exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2021-03-05

Microsoft Windows RRAS Service MIBEntryGet Overflow
Posted Mar 5, 2021
Authored by Brendan Coles, Shadow Brokers, Equation Group, Victor Portal | Site metasploit.com

This Metasploit module exploits an overflow in the Windows Routing and Remote Access Service (RRAS) to execute code as SYSTEM. The RRAS DCERPC endpoint is accessible to unauthenticated users via SMBv1 browser named pipe on Windows Server 2003 and Windows XP hosts; however, this module targets Windows Server 2003 only. Since the service is hosted inside svchost.exe, a failed exploit attempt can cause other system services to fail as well.

tags | exploit, remote, overflow
systems | windows
advisories | CVE-2017-8461
SHA-256 | 0ae2b9ea7eebb2360a416f9ca767c77a6dbd884480e2109006104ebb2c2a7cb2
Asterisk Project Security Advisory - AST-2021-006
Posted Mar 5, 2021
Authored by Gregory Massel | Site asterisk.org

When Asterisk sends a re-invite initiating T.38 faxing and the endpoint responds with a m=image line and zero port, a crash will occur in Asterisk. This is a re-occurrence of AST-2019-004.

tags | advisory
advisories | CVE-2019-15297
SHA-256 | d43d5cb9a0201ce6df31db1a1a9561360db4a1bb17c19f46dd04be62c2e79557
Ubuntu Security Notice USN-4757-2
Posted Mar 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4757-2 - USN-4757-1 fixed a vulnerability in wpa_supplicant and hostapd. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that wpa_supplicant did not properly handle P2P provision discovery requests in some situations. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-27803
SHA-256 | dc1b4322a52c55ce4a3510534f27f7d969369c80e22c1455f92626820c73a2b9
Red Hat Security Advisory 2021-0736-01
Posted Mar 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0736-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP25. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14781, CVE-2020-14782, CVE-2020-14803, CVE-2020-27221, CVE-2020-2773
SHA-256 | 1ccf5b38ec529b7006e34dc41c3f19d8bedbd43dbfcda69aa1b5072827495da8
Fluig 1.7.0 Path Traversal
Posted Mar 5, 2021
Authored by Lucas Souza

Fluig versions 1.7.0-210217 and below suffer from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | ea5511730eaab22027c25e852ad09966af7a9dc8002e191fff5abf1fb3aaf5aa
Red Hat Security Advisory 2021-0735-01
Posted Mar 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0735-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 4fa2f2af51f196dfbdc7df2b7135e2d697b420eeef4d54bc4ee06a7e381850ea
Red Hat Security Advisory 2021-0734-01
Posted Mar 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0734-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22883, CVE-2021-22884
SHA-256 | 12d80d86278865e7f564d47f85075de0d39f503c206501b492facef45c9f60d2
CatDV 9.2 Authentication Bypass
Posted Mar 5, 2021
Authored by Nick Gonella, Christopher Ellis

CatDV version 9.2 RMI authentication bypass exploit.

tags | exploit, bypass
SHA-256 | 543271c044880a1d0aef7afeebb5c1d50a3037c73a168df894845293de2d0660
Web Application Reconnaissance And Mapping
Posted Mar 5, 2021
Authored by Rishabh Vats

This is a brief whitepaper that goes over some tooling that can be of assistance while performing reconnaissance against a web application prior to attack.

tags | paper, web
SHA-256 | efa89877156455ecbe4998579276a2b7f88564aac2a446ce3a8fdb5d7a98c52c
Doctor Appointment System 1.0 Cross Site Scripting
Posted Mar 5, 2021
Authored by Nakul Ratti, Soham Bakore

Doctor Appointment System version 1.0 suffers from multiple cross site scripting vulnerabilities. These are additional findings with original discovery of cross site scripting in this version being attributed to Soham Bakore in February of 2021.

tags | exploit, vulnerability, xss
SHA-256 | b098137654368cff53ff815f613c4ed7917ea68d5a2afab78153a61a45603e3a
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close