Exploit the possiblities
Showing 1 - 25 of 2,180 RSS Feed

TCP Files

Samhain File Integrity Checker 4.2.3
Posted Nov 1, 2017
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 437fb656747dd312044f16e09c35c6aa
Red Hat Security Advisory 2017-2888-01
Posted Oct 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2888-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.4.6 serves as a replacement for Red Hat JBoss BRMS 6.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645, CVE-2017-7957
MD5 | ba560db4bfdf555a5ec7e31fa1dccc6c
Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution
Posted Oct 12, 2017
Authored by mr_me, Mehmet Ince | Site metasploit.com

This Metasploit module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw exists within the management interface, which listens on TCP port 443 by default. Trend Micro IMSVA product have widget feature which is implemented with PHP. Insecurely configured web server exposes diagnostic.log file, which leads to an extraction of JSESSIONID value from administrator session. Proxy.php files under the mod TMCSS folder takes multiple parameter but the process does not properly validate a user-supplied string before using it to execute a system call. Due to combination of these vulnerabilities, unauthenticated users can execute a terminal command under the context of the web server user.

tags | exploit, web, php, tcp, vulnerability
MD5 | c596a4696eab69db88b173ffa1c4b5fb
Kernel Live Patch Security Notice LSN-0031-1
Posted Oct 11, 2017
Authored by Benjamin M. Romer

net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message. Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash).

tags | advisory, denial of service, kernel, local, tcp
systems | linux
advisories | CVE-2017-11600
MD5 | 06dff9f017da1957172af525b25cfd62
Ubuntu Security Notice USN-3443-3
Posted Oct 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3443-3 - Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2017-14106
MD5 | cf13fc16151a8ca7752a3f37d942f30b
Ubuntu Security Notice USN-3445-1
Posted Oct 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3445-1 - Eyal Itkin discovered that the IP over IEEE 1394 implementation in the Linux kernel contained a buffer overflow when handling fragmented packets. A remote attacker could use this to possibly execute arbitrary code with administrative privileges. Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-8633, CVE-2017-14106
MD5 | 4f1cff5d96815c2ffb8075194ffc53da
Ubuntu Security Notice USN-3444-1
Posted Oct 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3444-1 - Jan H. Schonherr discovered that the Xen subsystem did not properly handle block IO merges correctly in some situations. An attacker in a guest vm could use this to cause a denial of service or possibly gain administrative privileges in the host. Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2017-12134, CVE-2017-14106, CVE-2017-14140
MD5 | 69e05e53e6c024f8c444c2dfccbfb315
Ubuntu Security Notice USN-3443-1
Posted Oct 11, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3443-1 - It was discovered that on the PowerPC architecture, the kernel did not properly sanitize the signal stack when handling sigreturn. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2017-1000255, CVE-2017-14106
MD5 | 0b9e8c257d9b94091abf3f9093e86b5b
Trend Micro OfficeScan Remote Code Execution
Posted Oct 10, 2017
Authored by mr_me, Mehmet Ince | Site metasploit.com

This Metasploit module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw exists within the management interface, which listens on TCP port 443 by default. The Trend Micro Officescan product has a widget feature which is implemented with PHP. Talker.php takes ack and hash parameters but doesn't validate these values, which leads to an authentication bypass for the widget. Proxy.php files under the mod TMCSS folder take multiple parameters but the process does not properly validate a user-supplied string before using it to execute a system call. Due to combination of these vulnerabilities, unauthenticated users can execute a terminal command under the context of the web server user.

tags | exploit, web, php, tcp, vulnerability
MD5 | 02f022c47acfeb55ae34578721c1b3be
Broadcom TCP KeepAlive Offloading DoS / Out-Of-Bounds Read
Posted Sep 27, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from denial of service and out-of-bounds read vulnerabilities in TCP KeepAlive Offloading.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2017-7066
MD5 | 879a8ac244f3f3230f4a9c7db76d35f4
Red Hat Security Advisory 2017-2809-01
Posted Sep 27, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2809-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2015-6644, CVE-2017-2582, CVE-2017-5645, CVE-2017-7536
MD5 | 273ebf6217a47921eed68f2a4c2b449b
Red Hat Security Advisory 2017-2808-01
Posted Sep 27, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2808-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2015-6644, CVE-2017-2582, CVE-2017-5645, CVE-2017-7536
MD5 | d23a481bf31dfe12cac561d6b25e766c
Red Hat Security Advisory 2017-2810-01
Posted Sep 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2810-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2015-6644, CVE-2017-2582, CVE-2017-5645, CVE-2017-7536
MD5 | 85bba48cb7d9766ea095711a1a7abd74
Linux/ARM (Raspberry Pi) Bindshell Shellcode
Posted Sep 10, 2017
Authored by Andrea Sindoni

192 bytes small Linux/ARM Raspberry Pi tcp port 4444 /bin/sh binding shellcode.

tags | tcp, shellcode
systems | linux
MD5 | cb5295803dfd6226299bbc1e887d93be
Linux/ARM (Raspberry Pi) Reverse TCP Shell Shellcode
Posted Sep 10, 2017
Authored by Andrea Sindoni

160 bytes small Linux/ARM Raspberry Pi reverse TCP /bin/sh shellcode that connects to 192.168.0.12 port 4444.

tags | tcp, shellcode
systems | linux
MD5 | 284a21c6f75bf90558b4aab309b7fb92
Docker Daemon Unprotected TCP Socket
Posted Sep 8, 2017
Authored by Martin Pizala | Site metasploit.com

Utilizing Docker via unprotected tcp socket (2375/tcp, maybe 2376/tcp with tls but without tls-auth), an attacker can create a Docker container with the '/' path mounted with read/write permissions on the host server that is running the Docker container. As the Docker container executes command as uid 0 it is honored by the host operating system allowing the attacker to edit/create files owned by root. This exploit abuses this to creates a cron job in the '/etc/cron.d/' path of the host server. The Docker image should exist on the target system or be a valid image from hub.docker.com.

tags | exploit, root, tcp
MD5 | 2e0895a99e8f3feabc8340b9ea555f3f
Red Hat Security Advisory 2017-2638-01
Posted Sep 6, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2638-01 - The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.17. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, remote, web, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645, CVE-2017-5664, CVE-2017-7525
MD5 | e4262c0a0d485274b418aee25acc83a1
Red Hat Security Advisory 2017-2637-01
Posted Sep 6, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2637-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645, CVE-2017-5664, CVE-2017-7525
MD5 | b62a28a76e3e3f23a5d8e19a007d2014
Red Hat Security Advisory 2017-2635-01
Posted Sep 6, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2635-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645, CVE-2017-5664, CVE-2017-7525
MD5 | d953efecea95aea0ac9b1edb0a3aeac9
Red Hat Security Advisory 2017-2636-01
Posted Sep 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2636-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645, CVE-2017-5664, CVE-2017-7525
MD5 | 1596adfdb8fd5a79c9cfd237af50fcd2
Red Hat Security Advisory 2017-2633-01
Posted Sep 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2633-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, java, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645, CVE-2017-5664, CVE-2017-7525
MD5 | 07deb55d27eb7d0920fc1ca4368de398
NEC EXPRESS CLUSTER clpwebmc Remote Root
Posted Sep 5, 2017
Authored by cenobyte

NEC EXPRESS CLUSTER comes with Cluster Manager, a Java applet for cluster configuration and management. The underlying webserver 'clpwebmc' runs as root and accepts connections on TCP port 29003 which can be initiated without authentication in the default installation.

tags | exploit, java, root, tcp
systems | linux
MD5 | 26dd4a65030970268243b44404d0f359
Bettercap 1.6.2
Posted Aug 22, 2017
Authored by evilsocket | Site bettercap.org

BetterCAP is a powerful, flexible, and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.

Changes: New MAC and HSRP spoofers. New HSRP, RADIUS, BFD, WOL, Asterisk, and TeamTalk sniffers. Various other updates.
tags | tool, web, sniffer, tcp
systems | unix
MD5 | 230f80e982b72a83bb3b29429ee7cc69
Linux/x86-64 Reverse TCP Shell Shellcode
Posted Aug 21, 2017
Authored by Touhid M.Shaikh

153 bytes small Linux/x86-64 reverse TCP shell shellcode that binds to 192.168.1.2:4444.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 61d0bff1874dee43bdda29cd1ada3ad1
HP Security Bulletin HPESB3P03762 1
Posted Aug 10, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESB3P03762 1 - HPE StoreFabric C-series Switch Software uses Ciscos Prime Data Center Network Manager (DCNM). Cisco has identified a remote code execution vulnerability in two versions of Cisco Prime Data Center Network Manager (DCNM) which HPE had included for download for customers under contract from the HPE Support Center. The affected versions of DCNM are 10.1(1) and 10.1(2). HPE bundled these DCNM versions with the following MDS and Nexus firmware downloads: * MDS 7.3(0)DY(1), released February 2017 * MDS 7.3(1)DY(1), released April 2017 * Nexus 5.2(1)N1(9b), released May 2017 **Note:** A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The vulnerability is due to the lack of authentication and authorization mechanisms for a debugging tool that was inadvertently enabled in the affected software. An attacker could exploit this vulnerability by remotely connecting to the debugging tool via TCP. A successful exploit could allow the attacker to access sensitive information about the affected software or execute arbitrary code with root privileges on the affected system. Revision 1 of this advisory.

tags | advisory, remote, arbitrary, root, tcp, code execution
systems | cisco
advisories | CVE-2017-6639
MD5 | 67518920118a80159359d122684f6e35
Page 1 of 88
Back12345Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close