what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 68 RSS Feed

Files Date: 2024-04-23

Nmap Port Scanner 7.95
Posted Apr 23, 2024
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Integrated over 4000 IPv4 OS fingerprints submitted since June 2020. Added 336 fingerprints, bringing the new total to 6036. Integrated over 2500 service/version detection fingerprints submitted since June 2020. The signature count went up 1.4% to 12089, including 9 new softmatches. Four new NSE scripts. Various other improvements and bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | e14ab530e47b5afd88f1c8a2bac7f89cd8fe6b478e22d255c5b9bddb7a1c5778
Debian Security Advisory 5673-1
Posted Apr 23, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5673-1 - Charles Fol discovered that the iconv() function in the GNU C library is prone to a buffer overflow vulnerability when converting strings to the ISO-2022-CN-EXT character set, which may lead to denial of service (application crash) or the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2024-2961
SHA-256 | 6f569b43fda03fbc293555c3e4f3d09f13cc184d51ccfed81bc50e87f8709332
Ubuntu Security Notice USN-6746-1
Posted Apr 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6746-1 - It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2024-24786
SHA-256 | 4711e95dafcdc5ecd9aa5665bc96071e9d4193763164d7e9726ef45f45021482
FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution
Posted Apr 23, 2024
Authored by Spencer McIntyre, jheysel-r7, James Horseman, Zach Hanley | Site metasploit.com

A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and 7.0.1 through 7.0.10. FortiClient EMS serves as an endpoint management solution tailored for enterprises, offering a centralized platform for overseeing enrolled endpoints. The SQL injection vulnerability is due to user controller strings which can be sent directly into database queries. FcmDaemon.exe is the main service responsible for communicating with enrolled clients. By default it listens on port 8013 and communicates with FCTDas.exe which is responsible for translating requests and sending them to the database. In the message header of a specific request sent between the two services, the FCTUID parameter is vulnerable to SQL injection. It can be used to enable the xp_cmdshell which can then be used to obtain unauthenticated remote code execution in the context of NT AUTHORITY\SYSTEM. Upgrading to either 7.2.3, 7.0.11 or above is recommended by FortiNet. It should be noted that in order to be vulnerable, at least one endpoint needs to be enrolled / managed by FortiClient EMS for the necessary vulnerable services to be available.

tags | exploit, remote, code execution, sql injection
advisories | CVE-2023-48788
SHA-256 | 5dc08a7c993a962915dd2867b371b86d2696d585975c16dd1ce9c50691286b53
Suricata IDPE 7.0.5
Posted Apr 23, 2024
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: 6 security fixes, 17 bug fixes, 1 optimization, 2 features, and 1 documentation updates.
tags | tool, intrusion detection
systems | unix
advisories | CVE-2024-32663, CVE-2024-32664, CVE-2024-32867
SHA-256 | 1ffb568158f265c08554464bfb854e6568ef683bf03312923b51f28c50790a4e
Debian Security Advisory 5672-1
Posted Apr 23, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21094
SHA-256 | a9064c09d4359e5484ea104362dc6a838926946bd9996ac856a59a71a2840bdb
GitLens Git Local Configuration Execution
Posted Apr 23, 2024
Authored by h00die, Paul Gerste | Site metasploit.com

GitKraken GitLens versions prior to 14.0.0 allow an untrusted workspace to execute git commands. A repo may include its own .git folder including a malicious config file to execute arbitrary code. Tested against VSCode 1.87.2 with GitLens 13.6.0 on Ubuntu 22.04 and Windows 10.

tags | exploit, arbitrary
systems | linux, windows, ubuntu
advisories | CVE-2023-46944
SHA-256 | b8273beeca3962657f6a9b1d3bfeafcc468090839b20a36ae8bb674024aa42ce
Ubuntu Security Notice USN-6728-3
Posted Apr 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6728-3 - USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-49288, CVE-2023-5824, CVE-2024-23638, CVE-2024-25111, CVE-2024-25617
SHA-256 | 0bf30fb6ffcb2ab3a9eb80bf643a6a374df5e9b1e030e608690f2c194f51ccdd
Ubuntu Security Notice USN-6743-2
Posted Apr 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6743-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2023-52600, CVE-2023-52603, CVE-2024-26591
SHA-256 | ad9c04adbcdee9be436a8df29d9d071201aa865ba8141b9946f2a4e52cb9ffe9
Visual Studio Code Execution
Posted Apr 23, 2024
Authored by h00die | Site metasploit.com

This Metasploit module creates a vsix file which can be installed in Visual Studio Code as an extension. At activation/install, the extension will execute a shell or two. Tested against VSCode 1.87.2 on Ubuntu 22.04.

tags | exploit, shell
systems | linux, ubuntu
SHA-256 | e6880eb05602e6f92b535b42014f6031b0323eada13388a7f9aab0f3804a2789
Debian Security Advisory 5671-1
Posted Apr 23, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5671-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094
SHA-256 | 5c18eb648b6f3785439fef0afc436e9646416b6ddec16705c0cb435ea59ff3a9
Gambio Online Webshop 4.9.2.0 Remote Code Execution
Posted Apr 23, 2024
Authored by h00die-gr3y, usd Herolab | Site metasploit.com

A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an attacker to execute remote code on affected systems. The insecure deserialization vulnerability in Gambio poses a significant risk to affected systems. As it allows remote code execution, adversaries could exploit this flaw to execute arbitrary commands, potentially resulting in complete system compromise, data exfiltration, or unauthorized access to sensitive information.

tags | exploit, remote, web, arbitrary, code execution
advisories | CVE-2024-23759
SHA-256 | b039dd6352f7639972110e6885da153c2438aa56b1f4c40dc395f737607363b4
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
Posted Apr 23, 2024
Authored by sfewer-r7, remmons-r7 | Site metasploit.com

This Metasploit module exploits two vulnerabilities in Palo Alto Networks PAN-OS that allow an unauthenticated attacker to create arbitrarily named files and execute shell commands. Configuration requirements are PAN-OS with GlobalProtect Gateway or GlobalProtect Portal enabled and telemetry collection on (default). Multiple versions are affected. Payloads may take up to one hour to execute, depending on how often the telemetry service is set to run.

tags | exploit, shell, vulnerability
advisories | CVE-2024-3400
SHA-256 | 9c69f9786e45a27c7e5254838feb1083b7180cc983336792158dcfa2db1cdf80
Debian Security Advisory 5670-1
Posted Apr 23, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5670-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2024-2609, CVE-2024-3302, CVE-2024-3852, CVE-2024-3854, CVE-2024-3857, CVE-2024-3859, CVE-2024-3861, CVE-2024-3864
SHA-256 | dda1a12438be627d8e083962bff09cf7f33ae4c9b77094116c099bff8d04a008
Ubuntu Security Notice USN-6744-2
Posted Apr 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6744-2 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Pillow in Ubuntu 20.04 LTS. Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-28219
SHA-256 | 7f9a3f70c1f7e100375a7fbb89547638e45380d3ba57eca5212263547b378f8c
Palo Alto PAN-OS Command Execution / Arbitrary File Creation
Posted Apr 23, 2024
Authored by Kr0ff

Palo Alto PAN-OS versions prior to 11.1.2-h3 command injection and arbitrary file creation exploit.

tags | exploit, arbitrary
advisories | CVE-2024-3400
SHA-256 | 594b68c209a4adfbc7ba9577a8a4aeb75c0f92fd1d23ee6c6e97dbda9ba864a9
Ubuntu Security Notice USN-6744-1
Posted Apr 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6744-1 - Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-28219
SHA-256 | a1631938e290abb7678d024b33eb2b0bf5cf2f26fdff61069536a736c29b981a
Ubuntu Security Notice USN-6745-1
Posted Apr 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6745-1 - It was discovered that in Percona XtraBackup, a local crafted filename could trigger arbitrary code execution.

tags | advisory, arbitrary, local, code execution
systems | linux, ubuntu
advisories | CVE-2022-25834
SHA-256 | 40803bb13bb6b4c27bfc5773a166b8effac088e66f24df2f5ef97c3868607eea
Ubuntu Security Notice USN-6738-1
Posted Apr 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6738-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that LXD incorrectly handled the handshake phase and the use of sequence numbers in SSH Binary Packet Protocol. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass integrity checks.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2023-48795
SHA-256 | d77b141e270c41154b29de186352132905dedeb534b3e7d82e7b08b98259c5f4
Red Hat Security Advisory 2024-1963-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1963-03 - An update for golang is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | 30504d3ba5eebf5e3723887c5e62e78d671a34bdf6d84cfa4f721e5a4a65219e
Red Hat Security Advisory 2024-1962-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1962-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | 4572c90bb09941cb87e487c7248b054fb831de3fa839d578ad2b1b06409667fc
Red Hat Security Advisory 2024-1961-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1961-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3812
SHA-256 | 007bd2b1b1a446adaa68f8c1cb8653e9d5566c1d370e91eaf92fc225973d3f3a
Red Hat Security Advisory 2024-1960-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1960-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-4622
SHA-256 | b1037ca38a9e5ff94c54c7dff951d9a18f9e3eb8c372e1797112fe42c0c86670
Red Hat Security Advisory 2024-1959-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1959-03 - An update for shim is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-40546
SHA-256 | a7d6efdebf9b19259a2dfbf9ed245746cda2bf4c8dbf74ebf9dd7c968025e185
Red Hat Security Advisory 2024-1948-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1948-03 - An update for Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product Security has rated this update as having a security impact of Important. Issues addressed include denial of service and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 173ae7b62f032275fe2fa16f73b9ab6443b79829dc237c560e1b8faf11cf07b9
Page 1 of 3
Back123Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close