exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2020-06-16

Zivif Camera 2.3.4.2103 iptest.cgi Blind Remote Command Execution
Posted Jun 16, 2020
Authored by Silas Cutler | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Zivif webcams. This is known to impact versions prior to and including 2.3.4.2103.

tags | exploit, remote
advisories | CVE-2017-17105, CVE-2017-171069
SHA-256 | 516dbce1194c92fcf25e36354d5e142eecc0029d53f110980f3fe7d7516701f7
Arista Restricted Shell Escape / Privilege Escalation
Posted Jun 16, 2020
Authored by Chris Anders | Site metasploit.com

This Metasploit module takes advantage of a poorly configured TACACS+ config, Arista's bash shell, and a TACACS+ read-only account to achieve privilege escalation.

tags | exploit, shell, bash
advisories | CVE-2020-9015
SHA-256 | 86fccaf72b7727767295df0286ab1d606f02b1e49f7979bfafc39f16ae633df4
Ubuntu Security Notice USN-4398-1
Posted Jun 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4398-1 - Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2020-12049
SHA-256 | 3954c3057f51bdeea1f0a11fe351cf019773eb2a7c3699a49847b7fc87597e44
Pulse Secure Client For Windows Local Privilege Escalation
Posted Jun 16, 2020
Authored by Marco Ortisi, redtimmysec, Giuseppe Cali | Site redtimmy.com

Red Timmy Sec has discovered that Pulse Secure Client for Windows suffers from a local privilege escalation vulnerability in the PulseSecureService.exe service.

tags | advisory, local
systems | windows
advisories | CVE-2020-13162
SHA-256 | 5f5a0396cb9bd8b8918531a470f34efbfce05c416ca68a1d578867b7468c1362
Netgear R7000 Router Remote Code Execution
Posted Jun 16, 2020
Authored by grimm-co

Netgear R7000 router remote code execution exploit that leverages a pre-authentication memcpy-based stack buffer overflow vulnerability.

tags | exploit, remote, overflow, code execution
SHA-256 | d2bc33188494707131607d3b6428caca3cc95ef4510489bd1325974d0c042945
TP-LINK Cloud Cameras NCXXX Stack Overflow
Posted Jun 16, 2020
Authored by Pietro Oliva

TP-LINK Cloud Cameras NCXXX suffer from a DelMultiUser stack overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2020-13224
SHA-256 | 8ceea48329dd3d48af63a7ccdec830b47ac2bcf4bf77d8735c577b80b70e19b4
Gila CMS 1.11.8 SQL Injection
Posted Jun 16, 2020
Authored by Carlos Ramirez L.

Gila CMS version 1.11.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2020-5515
SHA-256 | eaba5773c4589925a1a8bab289bbe21beb33d35ee7a3d7ec8281e3c755ae5ad7
Ubuntu Security Notice USN-4397-1
Posted Jun 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4397-1 - It was discovered that NSS incorrectly handled the TLS State Machine. A remote attacker could possibly use this issue to cause NSS to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover DSA keys. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-17023, CVE-2020-12399
SHA-256 | 2692888970cbb4e7e7c8fa5692c6beacf2f89b13d531ef62a9431f8e957091d9
SOS JobScheduler 1.13.3 Stored Password Decryption
Posted Jun 16, 2020
Authored by Sander Ubink

SOS JobScheduler version 1.13.3 encrypts a secret by simply using the name of a profile as the key, making it trivial to decrypt.

tags | exploit
advisories | CVE-2020-12712
SHA-256 | fe2cf7ab1a965708745f8a3ccea8786f1c5edbfe5c3b8ab23a4f225c60f669af
MJML 4.6.2 Path Traversal
Posted Jun 16, 2020
Authored by Julien Ahrens | Site rcesecurity.com

MJML versions 4.6.2 and below suffer from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2020-12827
SHA-256 | 166961aa7a1aa4863ba6a1c75fcc9e0116bd4fd9789c3759ca27ecb57c656da5
Linux/ARM 0.0.0.0:1337/TCP Bindshell Shellcode
Posted Jun 16, 2020
Authored by Anurag Srivastava

100 bytes small null-free Linux/ARM shellcode that binds /bin/sh to 0.0.0.0:1337/TCP.

tags | tcp, shellcode
systems | linux
SHA-256 | 7ee6a6fcc5e486b90d3866afa4de0159d3ef94aa1637076ecdb4c1ab24dbf700
Ubuntu Security Notice USN-4396-1
Posted Jun 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4396-1 - It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a remote denial of service. It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information or cause a crash. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-0093, CVE-2020-0198, CVE-2020-13112, CVE-2020-13113, CVE-2020-13114
SHA-256 | e080558761a105024feebba02610f6c5581c07eff90a1cb0d2371deb7e830972
Linux/ARM execve /bin/dash Shellcode
Posted Jun 16, 2020
Authored by Anurag Srivastava

32 bytes small Linux/ARM execve /bin/dash shellcode.

tags | shellcode
systems | linux
SHA-256 | fabc3a831bff99d6730f97c3240cc21f6d5c4711bd6f1b6ab992f145a704413d
Reverse Engineering Android Application
Posted Jun 16, 2020
Authored by Isha Gupta

Whitepaper called Reverse Engineering Android Application.

tags | paper
SHA-256 | 03e5ba468bb3c163bbe17ff13c9dd61e4ad74f21265e3843b27311865f9b6cba
Detect SQL Injection WordPress Plugin Using RegEx
Posted Jun 16, 2020
Authored by SunCSR

Whitepaper called Detect SQL Injection WordPress Plugin using RegEx.

tags | paper, sql injection
SHA-256 | 085b2a3d5011566b3a2e006830d12feacf5415f9dcda5ab618f5ff59125c9106
Abusing Windows Data Protection API
Posted Jun 16, 2020
Authored by Haboob Team

Whitepaper called Abusing Windows Data Protection API.

tags | paper
systems | windows
SHA-256 | 773a6f1530d77d0420be2e70d5bd4c5c42a05dd949691ff60a9439f5d56f0977
Gentoo Linux Security Advisory 202006-20
Posted Jun 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202006-20 - A vulnerability was discovered in Asterisk which may allow local attackers to gain root privileges. Versions less than 13.32.0-r1 are affected.

tags | advisory, local, root
systems | linux, gentoo
SHA-256 | 098b0504d5efe865161f09c564c9d498f462b5dd82e00e1cc0e5c4405ebeca50
Gentoo Linux Security Advisory 202006-21
Posted Jun 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202006-21 - A vulnerability has been discovered in Apache Tomcat which could result in the arbitrary execution of code. Versions less than 7.0.104:7 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2020-9484
SHA-256 | 4e91ca0fbc04224da0c0118ffbafc25e0bea5b24bcc0534b90146f8897b2f254
Gentoo Linux Security Advisory 202006-23
Posted Jun 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202006-23 - An error in Cyrus IMAP Server allows mailboxes to be created with administrative privileges. Versions less than 3.0.13 are affected.

tags | advisory, imap
systems | linux, gentoo
advisories | CVE-2019-19783
SHA-256 | 1e7bbbfed2c2de886311d93aac435e0c81676a96a5713624632764df5154c6ff
Gentoo Linux Security Advisory 202006-22
Posted Jun 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202006-22 - Multiple vulnerabilities have been found in OpenJDK and IcedTea, the worst of which could result in the arbitrary execution of code. Versions less than 8.252_p09 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-2585, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2773, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830
SHA-256 | 9786f753221d3cbe26d1a463069bea7bc3e917ebd5fc3b0803619260c98c6751
Red Hat Security Advisory 2020-2567-01
Posted Jun 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2567-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12657
SHA-256 | ab064e17571e79bac178b9a10ff5d569de64c697efeb51b8c21243f887a8895e
Gentoo Linux Security Advisory 202006-18
Posted Jun 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202006-18 - Bubblewrap misuses temporary directories allowing local code execution. Versions less than 0.4.1 are affected.

tags | advisory, local, code execution
systems | linux, gentoo
advisories | CVE-2019-12439
SHA-256 | 555969fc9fd701b4c396387cf24658c3d2408d1c4b39557ef14b9df7ab9c723d
Gentoo Linux Security Advisory 202006-19
Posted Jun 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202006-19 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 68.9.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-12398, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410
SHA-256 | 1bfd8c4503f4ffbe217e1dae7f83434325e3fc877eae8b8349b71df5c1c7c6c0
Red Hat Security Advisory 2020-2562-01
Posted Jun 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2562-01 - Red Hat JBoss Enterprise Application Platform CD13 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform CD13 includes bug fixes and enhancements. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2017-12196, CVE-2018-10237, CVE-2018-1067, CVE-2018-10862, CVE-2018-7489
SHA-256 | 653e0dfe34e8f71fbff88f5db8ad69c4a7a15d5d8db71bce2bd437e954f7ae3c
Red Hat Security Advisory 2020-2561-01
Posted Jun 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2561-01 - Red Hat JBoss Enterprise Application Platform CD12 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform CD12 includes bug fixes and enhancements. Issues addressed include code execution, deserialization, and memory exhaustion vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2017-12174, CVE-2017-12196, CVE-2017-12629, CVE-2017-15089, CVE-2018-8088
SHA-256 | b76aaf5cc67f51ef012b340ca8233367d63f2f7981ba6e783d50b98e7f58223b
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close