exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2024-09-13

Ivanti EPM Remote Code Execution
Posted Sep 13, 2024
Authored by James Horseman, Horizon3 Attack Team | Site github.com

Proof of concept remote code execution exploit for Ivanti EPM versions prior to 2022 SU6 or the 2024 September update.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2024-29847
SHA-256 | aae283a6cefb5b56bdc7a70bc3a56e323ee785291fa82aaf40d1ff35d8e2d1e0
GeoServer Remote Code Execution
Posted Sep 13, 2024
Authored by daniellowrie | Site github.com

Proof of concept remote code execution exploit for GeoServer versions prior 2.23.6, 2.24.4, and 2.25.2.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2024-36401
SHA-256 | 89efe87af55cddb0baaa46de1bab5d58c270e280ff489d9b19f578e9bf29121e
Mandos Encrypted File System Unattended Reboot Utility 1.8.17
Posted Sep 13, 2024
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Improved documentation slightly. Made life easier for distribution packagers by making sure that make install creates all required directories. Suppressed most spurious compiler warnings. Various other updates.
tags | tool, remote, root
systems | linux, unix
SHA-256 | 63f47f1c490485524cd3ea6e610e16e4d175881a59f4e8a8ab58f1b216d150ee
Ubuntu Security Notice USN-7009-1
Posted Sep 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7009-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48772, CVE-2024-23848, CVE-2024-25741, CVE-2024-31076, CVE-2024-33847, CVE-2024-34027, CVE-2024-34777, CVE-2024-35247, CVE-2024-36015, CVE-2024-36032, CVE-2024-36270, CVE-2024-36489, CVE-2024-36894, CVE-2024-36971
SHA-256 | 5b612a46c804c77ac14a7809a47fec0de9fff4a8a6439f91a0d5ad4c32a28058
Ubuntu Security Notice USN-7005-2
Posted Sep 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7005-2 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48772, CVE-2023-52884, CVE-2024-23848, CVE-2024-31076, CVE-2024-32936, CVE-2024-33621, CVE-2024-33847, CVE-2024-34027, CVE-2024-34030, CVE-2024-36015, CVE-2024-36270, CVE-2024-36286, CVE-2024-36288, CVE-2024-36481
SHA-256 | 6722bd323d2134b55a3539166e919fdb46c6f0337a2763dd47aa0a93f5ff8e0f
Ubuntu Security Notice USN-7008-1
Posted Sep 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7008-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48772, CVE-2024-23848, CVE-2024-31076, CVE-2024-32936, CVE-2024-33619, CVE-2024-34027, CVE-2024-34777, CVE-2024-35247, CVE-2024-36015, CVE-2024-36270, CVE-2024-36286, CVE-2024-36288, CVE-2024-36479, CVE-2024-36971
SHA-256 | 4d06037efff1b22fc4a25ee26edfc4fbdfa3522a94c990b7f8761e4399d65123
Ubuntu Security Notice USN-7007-1
Posted Sep 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7007-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48772, CVE-2023-52884, CVE-2023-52887, CVE-2024-23848, CVE-2024-25741, CVE-2024-33847, CVE-2024-34027, CVE-2024-34777, CVE-2024-36014, CVE-2024-36032, CVE-2024-36286, CVE-2024-36894, CVE-2024-36972, CVE-2024-36974
SHA-256 | 75288876207886b7f55abdb86b7b5aacd443455c1c45a71b584458933c8c5632
Ubuntu Security Notice USN-7003-3
Posted Sep 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7003-3 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52803, CVE-2023-52887, CVE-2024-36974, CVE-2024-36978, CVE-2024-39487, CVE-2024-39501, CVE-2024-39502, CVE-2024-39505, CVE-2024-39509, CVE-2024-40902, CVE-2024-40905, CVE-2024-40912, CVE-2024-40916, CVE-2024-40932
SHA-256 | 67a8e70c37141ad551107083f7f1ccc236a35da5fef412d966bd74b44f5a1985
Webpay E-Commerce 1.0 Cross Site Scripting
Posted Sep 13, 2024
Authored by indoushka

Webpay E-Commerce version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 269d533402c514d2fa7b9aa27f69033e41752dd8a0147a6db754ff6c0fc28add
Men Salon Management System 2.0 PHP Code Injection
Posted Sep 13, 2024
Authored by indoushka

Men Salon Management System version 2.0 suffers from a php code injection vulnerability.

tags | exploit, php
SHA-256 | 16f109978dab4dd654ee4cf808111eef9a65cfb018b4dd430500f6c941a7322c
Emergency Ambulance Hiring Portal 1.0 Insecure Settings
Posted Sep 13, 2024
Authored by indoushka

Emergency Ambulance Hiring Portal version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 9d6c6678b135b65bbda25413c2e1c64964ee62d37717fa518ada55cae19e749c
Car Washing Management System 1.0 Insecure Settings
Posted Sep 13, 2024
Authored by indoushka

Car Washing Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 3c016fd9274336475f334ab07ed2940609eda0663a3e6076ce48b45acfe154d0
Bus Pass Management System 1.0 Insecure Settings
Posted Sep 13, 2024
Authored by indoushka

Bus Pass Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 94ddc658a9d1db8843a49a609fff1b631cea4c20eebd8367f5852db5d0effe60
BP Monitoring Management System 1.0 Insecure Settings
Posted Sep 13, 2024
Authored by indoushka

BP Monitoring Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | a2b530b3e0a28bb00c704b528988d03e386681ffd62bb38b63be53c8ac992818
Beauty Parlour And Saloon Management System 1.1 Insecure Cookie Handling
Posted Sep 13, 2024
Authored by indoushka

Beauty Parlour and Saloon Management System version 1.1 suffers from an insecure cooking handling vulnerability.

tags | exploit
SHA-256 | 4c0788f43b5ea94beac369a15563afe012375eb20121975b115510c93def998e
Auto/Taxi Stand Management System 1.0 PHP Code Injection
Posted Sep 13, 2024
Authored by indoushka

Auto/Taxi Stand Management System version 1.0 suffers from a php code injection vulnerability.

tags | exploit, php
SHA-256 | 1e0b4094b37e8533f3a72e374f0e297723b05a67a6a446f3a2c4f4ba0aa4bdb2
Art Gallery Management System 1.0 Insecure Settings
Posted Sep 13, 2024
Authored by indoushka

Art Gallery Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 0f7f1aa9e4f981852ee373789274269e831db81cb9f4a1894cd07c39e52fa2b3
Red Hat Security Advisory 2024-6657-03
Posted Sep 13, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-6657-03 - Migration Toolkit for Runtimes 1.2.7 release Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-29025
SHA-256 | e932c0dea6896c5ed879f397e371077a0ceb801385c9c43b5c563739774bcc0c
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close