exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-10-10

OpenSCAP Libraries 1.3.0
Posted Oct 10, 2018
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Added Microsoft Windows CPEs. oscap-ssh can supply SSH options into an environment variable. Verbose mode is a global option in all modules. Various other updates.
tags | protocol, library
systems | unix
SHA-256 | b5afe81eb97b7ad0d469eb79d4c67be6a0d49a49fcd468a813044564e9e61f88
XMeye P2P Cloud Remote Code Execution / Integrity Issues
Posted Oct 10, 2018
Authored by Stefan Viehboeck | Site sec-consult.com

XMeye P2P Cloud used with Xiongmai IP Cameras, NVRs and DVRs suffer from predictable Cloud IDs, default admin password, and various other issues that can result in remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2018-17915, CVE-2018-17917, CVE-2018-17919
SHA-256 | 91c7dfdf6aeb957aa46e50283fc95205a17b991e8e99993f7b09e7fd6a521bdb
jQuery-File-Upload 9.22.0 Arbitrary File Upload
Posted Oct 10, 2018
Authored by Larry W. Cashdollar

jQuery-File-Upload versions 9.22.0 and below suffer from an unauthenticated arbitrary file upload vulnerability that allows for remote command execution.

tags | exploit, remote, arbitrary, file upload
SHA-256 | 9b9e155688817d68e773b78e64aa874b246af6c757592c38ac8faeace00f863c
Ubuntu Security Notice USN-3787-1
Posted Oct 10, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3787-1 - It was discovered that Tomcat incorrectly handled returning redirects to a directory. A remote attacker could possibly use this issue with a specially crafted URL to redirect to arbitrary URIs.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-11784
SHA-256 | 45be2d5a126cec79d3d3bfd4b9ca81d251cefa375c31302c5472f2304c932cba
Ubuntu Security Notice USN-3781-2
Posted Oct 10, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3781-2 - USN-3781-1 fixed vulnerabilities in WebKitGTK+. The updated package was missing some header files, preventing certain applications from building. This update fixes the problem. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, arbitrary, javascript, vulnerability, code execution, xss
systems | linux, ubuntu
SHA-256 | 2b00f712e0276977a856acf715b8a2c3ec35dcfa43d7209bc7def4294c7d955a
Red Hat Security Advisory 2018-2902-01
Posted Oct 10, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2902-01 - .NET Core is a managed software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address several security vulnerabilities are now available. The updated versions are .NET Core 1.1.1 and 1.0.13. These versions correspond to the October 2018 security release by .NET Core upstream projects. Issues addressed include an information leakage vulnerability.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2018-8292
SHA-256 | 340cc14988a0eb7e4c0ff80ec415d0603518d27ac97d50efb79928018ac10edd
Mikrotik RouterOS Remote Root
Posted Oct 10, 2018
Authored by Jacob Baines

Mikrotik RouterOS versions 6.x suffer from a remote root code execution vulnerability.

tags | exploit, remote, root, code execution
advisories | CVE-2018-14847
SHA-256 | 3f8c52b062ca67ece824e00c875d47df8ead0831abf8803a9a4a87310336aa60
Delta Electronics Delta Industrial Automation COMMGR 1.08 Buffer Overflow
Posted Oct 10, 2018
Authored by t4rkd3vilz

Delta Electronics Delta Industrial Automation COMMGR versions 1.08 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2018-10594
SHA-256 | 21735127472d0f336789c979a9109de253aab1f1853d7a1f0e0ccc5036d23af0
VMware Security Advisory 2018-0025
Posted Oct 10, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0025 - VMware ESXi, Workstation, and Fusion workarounds address a denial-of-service vulnerability.

tags | advisory
advisories | CVE-2018-6977
SHA-256 | 170ccb20869d99e8a32ef8b0b7c44a0aec599b17afce56a2e985c666dca076a4
Red Hat Security Advisory 2018-2892-01
Posted Oct 10, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2892-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. The glusterfs packages have been upgraded to upstream version 3.12.2, which provides a number of bug fixes over the previous version. Issues addressed include a deserialization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10911
SHA-256 | c74a6ba2d605744c4a758a3aa05578ffb837837c83e15f3771cb4831872b1908
Ektron CMS 9.20 SP2 Improper Access Restrictions
Posted Oct 10, 2018
Authored by Alt3kx

Ektron CMS version 9.20 SP2 suffers from an improper access restriction vulnerability.

tags | exploit
advisories | CVE-2018-12596
SHA-256 | fd1f946762d555d6b36ddb6d80407a3437fbb0467bbad67303c164182e27d9fb
Wikidforum 2.20 SQL Injection
Posted Oct 10, 2018
Authored by Ihsan Sencan

Wikidforum version 2.20 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dcb75325ddd42b71802df4f523edd1fcd902226093356ce633a732f40cd339bf
FileZilla 3.33 Buffer Overflow
Posted Oct 10, 2018
Authored by Kagan Capar

FileZilla version 3.33 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 2ed2bdf8b9a0fc35523cab82487fa2c70c2d1658b7a287a0d3e306989bb53b0d
TestSSL 3.0rc2
Posted Oct 10, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Partly addresses TCP fragmentation. Added name check for XMPP servers. Added support for STARTTLS LMTP. TLS 1.3 and OpenSSL 1.1.1 fixes.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 9c78313a1926e455e5a89e22c093d3d0d6165d5c03e766c754ec141f3c00580f
LOKIDN - Lapse Of Keyboard At Internationalized Domain Name
Posted Oct 10, 2018
Authored by Ozkan Mustafa Akkus

Whitepaper called LOKIDN - Lapse of Keyboard at Internationalized Domain Name.

tags | paper
SHA-256 | 9350c60f34392d28e37a855ba1a59aaeace47cc0db7171332b2ab4d53f6edadd
Client Side Injection On Web Applications
Posted Oct 10, 2018
Authored by Milad Khoshdel

Whitepaper called Client Side Injection on Web Applications.

tags | paper, web
SHA-256 | 05b69e6f5fef3bde99785bc70b216354a124bbcbf8099e03d89577ab3fc8a5da
Page 1 of 1

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    19 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By