal systems that are behind firewalls that are typically not accessible. This can also be used to target third-party systems from the AccessNow server itself. Version 9.2.0 is affected.

tags | exploit, arbitrary, tcp
advisories | CVE-2020-24548
MD5 | 00835b7add7f159a6244efac16d7a915
Ubuntu Security Notice USN-4468-1
Posted Aug 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4468-1 - Emanuel Almeida discovered that Bind incorrectly handled certain TCP payloads. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. Joseph Gullo discovered that Bind incorrectly handled QNAME minimization when used in certain configurations. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, tcp
systems | linux, ubuntu
advisories | CVE-2020-8620, CVE-2020-8621, CVE-2020-8622, CVE-2020-8623, CVE-2020-8624
MD5 | b7dcb2f5025b482f2cbb92a36354b19b
Samhain File Integrity Checker 4.4.2
Posted Aug 1, 2020
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Re-enabled reading options from option group [samhain] in my.cnf. Fixed server install in configure.ac. Added more verbosity to portable binary installer. Fixed minor issues.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | dadeb345093737a3fe1024d585cf1ec5
Cisco AnyConnect Path Traversal / Privilege Escalation
Posted Jun 25, 2020
Authored by Yorick Koster, Christophe de la Fuente, Antoine Goichot | Site metasploit.com

The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to version 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The attack consists in sending a specially crafted IPC request to the TCP port 62522 on the loopback device, which is exposed by the Cisco AnyConnect Secure Mobility Agent service. This service will then launch the vulnerable installer component (vpndownloader), which copies itself to an arbitrary location before being executed with system privileges. Since vpndownloader is also vulnerable to DLL hijacking, a specially crafted DLL (dbghelp.dll) is created at the same location vpndownloader will be copied to get code execution with system privileges. This exploit has been successfully tested against Cisco AnyConnect Secure Mobility Client versions 4.5.04029, 4.5.05030 and 4.7.04056 on Windows 10 version 1909 (x64) and Windows 7 SP1 (x86).

tags | exploit, arbitrary, x86, local, tcp, code execution
systems | cisco, windows, 7
advisories | CVE-2020-3153
MD5 | 0ce466f922be78b19e5b1169c13ef711
Linux/ARM 0.0.0.0:1337/TCP Bindshell Shellcode
Posted Jun 16, 2020
Authored by Anurag Srivastava

100 bytes small null-free Linux/ARM shellcode that binds /bin/sh to 0.0.0.0:1337/TCP.

tags | tcp, shellcode
systems | linux
MD5 | 111a5d97d0327b4f3d4106f084eac97e
Red Hat Security Advisory 2020-2265-01
Posted May 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2265-01 - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, tcp
systems | linux, redhat
advisories | CVE-2019-18277, CVE-2019-19330
MD5 | 4f5607756bb510a12a4b70e23b079830
Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation
Posted May 12, 2020
Authored by Brendan Coles, Chris Lyne | Site metasploit.com

Druva inSync client for Windows exposes a network service on TCP port 6064 on the local network interface. inSync versions 6.5.2 and prior do not validate user-supplied program paths in RPC type 5 messages, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested successfully on inSync version 6.5.2r99097 on Windows 7 SP1 (x64).

tags | exploit, arbitrary, local, tcp
systems | windows, 7
advisories | CVE-2019-3999
MD5 | c631ada55c0c2348cdd0af3ac42a8258
Red Hat Security Advisory 2020-1725-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1725-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, tcp
systems | linux, redhat
advisories | CVE-2019-18277, CVE-2019-19330
MD5 | a3939a41e51a3352db5996f0472731ef
Red Hat Security Advisory 2020-1702-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1702-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.

tags | advisory, overflow, tcp
systems | linux, redhat
advisories | CVE-2019-17041, CVE-2019-17042
MD5 | 8c931eace8697bd05751b3778ba1197f
Linux/x86 Reverse Shell Generator Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

80 bytes small Linux/x86 reverse shell generator shellcode with customizable TCP port and IP address.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 937201f1ff92ab4fabd623cad7224a07
Red Hat Security Advisory 2020-1288-01
Posted Apr 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1288-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web, tcp
systems | linux, redhat
advisories | CVE-2020-11100
MD5 | c01a72c249d4407a10f9abc4ef94eaad
Red Hat Security Advisory 2020-1290-01
Posted Apr 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1290-01 - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web, tcp
systems | linux, redhat
advisories | CVE-2020-11100
MD5 | 9b71948ccc9d2438d0358d337bd26205
Red Hat Security Advisory 2020-1289-01
Posted Apr 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1289-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web, tcp
systems | linux, redhat
advisories | CVE-2020-11100
MD5 | 6af1cef485ffd6aca39a701c8728a87d
Red Hat Security Advisory 2020-1000-01
Posted Mar 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1000-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. A heap-based overflow was addressed.

tags | advisory, overflow, tcp
systems | linux, redhat
advisories | CVE-2019-17041, CVE-2019-17042
MD5 | fb5e2ee1de97cc4fc965e7665fcddebd
nullscan 1.0.0
Posted Mar 26, 2020
Authored by noptrix | Site nullsecurity.net

nullscan is a modular framework designed to chain and automate security tests. It parses target definitions from the command line and runs corresponding modules and their nullscan-tools afterwards. It can also take hosts and start nmap first in order to perform a basic portscan and run the modules afterwards. Also, nullscan can parse a given nmap logfile for open tcp and udp ports and again run the modules afterwards. All results will be logged in specified directories with a clean structure and an HTML report can subsequently be generated.

tags | tool, udp, scanner, tcp
systems | unix
MD5 | b19299719763dbf57f595ecbd3a3e226
Samhain File Integrity Checker 4.4.1
Posted Feb 27, 2020
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed compatibility problem with older (version 2.0.x) GnuPG.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 000cc50f337b9153c743fedc3c178d54
Page 1 of 93
Back12345Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    33 Files
  • 3
    Dec 3rd
    16 Files
  • 4
    Dec 4th
    22 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close