exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 43 RSS Feed

Files Date: 2024-08-19

Ewon Cosy+ / Talk2M Remote Access Solution Improper Authentication
Posted Aug 19, 2024
Authored by Moritz Abrell | Site syss.de

During account assignment in the Talk2M platform, a Cosy+ device generates and sends a certificate signing request (CSR) to the back end. This CSR is then signed by the manufacturer and used for OpenVPN authentication by the device afterward. Since the common name (CN) of the certificate is specified by the device and used in order to assign the OpenVPN session to the corresponding Talk2M account, an attacker with root access to a Cosy+ device is able to manipulate the CSR and get correctly signed certificates for foreign devices.

tags | exploit, root
advisories | CVE-2024-33897
SHA-256 | 25253b1bbb687aad196d1a68e6e0528bb19297042bab3325165b8dc98905aec7
Ewon Cosy+ Excessive Access
Posted Aug 19, 2024
Authored by Moritz Abrell | Site syss.de

The Ewon Cosy+ is a VPN gateway used for remote access and maintenance in industrial environments. The Ewon Cosy+ executes all tasks and services in the context of the user "root" and therefore with the highest system privileges. By compromising a single service, attackers automatically gain full system access.

tags | advisory, remote, root
advisories | CVE-2024-33894
SHA-256 | 1525ebcf929417e37f3bdac2dcdb956f29566f6bd680a2813d148269861150f9
Dovecot IMAP Server 2.2 / 2.3 Denial Of Service
Posted Aug 19, 2024
Authored by Aki Tuomi

Dovecot IMAP server versions 2.2 and 2.3 suffer from denial of service and resource exhaustion vulnerabilities.

tags | exploit, denial of service, vulnerability, imap
advisories | CVE-2024-23184
SHA-256 | 94b0aee67b11da7bd129e38ffb00abe29b299d02c054b3f6993f853db9c89a1c
Dovecot IMAP Server 2.2 / 2.3 Missing Rate Limiting
Posted Aug 19, 2024
Authored by Aki Tuomi

Dovecot IMAP server versions 2.2 and 2.3 have an issue where a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU intensive. With 100k header lines CPU usage is already 12 seconds, and in a production environment we observed 500k header lines taking 18 minutes to parse. Since this can be triggered by external actors sending emails to a victim, this is a security issue.

tags | exploit, imap
advisories | CVE-2024-23184
SHA-256 | 110c1562e949571c822c2ff350b36b50c9dbaf0d176f46ef0289ae7411955fe8
Ewon Cosy+ Hardcoded Key
Posted Aug 19, 2024
Authored by Moritz Abrell | Site syss.de

The Ewon Cosy+ is a VPN gateway used for remote access and maintenance in industrial environments. Due to the use of a hardcoded cryptographic key, an attacker is able to decrypt encrypted data and retrieve sensitive information.

tags | exploit, remote
advisories | CVE-2024-33895
SHA-256 | 1888a210090f03bc507fc3160727ce580f1a9c9a09e8cbac293d257662b66100
Ewon Cosy+ Command Injection
Posted Aug 19, 2024
Authored by Moritz Abrell | Site syss.de

The Ewon Cosy+ is a VPN gateway used for remote access and maintenance in industrial environments. Due to improper neutralization of parameters read from a user-controlled configuration file, an authenticated attacker is able to inject and execute OS commands on the device.

tags | exploit, remote
advisories | CVE-2024-33896
SHA-256 | 8a1d1fc9f6b69674b1ce58ab3538a8faa0b20d3e41c26e9d4d475e8d597b5ed5
Ewon Cosy+ Password Disclosure
Posted Aug 19, 2024
Authored by Moritz Abrell | Site syss.de

The Ewon Cosy+ is a VPN gateway used for remote access and maintenance in industrial environments. The credentials used for the basic authentication against the web interface of Cosy+ are stored in the cookie "credentials" after a successful login. An attacker with access to a victim's browser is able to retrieve the administrative password of Cosy+.

tags | exploit, remote, web
advisories | CVE-2024-33892
SHA-256 | e33c07108e3c442346ea02e832a872e3a605c556106af6c539e021e9820cf456
Ewon Cosy+ Improper Neutralization / Cross Site Scripting
Posted Aug 19, 2024
Authored by Moritz Abrell | Site syss.de

The Ewon Cosy+ is a VPN gateway used for remote access and maintenance in industrial environments. If login against the FTP service of the Cosy+ fails, the submitted username is saved in a log. This log is included in the Cosy+ web interface without neutralizing the content. As a result, an unauthenticated attacker is able to inject HTML/JavaScript code via the username of an FTP login attempt.

tags | exploit, remote, web, javascript
advisories | CVE-2024-33893
SHA-256 | 2db40156b7623d221c6a2ba726715a466f4672d315691354c619b685d3367967
Falco 0.38.2
Posted Aug 19, 2024
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: The engine and ci both had a bug fix.
tags | tool, intrusion detection
systems | unix
SHA-256 | 3e4f5acf04cadd477a1dadac271aead459bb2df925a0aa16eae22897fa0602b4
Ubuntu Security Notice USN-6966-1
Posted Aug 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6966-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-7518, CVE-2024-7519, CVE-2024-7520, CVE-2024-7521, CVE-2024-7522, CVE-2024-7524, CVE-2024-7525, CVE-2024-7527, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531
SHA-256 | 7dc6ba8c91568ec0d1a7ffb6598cf945437605f32ce56c344d46eedf354cb49e
Ubuntu Security Notice USN-6837-2
Posted Aug 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6837-2 - It was discovered that Rack incorrectly parsed certain media types. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Rack incorrectly handled certain Range headers. A remote attacker could possibly use this issue to cause Rack to create large responses, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-25126, CVE-2024-26141, CVE-2024-26146
SHA-256 | 6f0095d079b25cf7e1b9d943359101008834a83e12a5eab69c27d05be7fb575d
Debian Security Advisory 5750-1
Posted Aug 19, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5750-1 - Support for the "strict kex" SSH extension has been backported to AsyncSSH (a Python implementation of the SSHv2 protocol) as hardening against the Terrapin attack.

tags | advisory, protocol, python
systems | linux, debian
advisories | CVE-2023-48795
SHA-256 | 0be1047e4d16efb9e6e3b1cb4e8a3bc474db795c8586bfdc7190a98d2149a514
Lawyer CMS 1.6 Insecure Settings
Posted Aug 19, 2024
Authored by indoushka

Lawyer CMS version 1.6 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 9055c2f92b307fd3af321672aaab55f2048a6aaa8933588e8175215401ad063e
Karya Online Shopping Portal 2.0 SQL Injection
Posted Aug 19, 2024
Authored by indoushka

Karya Online Shopping Portal version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | ace5835235cc9816aa9586e82f7882eca16802f166866858074cc02f513e907c
JobSeeker CMS 1.5 Insecure Settings
Posted Aug 19, 2024
Authored by indoushka

JobSeeker CMS version 1.5 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 46b993b45ba1c9b1118e18276103b7844eabb5d52b655b928258474888aca43b
Jobs Finder System 1.0 SQL Injection
Posted Aug 19, 2024
Authored by indoushka

Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0e14944aabacd3bde55dc9ca768a85b25224b5d197aed3ef9cecb63e14d97575
Human Resource Management System 2024 1.0 Insecure Settings
Posted Aug 19, 2024
Authored by indoushka

Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | bf20205d0167adcb0c48749ed7a50372cba24a18938ecfb734926b5099542af1
Hotel Management System 1.0 Cross Site Request Forgery
Posted Aug 19, 2024
Authored by indoushka

Hotel Management System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 436d7414f95271233837a50e384e3a6ab4a984b18c9329a30769d2a33b778677
Bhojon Restaurant Management System 3.0 Insecure Settings
Posted Aug 19, 2024
Authored by indoushka

Bhojon Restaurant Management System version 3.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 5040244ae54e0b0c8ba29ab2d3b854826d64f8640404907653ffda5ea3f38ca6
Accounting Journal Management System 1.0 Cross Site Request Forgery
Posted Aug 19, 2024
Authored by indoushka

Accounting Journal Management System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 8d2cfad284efc5444e134d88f958c346ba6816f8fc36237ccfc1082d80704a29
Red Hat Security Advisory 2024-5547-03
Posted Aug 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5547-03 - Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.1 on Red Hat Enterprise Linux 9 from Red Hat Container Registry. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, registry
systems | linux, redhat
advisories | CVE-2024-6104
SHA-256 | 74739dcda923acec7bfb3e748589420dea5eacb64b4cd79d2883b1c6d1b5b4b9
Red Hat Security Advisory 2024-5537-03
Posted Aug 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5537-03 - An update is now available for the Red Hat build of Cryostat 3 on RHEL 8. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-24791
SHA-256 | f5c0930131439b39789f27ba70bca0635a1d32da8abfe7e4a62258f74aba3ec1
Red Hat Security Advisory 2024-5535-03
Posted Aug 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5535-03 - An update for python3.9 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6597
SHA-256 | bf54079f34412cee673f02afd5ac65efc4d77e038a9875f2da4f22a088f26102
Red Hat Security Advisory 2024-5534-03
Posted Aug 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5534-03 - An update for python-setuptools is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, python
systems | linux, redhat
advisories | CVE-2024-6345
SHA-256 | 1a2da727428b487d6f13f9474d3cb49e9d65d3986eb259ee5e14277f2f9ed97e
Red Hat Security Advisory 2024-5533-03
Posted Aug 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5533-03 - An update for python3.12-setuptools is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-6345
SHA-256 | 4ca10548fe9c3546bf0fcda3627d4ba2a5089b93c7a7c11861ba9e6512b1891a
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close