{"vulnerability": "CVE-2021-4200", "sightings": [{"uuid": "3960a754-2c48-418f-80b9-ce4ec33ee2e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42008", "type": "seen", "source": "https://t.me/linkersec/136", "content": "[CVE-2021-42008] Exploiting a 16-Year-Old Vulnerability in the Linux 6pack Driver\n\nThe researcher D3v17 published an article about exploiting an old heap OOB write in the N_6PACK tty line discipline. This bug has been reported by syzbot.", "creation_timestamp": "2021-12-03T16:12:52.000000Z"}, {"uuid": "6dcc8ed4-ec44-4c09-8947-7734997064a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42008", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/900", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver\nURL\uff1ahttps://github.com/0xdevil/CVE-2021-42008", "creation_timestamp": "2021-12-03T14:12:57.000000Z"}, {"uuid": "484bc95c-3385-4895-a9cc-fb95b4a47d90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42008", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4896", "content": "#exploit\nCVE-2021-42008:\nLinux Kernel Vulnerability in NetApp Products\nhttps://syst3mfailure.io/sixpack-slab-out-of-bounds\n\n2. A simple python PoC to exploit CVE-2021-26814 and gain RCE on Wazuh Manager (v.4.0.0-4.0.3) through the API service\nhttps://github.com/WickdDavid/CVE-2021-26814", "creation_timestamp": "2021-12-04T13:25:11.000000Z"}, {"uuid": "2ac94c96-9cad-46af-b27a-a0dd7518d801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42008", "type": "published-proof-of-concept", "source": "Telegram/g7Bw5KaiYbKZ91Se8eIsZuK7F7UVJ4Z0YmBnR7-ATfgPaQ", "content": "", "creation_timestamp": "2021-12-04T17:10:14.000000Z"}, {"uuid": "de2c80dd-31ca-4ed9-ae16-c7df2ed904bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4200", "type": "seen", "source": "https://t.me/cibsecurity/41716", "content": "\u203c CVE-2021-4200 \u203c\n\nA Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-02T16:27:51.000000Z"}, {"uuid": "09c4a703-44d5-42d6-bc1d-056e6b810b5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42001", "type": "seen", "source": "https://t.me/cibsecurity/41696", "content": "\u203c CVE-2021-42001 \u203c\n\nPingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-01T02:26:24.000000Z"}, {"uuid": "5f59dd07-8ce8-42d1-a69e-71dceb8ddeed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42008", "type": "seen", "source": "Telegram/TXmZ8EBGvdc4uufvEqu6hfgyjEc7K_gjD1Jpp8Uzvu6-KK0", "content": "", "creation_timestamp": "2023-03-23T09:18:19.000000Z"}, {"uuid": "71f98db1-870d-4889-863d-a3d9d61ec12f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42008", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1427", "content": "kernel-linux-factory\n*\n\u0423\u0434\u043e\u0431\u043d\u043e \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0443, \u0433\u043b\u044f\u043d\u0443\u043b \u043a\u0430\u043a\u043e\u0435 \u044f\u0434\u0440\u043e, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b \u0441\u043f\u043b\u043e\u0435\u0442, \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043f\u043e \u043c\u043e\u0440\u0434\u0435 #root\n*\n\u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 exploits \u0434\u043b\u044f:\nCVE-2016-9793\n4-20-BPF-integer\nCVE-2017-5123\nCVE-2017-6074\nCVE-2017-7308\nCVE-2017-8890\nCVE-2017-11176\nCVE-2017-16995\nCVE-2017-1000112\nCVE-2018-5333\nCVE-2019-9213 &amp; CVE-2019-8956\nCVE-2019-15666\nCVE-2020-8835\nCVE-2020-27194\nCVE-2021-3156\nCVE-2021-31440\nCVE-2021-3490\nCVE-2021-22555\nCVE-2021-41073\nCVE-2021-4154\nCVE-2021-42008\nCVE-2021-43267\nCVE-2022-0185\nCVE-2022-0847\nCVE-2022-0995\nCVE-2022-1015\nCVE-2022-2588\nCVE-2022-2639\nCVE-2022-25636\nCVE-2022-27666\nCVE-2022-32250\nCVE-2022-34918\n\ndownload\n\n#linux #exploits #kernel", "creation_timestamp": "2023-03-23T06:30:43.000000Z"}, {"uuid": "1d331451-96f9-4ba9-864e-ce238d58e3d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42000", "type": "seen", "source": "https://t.me/cibsecurity/37268", "content": "\u203c CVE-2021-42000 \u203c\n\nWhen a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-11T02:27:58.000000Z"}, {"uuid": "166d8273-61ae-4fcf-a2f2-66f891dbc6de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42006", "type": "seen", "source": "https://t.me/cibsecurity/29950", "content": "\u203c CVE-2021-42006 \u203c\n\nAn out-of-bounds access in GffLine::GffLine in gff.cpp in GCLib 0.12.7 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted GFF file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T02:29:35.000000Z"}, {"uuid": "6ce0f7cf-130b-442f-978b-63a2096c307f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42009", "type": "seen", "source": "https://t.me/cibsecurity/30375", "content": "\u203c CVE-2021-42009 \u203c\n\nAn authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-12T12:25:19.000000Z"}, {"uuid": "0f8659ac-756c-4f49-9005-3597fa9ee704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42008", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1265", "content": "CVE-2021\n\nCVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver\n\nhttps://github.com/0xdevil/CVE-2021-42008\n@BlueRedTeam", "creation_timestamp": "2021-12-03T15:31:03.000000Z"}, {"uuid": "99e1669a-8bb0-43fa-b453-bd17dcd97500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42008", "type": "seen", "source": "https://t.me/BlueRedTeam/1268", "content": "#exploit\nCVE-2021-42008:\nLinux Kernel Vulnerability in NetApp Products\nhttps://syst3mfailure.io/sixpack-slab-out-of-bounds\n\n2. A simple python PoC to exploit CVE-2021-26814 and gain RCE on Wazuh Manager (v.4.0.0-4.0.3) through the API service\nhttps://github.com/WickdDavid/CVE-2021-26814\n\n@BlueRedTeam", "creation_timestamp": "2021-12-04T12:57:37.000000Z"}]}