Twenty Year Anniversary

Recent Files

Files RSS Feed
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference
Posted Oct 19, 2018
Authored by unamer, Dhiraj Mishra, bigric3, Anton Cherepanov | Site metasploit.com

This Metasploit module exploits an elevation of privilege vulnerability that exists in Windows 7 and 2008 R2 when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This Metasploit module is tested against windows 7 x86, windows 7 x64 and windows server 2008 R2 standard x64.

tags | exploit, arbitrary, x86, kernel
systems | windows, 7
OpenSSH 7.9p1
Posted Oct 19, 2018
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Now requires OpenSSL 1.1.x series 1.1.0g or greater. Various other updates.
tags | tool, encryption
systems | linux, unix, openbsd
Microsoft Security Bulletin CVE Addition For October, 2018
Posted Oct 19, 2018
Site microsoft.com

This Microsoft bulletin summary lists a new CVE that has been added to the October advisory.

tags | advisory
Viprinet VPN Hub Router Cross Site Scripting
Posted Oct 19, 2018
Authored by Denis Kolegov, SD-WAN New Hope Team

Viprinet VPN Hub Router suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
WiFiRanger 7.0.8rc3 Incorrect Access Control / Privilege Escalation
Posted Oct 19, 2018
Authored by Mitchel Jordan

WiFiRanger version 7.0.8rc3 suffers from an incorrect access control that allows for ftp retrieval of an RSA identity that an attacker can use to ssh in as root.

tags | exploit, root
CA Identity Governance Username Enumeration
Posted Oct 19, 2018
Authored by Kevin Kotas, Jake Miller | Site www3.ca.com

CA Technologies Support is alerting customers to a low risk issue with CA Identity Governance. In a certain product configuration, an attacker can gain sensitive information. CA published solutions to address the vulnerability. The vulnerability occurs due to how CA Identity Governance responds to login requests. An attacker may exploit the vulnerability to enumerate account names. Affected products include CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 and CA Identity Governance 12.6, 14.0, 14.1, and 14.2.

tags | advisory
libSSH Authentication Bypass
Posted Oct 19, 2018
Authored by Dayanc Soyadli

libSSH suffers from an authentication bypass vulnerability.

tags | exploit, bypass
Zoho ManageEngine OpManager 12.3 Arbitrary File Upload
Posted Oct 19, 2018
Authored by Murat Aydemir, Hakan Bayir

Zoho ManageEngine OpManager version 12.3 suffers from an arbitrary file upload vulnerability.

tags | advisory, arbitrary, file upload
iOS / macOS HID Event System Sandbox Escape
Posted Oct 19, 2018
Authored by Google Security Research, ianbeer

iOS and macOS suffers from a sandbox escape due to trusted length field in shared memory used by the HID event subsystem.

tags | advisory
systems | ios
Apple Intel GPU Driver Use-After-Free / Double-Delete
Posted Oct 19, 2018
Authored by Google Security Research, ianbeer

The Apple Intel GPU driver suffers from use-after-free and double-delete issues due to bad locking.

tags | advisory
systems | apple
iOS copyin Check Kernel Stack Memory Disclosure
Posted Oct 19, 2018
Authored by Google Security Research, ianbeer

iOS suffers from a kernel stack memory disclosure due to failure to check copyin return value.

tags | advisory, kernel
systems | cisco, ios
iOS / macOS MIG Sandbox Escape
Posted Oct 19, 2018
Authored by Google Security Research, ianbeer

iOS and macOS suffer from sandbox escape vulnerabilities due to MIG failing to use correct out-of-line descriptor lengths when parsing reply messages.

tags | advisory, vulnerability
systems | ios
iOS / macOS MIG Object Lifetime Semantics Sandbox Escape
Posted Oct 19, 2018
Authored by Google Security Research, ianbeer

iOS and macOS suffer from a sandbox escape vulnerability due to failure to comply with MIG object lifetime semantics in the iohideventsystem_client subsystem.

tags | advisory
systems | apple
iOS / macOS IOHIDResourceQueue::enqueueReport Integer Overflow
Posted Oct 19, 2018
Authored by Google Security Research, ianbeer

iOS and macOS suffers from a kernel memory corruption vulnerability due to integer overflow in IOHIDResourceQueue::enqueueReport.

tags | advisory, overflow, kernel
iOS / macOS Mach Message Sandbox Escape
Posted Oct 19, 2018
Authored by Google Security Research, ianbeer

iOS and macOS suffers from a sandbox escape vulnerability due to mach message sent from shared memory.

tags | advisory
systems | ios
iOS Kernel Personas Use-After-Free
Posted Oct 19, 2018
Authored by Google Security Research, ianbeer

The iOS kernel suffers from a use-after-free vulnerability due to bad error handling in personas.

tags | advisory, kernel
systems | ios
Red Hat Security Advisory 2018-2949-01
Posted Oct 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2949-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include out-of-bounds write vulnerability.

tags | advisory, javascript
systems | linux, redhat
Red Hat Security Advisory 2018-2946-01
Posted Oct 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2946-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. The RHOAR Eclipse Vert.x 3.5.4 release serves as a replacement for RHOAR Eclipse Vert.x 3.5.3, and includes bug fixes and enhancements. For a detailed list of issues resolved in the community Eclipse Vert.x 3.5.4 release, see the release notes in the References section. Issues addressed include an API validation flaw and a problem where the WebSocket HTTP upgrade implementation holds the entire http request in memory before the handshake.

tags | advisory, web
systems | linux, redhat
Red Hat Security Advisory 2018-2944-01
Posted Oct 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2944-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include an out-of-bounds write vulnerability.

tags | advisory, javascript
systems | linux, redhat
Red Hat Security Advisory 2018-2945-01
Posted Oct 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2945-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Spring Boot 1.5.16 serves as a replacement for RHOAR Spring Boot 1.5.15, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
Ghostscript 1Policy Dangerous Access To Operator
Posted Oct 18, 2018
Authored by Tavis Ormandy, Google Security Research

Ghostscript has an issues where callers of a procedure are not forced to be properly marked as executeonly or pseudo-operators, allowing for the ability to take complete control of it.

tags | advisory
Linux BPF Verifier Failed Truncation
Posted Oct 18, 2018
Authored by Jann Horn, Google Security Research

The Linux BPF verifier has an issue where 32-bit RSH verification does not truncate input before the ALU op.

tags | advisory
systems | linux
Linux Semi-Arbitrary Task Stack Read On ARM64 / x86
Posted Oct 18, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from a semi-arbitrary task stack read on ARM64 (and x86) via /proc/$pid/stack.

tags | advisory, arbitrary, x86
systems | linux
Chrome Mojo DataPipe*Dispatcher Deserialization Lacking Validation
Posted Oct 18, 2018
Authored by Google Security Research, Mark Brand

Chrome has missing validation in the deserialization routines for both DataPipeConsumerDispatcher and DataPipeProducerDispatcher, which take from the incoming message a read_offset/write_offset respectively into shared memory. Providing an offset outside the bounds of the allocated memory will then result in an out-of-bounds read/write when the pipe is used.

tags | advisory
OwnTicket 1.0 SQL Injection
Posted Oct 18, 2018
Authored by Ihsan Sencan

OwnTicket version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
View Older Files →

Recent News

News RSS Feed
Presidential Race In Brazil Marred By WhatsApp Scandal
Posted Oct 19, 2018

tags | headline, government, privacy, phone, facebook, brazil
jQuery Zero-Day Was Exploited For At Least Three Years
Posted Oct 19, 2018

tags | headline, hacker, flaw, patch
Equifax Exec Only Gets House Arrest For Hack Insider Trading
Posted Oct 19, 2018

tags | headline, hacker, data loss, fraud, identity theft
Campaign 2018: Artificial Intelligence Is Automating Attacks On Political Campaigns
Posted Oct 19, 2018

tags | headline, government, microsoft, usa, russia, fraud, cyberwar, google, facebook
Twitter Releases 10M Tweets, Reveals Decades Of Foreign Influence, Including Russia's Efforts in 2016 Election
Posted Oct 18, 2018

tags | headline, government, usa, russia, fraud, cyberwar, twitter
Tea Party Super PAC Group Spilled 500k Voters' Info All Over Web
Posted Oct 18, 2018

tags | headline, government, privacy, usa, data loss
LuminosityLink Spyware Mastermind Gets 30 Months In The Clink
Posted Oct 18, 2018

tags | headline, hacker, malware, cybercrime, fraud
Oceansalt Linked To Defunct Chinese APT Comment Crew
Posted Oct 18, 2018

tags | headline, hacker, government, malware, china, cyberwar
Oracle Releases Patch To Address Over 300 Security Issues
Posted Oct 17, 2018

tags | headline, linux, database, flaw, patch, oracle
LibSSH Flaw Leaves Thousands Of Servers At Risk Of Hijacking
Posted Oct 17, 2018

tags | headline, hacker, flaw, cryptography
View More News →

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close