what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 3,760 RSS Feed

Protocol Files

GNU Transport Layer Security Library 3.8.8
Posted Nov 5, 2024
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: Three changes to libgnutls. One build change. No API or ABI modifications.
tags | protocol, library
SHA-256 | ac4f020e583880b51380ed226e59033244bc536cad2623f2e26f5afa2939d8fb
Debian Security Advisory 5798-1
Posted Oct 28, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5798-1 - Christoper L. Shannon discovered that the implementation of the OpenWire protocol in Apache ActiveMQ was susceptible to the execution of arbitrary code.

tags | advisory, arbitrary, protocol
systems | linux, debian
advisories | CVE-2023-46604
SHA-256 | 45b67c516cd6f0886ceabd7906d8897cff0b47731379675fc4210f9dc1ea42e3
Ubuntu Security Notice USN-7042-3
Posted Oct 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7042-3 - USN-7042-2 released an improved fix for cups-browsed. This update provides the corresponding update for Ubuntu 24.10. Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol.

tags | advisory, remote, arbitrary, local, protocol
systems | linux, ubuntu
advisories | CVE-2024-47176
SHA-256 | bcfb45a99344cfbb1e508b8fa8b50297a7f22efed18b112b2d79da6dc19b12cd
Wireshark Analyzer 4.4.1
Posted Oct 10, 2024
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: Reload framing fixes. AppleTalk fix. Allows saving files with Qt 6.8. Donation page added. Update VELOS and rSeries platform identifiers for f5fileinfo. Various other updates and fixes.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 2b9e96572a7002c3e53b79683cf92f8172217e64c17ecaaf612eb68c2a7556ec
Ubuntu Security Notice USN-7043-4
Posted Oct 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7043-4 - USN-7043-1 fixed vulnerabilities in cups-filters. This update improves the fix for CVE-2024-47176 by removing support for the legacy CUPS printer discovery protocol entirely. Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol. Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.

tags | advisory, remote, arbitrary, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2024-47076, CVE-2024-47176
SHA-256 | d6735cd226521138a1caa83e35e3599310090e11b787a19fe17009e31c3e555a
Ubuntu Security Notice USN-7042-2
Posted Oct 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7042-2 - USN-7042-1 fixed a vulnerability in cups-browsed. This update improves the fix by removing support for the legacy CUPS printer discovery protocol entirely. Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol.

tags | advisory, remote, arbitrary, local, protocol
systems | linux, ubuntu
advisories | CVE-2024-47176
SHA-256 | c9d388e6e36edc217181c7dfaecdbff89ae45ef265bf94be3ca4b0635d69e57f
Ubuntu Security Notice USN-7043-3
Posted Oct 8, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7043-3 - USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 16.04 LTS Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol.

tags | advisory, remote, arbitrary, local, protocol
systems | linux, ubuntu
advisories | CVE-2024-47176
SHA-256 | 8f1256b770d30fefb59acd2a2956a4df9f5307d5c3eaf0614673f777bd0fa0a0
Ubuntu Security Notice USN-7051-1
Posted Oct 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7051-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2023-48795
SHA-256 | ce5df6d62802bddd9c18e1622465edf5bc09f0f6e0f1e2fdd958088e44de9de8
Ubuntu Security Notice USN-7043-2
Posted Oct 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7043-2 - USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 18.04 LTS. Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol.

tags | advisory, remote, arbitrary, local, protocol
systems | linux, ubuntu
advisories | CVE-2024-47176
SHA-256 | a09eaabe0ef1a2611294b49eb1f783c16957c290485e82b3cdd482bcfd685809
Ubuntu Security Notice USN-7043-1
Posted Sep 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7043-1 - Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol. Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.

tags | advisory, remote, arbitrary, local, protocol
systems | linux, ubuntu
advisories | CVE-2024-47076, CVE-2024-47176
SHA-256 | 6be885c667c90d4d917930789e9acf48c114374ee951a31c9a59128bb6d62679
Ubuntu Security Notice USN-7042-1
Posted Sep 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7042-1 - Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol.

tags | advisory, remote, arbitrary, local, protocol
systems | linux, ubuntu
advisories | CVE-2024-47176
SHA-256 | 8c8231298308822cc8beedd5cd69958dccdfd1f68c38b57cf1fdd39eb50a1837
OpenSSL Toolkit 3.3.2
Posted Sep 4, 2024
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Changes: Fixed possible denial of service in X.509 name checks. Fixed possible buffer overread in SSL_select_next_proto().
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2024-5535, CVE-2024-6119
SHA-256 | 2e8a40b01979afe8be0bbfb3de5dc1c6709fedb46d6c89c10da114ab5fc3d281
OpenSSL Toolkit 3.2.3
Posted Sep 4, 2024
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Changes: Fixed possible denial of service in X.509 name checks. Fixed possible buffer overread in SSL_select_next_proto().
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2024-5535, CVE-2024-6119
SHA-256 | 52b5f1c6b8022bc5868c308c54fb77705e702d6c6f4594f99a0df216acf46239
OpenSSL Toolkit 3.1.7
Posted Sep 4, 2024
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Changes: Fixed possible denial of service in X.509 name checks. Fixed possible buffer overread in SSL_select_next_proto().
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2024-5535, CVE-2024-6119
SHA-256 | 053a31fa80cf4aebe1068c987d2ef1e44ce418881427c4464751ae800c31d06c
OpenSSL Toolkit 3.0.15
Posted Sep 4, 2024
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Changes: Fixed possible denial of service in X.509 name checks. Fixed possible buffer overread in SSL_select_next_proto().
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2024-5535, CVE-2024-6119
SHA-256 | 23c666d0edf20f14249b3d8f0368acaee9ab585b09e1de82107c66e1f3ec9533
Ray Sharp DVR Password Retriever
Posted Sep 1, 2024
Authored by H D Moore, someluser | Site metasploit.com

This Metasploit module takes advantage of a protocol design issue with the Ray Sharp based DVR systems. It is possible to retrieve the username and password through the TCP service running on port 9000. Other brands using this platform and exposing the same issue may include Swann, Lorex, Night Owl, Zmodo, URMET, and KGuard Security.

tags | exploit, tcp, protocol
SHA-256 | 8805abb547ee0c40d40a8ab15abce346a4a37b8f5ae7b7a9eeac09aa9f1a2cf4
Rosewill RXS-3211 IP Camera Password Retriever
Posted Sep 1, 2024
Authored by Ben Schmidt | Site metasploit.com

This Metasploit module takes advantage of a protocol design issue with the Rosewill admin executable in order to retrieve passwords, allowing remote attackers to take administrative control over the device. Other similar IP Cameras such as Edimax, Hawking, Zonet, etc, are also believed to have the same flaw, but not fully tested. The protocol design issue also allows attackers to reset passwords on the device.

tags | exploit, remote, protocol
SHA-256 | 362007d6c9e7ed189b21c55291fc6aa6c1c4b1494d29638e41d80a4dd9cf8eac
Moxa UDP Device Discovery
Posted Aug 31, 2024
Authored by Patrick DeSantis | Site metasploit.com

The Moxa protocol listens on 4800/UDP and will respond to broadcast or direct traffic. The service is known to be used on Moxa devices in the NPort, OnCell, and MGate product lines. A discovery packet compels a Moxa device to respond to the sender with some basic device information that is needed for more advanced functions. The discovery data is 8 bytes in length and is the most basic example of the Moxa protocol. It may be sent out as a broadcast (destination 255.255.255.255) or to an individual device. Devices that respond to this query may be vulnerable to serious information disclosure vulnerabilities, such as CVE-2016-9361. The module is the work of Patrick DeSantis of Cisco Talos and is derived from original work by K. Reid Wightman. Tested and validated on a Moxa NPort 6250 with firmware versions 1.13 and 1.15.

tags | exploit, udp, vulnerability, protocol, info disclosure
systems | cisco
advisories | CVE-2016-9361
SHA-256 | 98b6bc9ac986f9cabba0156932ffefd60159a96b8107e1d9b3448bedd300ff36
Apache Tomcat AJP File Read
Posted Aug 31, 2024
Authored by SunCSR, A Security Researcher of Chaitin Tech | Site metasploit.com

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP. Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.

tags | exploit, remote, web, arbitrary, code execution, protocol, file upload
advisories | CVE-2020-1938
SHA-256 | f20ed46e990bc49e51e4df52537ec564d571907ef6c1bab6631f3044e0db35c8
Chromecast YouTube Remote Control
Posted Aug 31, 2024
Authored by Jay Turla | Site metasploit.com

This Metasploit module acts as a simple remote control for Chromecast YouTube. Only the deprecated DIAL protocol is supported by this module. Casting via the newer CASTV2 protocol is unsupported at this time.

tags | exploit, remote, protocol
SHA-256 | e6f2818d3d719fc25a77035d112d22c1dfffde0f01fb1cf301c6e9d8440457b4
Allen-Bradley/Rockwell Automation EtherNet/IP CIP Commands
Posted Aug 31, 2024
Authored by Tod Beardsley, Ruben Santamarta, K. Reid Wightman | Site metasploit.com

The EtherNet/IP CIP protocol allows a number of unauthenticated commands to a PLC which implements the protocol. This Metasploit module implements the CPU STOP command, as well as the ability to crash the Ethernet card in an affected device. This Metasploit module is based on the original ethernetip-multi.rb Basecamp module from DigitalBond.

tags | exploit, protocol
SHA-256 | 887d7ca941da90893389c8d56d690e8e44325dff76f8eba61e9b105f62a0c3e5
Schneider Modicon Ladder Logic Upload/Download
Posted Aug 31, 2024
Authored by Tod Beardsley, K. Reid Wightman | Site metasploit.com

The Schneider Modicon with Unity series of PLCs use Modbus function code 90 (0x5a) to send and receive ladder logic. The protocol is unauthenticated, and allows a rogue host to retrieve the existing logic and to upload new logic. Two modes are supported: "SEND" and "RECV," which behave as one might expect -- use set mode ACTIONAME to use either mode of operation. In either mode, FILENAME must be set to a valid path to an existing file (for SENDing) or a new file (for RECVing), and the directory must already exist. The default, modicon_ladder.apx is a blank ladder logic file which can be used for testing. This Metasploit module is based on the original modiconstux.rb Basecamp module from DigitalBond.

tags | exploit, protocol
SHA-256 | e5568f7609da41c1b5a99aaa7d319bbcc02872f0370b9fe227d271b21a9b5d97
Moxa Device Credential Retrieval
Posted Aug 31, 2024
Authored by K. Reid Wightman, Patrick DeSantis | Site metasploit.com

The Moxa protocol listens on 4800/UDP and will respond to broadcast or direct traffic. The service is known to be used on Moxa devices in the NPort, OnCell, and MGate product lines. Many devices with firmware versions older than 2017 or late 2016 allow admin credentials and SNMP read and read/write community strings to be retrieved without authentication. This Metasploit module is the work of Patrick DeSantis of Cisco Talos and K. Reid Wightman. Tested on: Moxa NPort 6250 firmware v1.13, MGate MB3170 firmware 2.5, and NPort 5110 firmware 2.6.

tags | exploit, udp, protocol
systems | cisco
advisories | CVE-2016-9361
SHA-256 | 993fe76383658c80bcdb06cee32dc9d065dae5ecbd2b15061a1c670b3fa96e6d
PhoenixContact PLC Remote START/STOP Command
Posted Aug 31, 2024
Authored by Photubias | Site metasploit.com

PhoenixContact Programmable Logic Controllers are built upon a variant of ProConOS. Communicating using a proprietary protocol over ports TCP/1962 and TCP/41100 or TCP/20547. It allows a remote user to read out the PLC Type, Firmware and Build number on port TCP/1962. And also to read out the CPU State (Running or Stopped) AND start or stop the CPU on port TCP/41100 (confirmed ILC 15x and 17x series) or on port TCP/20547 (confirmed ILC 39x series).

tags | exploit, remote, tcp, protocol
advisories | CVE-2014-9195
SHA-256 | 121da6ea0c1ed5792460a8fc75979c956e19cb91d2f862453bd1833c0c4711f2
Jenkins cli Ampersand Replacement Arbitrary File Read
Posted Aug 31, 2024
Authored by h00die, binganao, h4x0r-dz, Vozec, Yaniv Nizry | Site metasploit.com

This Metasploit module utilizes the Jenkins cli protocol to run the help command. The cli is accessible with read-only permissions by default, which are all thats required. Jenkins cli utilizes args4js parseArgument, which calls expandAtFiles to replace any @<filename> with the contents of a file. We are then able to retrieve the error message to read up to the first two lines of a file. Exploitation by hand can be done with the cli, see markdown documents for additional instructions. There are a few exploitation oddities: 1. The injection point for the help command requires 2 input arguments. When the expandAtFiles is called, each line of the FILE_PATH becomes an input argument. If a file only contains one line, it will throw an error: ERROR: You must authenticate to access this Jenkins. However, we can pad out the content by supplying a first argument. 2. There is a strange timing requirement where the download (or first) request must get to the server first, but the upload (or second) request must be very close behind it. From testing against the docker image, it was found values between .01 and 1.9 were viable. Due to the round trip time of the first request and response happening before request 2 would be received, it is necessary to use threading to ensure the requests happen within rapid succession. Files of value: * /var/jenkins_home/secret.key * /var/jenkins_home/secrets/master.key * /var/jenkins_home/secrets/initialAdminPassword * /etc/passwd * /etc/shadow * Project secrets and credentials * Source code, build artifacts.

tags | exploit, protocol
advisories | CVE-2024-23897
SHA-256 | 8799f2e8f0af3fd5eaa3690edb0e303a727a1d5ed7c421cade67b080436d71e9
Page 1 of 151
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close