what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2021-12-15

log4j-scan Extensive Scanner
Posted Dec 15, 2021
Authored by fullhunt | Site github.com

log4j-scan is fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts. It supports fuzzing for more than 60 HTTP request headers, JSON data parameters, and HTTP POST Data parameters. It also supports DNS callback for vulnerability discovery and validation and includes WAF bypass payloads.

tags | exploit, java, web
advisories | CVE-2021-44228
SHA-256 | 0d5ae7f22f482484023dbdde93229a59915d292aefd32e04445b6847b7cbe5c8
Log4j Recognizer
Posted Dec 15, 2021
Authored by scitotec | Site github.com

This utility looks for log4j in the currently running JVM. It is useful for systems that allow plugins to introduce their own jars. Therefore, you can find if someone is using log4j with a dangerous version.

tags | tool, java
systems | unix
advisories | CVE-2021-44228
SHA-256 | f3e9c324df46c5349054a5e341c715ffbb5f3a49b2dcb09981741f4aa2e019e7
Log4j Linux IoC Detector
Posted Dec 15, 2021
Authored by santosomar | Site github.com

This is a basic bash script to detect log4j indicators of compromise (IoCs) in Linux log files.

tags | java, system logging, bash
systems | linux, unix
advisories | CVE-2021-44228
SHA-256 | cac18b2d6343c61bc55d312a115a6b13a4e02c2b28f3e4b83320cd33353f71a1
Minecraft Log4j Honeypot
Posted Dec 15, 2021
Authored by Adikso | Site github.com

This honeypot runs a fake Minecraft server waiting to be exploited with log4j. Payload classes are saved to the payloads/ directory.

tags | java, system logging
systems | unix
advisories | CVE-2021-44228
SHA-256 | 671e0e08f3222b36a45cdb838e96e036c46204e4de6145f8d10b9ce7e566aed3
Log4j Remote Code Execution Word Bypassing
Posted Dec 15, 2021
Authored by Puliczek | Site github.com

Log4j remote code execution exploit with a trick to bypass words blocking patches. Works on Log4j versions 2.14.1 and below.

tags | exploit, java, remote, code execution
advisories | CVE-2021-44228
SHA-256 | de7380eb6b3fc4c49f27978b8a6c7f1adef40597e054a9798db4c61a23e7311f
L4sh Log4j Remote Code Execution
Posted Dec 15, 2021
Authored by cyberstruggle | Site github.com

Fully independent log4j exploit that does not require any 3rd party binaries. The exploit sprays the payload to all possible logged HTTP Headers such as X-Forwarding, Server-IP, User-Agent.

tags | exploit, java, web
advisories | CVE-2021-44228
SHA-256 | 19e37dec69c98eb8297671319d877f1ab2d64860b42bbc2abd0f33e61a3e5a3b
SAP Netweaver IUUC_GENERATE_ACPLAN_DELIMITER ABAP Code Injection
Posted Dec 15, 2021
Authored by Raschin Tavakoli | Site sec-consult.com

SAP Netweaver versions SAP DMIS in at least 2011_1_731 SP versions 0013 and below suffer from a remote ABAP code injection vulnerability in IUUC_GENERATE_ACPLAN_DELIMITER.

tags | exploit, remote
SHA-256 | 3cd28850847bc50e82be1b8c4526c61d99e60d3a9c0583aa8ce8b39bc6610154
SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG ABAP Code Injection
Posted Dec 15, 2021
Authored by Raschin Tavakoli | Site sec-consult.com

SAP Netweaver version SAP DMIS 2011_1_731 SP 0013 suffers from a remote ABAP code injection vulnerability in IUUC_RECON_RC_COUNT_TABLE_BIG.

tags | exploit, remote
advisories | CVE-2021-33701
SHA-256 | faf208cedd4dc5530fc5003cbe8bb903e10df267c17f5c9a76ed71c5665aa617
SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG SQL Injection
Posted Dec 15, 2021
Authored by Raschin Tavakoli | Site sec-consult.com

SAP Netweaver suffers from a remote ADBC SQL injection vulnerability in IUUC_RECON_RC_COUNT_TABLE_BIG. Other software and various versions are also affected.

tags | exploit, remote, sql injection
advisories | CVE-2021-33701
SHA-256 | 550a91ffd1c6e82c954e30665a5c37fe3bd89744c696191b5b2ac048238d035f
OpenSSL Toolkit 1.1.1m
Posted Dec 15, 2021
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Made a change to avoid loading of a dynamic engine twice. Fixed building on Debian with kfreebsd kernels. Prioritized DANE TLSA issuer certs over peer certs. Fixed random API for MacOS prior to 10.12.
tags | tool, encryption, protocol
systems | unix
SHA-256 | f89199be8b23ca45fc7cb9f1d8d3ee67312318286ad030f5316aca6462db6c96
OpenEMR 6.0.0 / 6.1.0-dev SQL Injection
Posted Dec 15, 2021
Authored by Stefan Pietsch | Site trovent.io

OpenEMR versions 6.0.0 and 6.1.0-dev suffer from an authenticated remote SQL injection vulnerability in the calendar search functionality.

tags | exploit, remote, sql injection
advisories | CVE-2021-41843
SHA-256 | f3e63ffea1416dffa063591f3a4d64e9cd1199687a6d7273f62fcad46fd75f81
Red Hat Security Advisory 2021-5142-02
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5142-02 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25719
SHA-256 | 136f7122e1f9300dd9b788756bc841a87a48bff46c2ac721fd3a6a3e9a7b31a8
Red Hat Security Advisory 2021-5140-04
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5140-04 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2021-44228
SHA-256 | 879ff41882fb1ddbfd57513bf1fb36b3c52ff0e9262fc67b19add600f7167822
Red Hat Security Advisory 2021-5133-03
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5133-03 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.6.5 serves as a replacement for Red Hat AMQ Streams 1.6.4, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
SHA-256 | bae9bdd54401a2ffe703ae89a32c164e444c30c3ccdb6476124bd55035dcc8ca
Red Hat Security Advisory 2021-5137-03
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5137-03 - Openshift Logging Bug Fix Release. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-20673, CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2019-13750, CVE-2019-13751, CVE-2019-14615, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-0427, CVE-2020-10001, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-17541, CVE-2020-24370, CVE-2020-24502, CVE-2020-24503
SHA-256 | 4d0e0ba480d1985682fcdde4cb73e526f09857aff03973f3e8b95bb969733c93
Red Hat Security Advisory 2021-5138-04
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5138-04 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.8.4 serves as a replacement for Red Hat AMQ Streams 1.8.0, and includes security and bug fixes, and enhancements. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
SHA-256 | 245168813cae86c4d76a1cfdcde77c977675b58722ddcaebf75a81c921588e60
Red Hat Security Advisory 2021-5134-05
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5134-05 - This release of Red Hat Fuse 7.10.0 serves as a replacement for Red Hat Fuse 7.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, information leakage, memory leak, privilege escalation, server-side request forgery, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, memory leak
systems | linux, redhat
advisories | CVE-2019-10744, CVE-2019-12415, CVE-2020-11987, CVE-2020-11988, CVE-2020-13943, CVE-2020-13949, CVE-2020-15522, CVE-2020-17521, CVE-2020-17527, CVE-2020-26217, CVE-2020-26259, CVE-2020-27218, CVE-2020-27223, CVE-2020-27782, CVE-2020-28491, CVE-2020-2875, CVE-2020-2934, CVE-2020-35510, CVE-2020-9488, CVE-2021-20218, CVE-2021-21290, CVE-2021-21295, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344
SHA-256 | 9284d27525337878d1b616a42ec6964f345739a90a655ed05cfae5b196bdeacd
Red Hat Security Advisory 2021-5132-02
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5132-02 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 8.2.2 replaces Data Grid 8.2.1 and includes bug fixes and enhancements. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
SHA-256 | e56d0061fd9c6f701eb83f2fc729b215f8ac79a6ceb481428481d3ec29fe7ba3
Red Hat Security Advisory 2021-5110-05
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5110-05 - The RHEL-8 based Cryostat container images have been updated with a security fix for "CVE-2020-26160 jwt-go: access restriction bypass vulnerability". Users of RHEL-8 based Cryostat container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs, and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images. You can find images updated by this advisory in Red Hat Ecosystem Catalog. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2020-26160
SHA-256 | 63915501de1b49a02aa0b126d481b202a818dff802e0229badf455bffd50eaf3
Red Hat Security Advisory 2021-5108-02
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5108-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
SHA-256 | e279da6b231c4ebbb13a7d6b31d67b58027764f775fa92fa3f79b24defdc7688
Red Hat Security Advisory 2021-5093-03
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5093-03 - This release of Red Hat build of Eclipse Vert.x 4.1.5 SP1 includes security updates. For more information, see the release notes listed in the References section. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44228
SHA-256 | f212aa682487932acd4956eaa31aaf8c0cb4487301de74c286c50599271ee0c3
Red Hat Security Advisory 2021-5126-01
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5126-01 - This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix: log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value. Issues addressed include a code execution vulnerability.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2021-44228
SHA-256 | 3626a09f3926f74d21efaa69d5715e3a64a7c3076d2073a42f8c39d4bf510155
Red Hat Security Advisory 2021-5129-06
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5129-06 - Openshift Logging Security and Bug Fix Release. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-17541, CVE-2020-24370, CVE-2020-35521, CVE-2020-35522, CVE-2020-35523, CVE-2020-35524, CVE-2020-36330, CVE-2020-36331
SHA-256 | 1e4afdddae60218feb55e3c6cdbe2798ed855a13f02fcbcc0578d7cb1f17b329
Red Hat Security Advisory 2021-5127-05
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5127-05 - Openshift Logging Security and Bug Fix Release. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-17541, CVE-2020-24370, CVE-2020-35521, CVE-2020-35522, CVE-2020-35523, CVE-2020-35524, CVE-2020-36330, CVE-2020-36331
SHA-256 | 1e2f8078db60bcc04c6dce8da02d1aaafa13feba2b38f98caa2be5533cdc2a34
Red Hat Security Advisory 2021-5128-06
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5128-06 - Openshift Logging Security and Bug Fix Release. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-20673, CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14145, CVE-2020-14155, CVE-2020-16135, CVE-2020-17541, CVE-2020-24370, CVE-2020-35521, CVE-2020-35522, CVE-2020-35523, CVE-2020-35524, CVE-2020-36330
SHA-256 | 44e06a5434f14a4d37594b811db7932de84ae206a506770768a3ce7c107b84a6
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close