Exploit the possiblities

Recent Files

Files RSS Feed
Chameleon Mini Smartcard Emulator Iceman Fork 1.0
Posted Jan 19, 2018
Authored by Christian Herrmann | Site github.com

This is the first version of a mostly working firmware for the ChameleonMini RevE rebooted device. It compiles without errors or warnings and gives you more or less the same functionality as the stock firmware. This release is fully compatible with the GUI software that is bundled with the device upon purchase.

tags | tool
systems | unix
Red Hat Security Advisory 2018-0100-01
Posted Jan 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0100-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 171. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
Red Hat Security Advisory 2018-0099-01
Posted Jan 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0099-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 161. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
Debian Security Advisory 4092-1
Posted Jan 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4092-1 - The cPanel Security Team discovered that awstats, a log file analyzer, was vulnerable to path traversal attacks. A remote unauthenticated attacker could leverage that to perform arbitrary code execution.

tags | advisory, remote, arbitrary, code execution
systems | linux, debian
Online Hotel Booking System Pro 1.3 SQL Injection
Posted Jan 19, 2018
Authored by indoushka

Online Hotel Booking System Pro version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Toplist 2 SQL Injection / Backdoor Account / Shell Upload
Posted Jan 19, 2018
Authored by indoushka

Toplist 2 suffers from remote shell upload, backdoor account, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
Vanilla 2.0.18.8 Local File Inclusion
Posted Jan 19, 2018
Authored by indoushka

Vanilla version 2.0.18.8 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
cryptmount Filesystem Manager 5.2.4
Posted Jan 18, 2018
Authored by RW Penney | Site cryptmount.sourceforge.net

cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.

Changes: Minor updates to documentation and debian packaging. Patched to support cryptsetup-2.x. Updated to automake-1.15.
tags | tool, kernel, encryption
systems | linux
Lynis Auditing Tool 2.6.0
Posted Jan 18, 2018
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Binary paths are now sorted. Greek language added. systemd detection improved. VirtualBox detection extended. Several code enhancements.
tags | tool, scanner
systems | unix
Primefaces 5.x Remote Code Execution
Posted Jan 18, 2018
Authored by Bjoern Schuette | Site metasploit.com

This Metasploit module exploits an expression language remote code execution flaw in the Primefaces JSF framework. Primefaces versions prior to 5.2.21, 5.3.8 or 6.0 are vulnerable to a padding oracle attack, due to the use of weak crypto and default encryption password and salt.

tags | exploit, remote, crypto, code execution
Falco 0.9.0
Posted Jan 18, 2018
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fixed driver incompatibility problems with some linux kernel versions that can disable pagefault tracepoints. Fixed OSX Build incompatibility with latest version of libcurl.
tags | tool, intrusion detection
systems | unix
glibc getcwd() Local Privilege Escalation
Posted Jan 18, 2018
Authored by halfdog

glibc suffers from a getcwd() local privilege escalation vulnerability.

tags | exploit, local
GitStack 2.3.10 Remote Code Execution
Posted Jan 18, 2018
Authored by Kacper Szurek

GitStack version 2.3.10 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
Oracle JDeveloper IDE Directory Traversal
Posted Jan 18, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Oracle JDeveloper IDE suffers from a directory traversal vulnerability.

tags | exploit
Positive Hack Days VIII Call For Papers
Posted Jan 18, 2018
Site phdays.com

Call For Papers for Positive Hack Days VIII which will take place in Moscow, Russia.

tags | paper, conference
HP Security Bulletin HPESBHF03805 5
Posted Jan 18, 2018
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03805 5 - On January 3 2018, side-channel security vulnerabilities involving speculative execution were publicly disclosed. These vulnerabilities may impact the listed HPE products, potentially leading to information disclosure and elevation of privilege. Mitigation and resolution of these vulnerabilities may call for both an operating system update, provided by the OS vendor, and a system ROM update from HPE. Revision 5 of this advisory.

tags | advisory, vulnerability, info disclosure
Slackware Security Advisory - bind Updates
Posted Jan 18, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
HP Security Bulletin HPESBMU03806 1
Posted Jan 18, 2018
Authored by HP | Site hp.com

HP Security Bulletin HPESBMU03806 1 - A potential security vulnerability has been identified in HPE IceWall Products. The vulnerability could be exploited remotely resulting in unauthorized disclosure of information or unauthorized modification. Revision 1 of this advisory.

tags | advisory
HP Security Bulletin HPSBGN02925 3
Posted Jan 18, 2018
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02925 3 - Potential security vulnerabilities have been identified with HP IceWall SSO, IceWall File Manager and IceWall Federation Agent. The vulnerabilities could be exploited remotely resulting in unauthorized access. Revision 3 of this advisory.

tags | advisory, vulnerability
Debian Security Advisory 4090-1
Posted Jan 18, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4090-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injections and various Cross-Side Scripting (XSS) and Server-Side Request Forgery (SSRF) attacks, as well as bypass some access restrictions.

tags | advisory, remote, web, vulnerability, sql injection
systems | linux, debian
Smiths Medical Medfusion 4000 DHCP Denial Of Service
Posted Jan 18, 2018
Authored by Scott Gayou

Smiths Medical Medfusion 4000 suffers from a dhcp related denial of service vulnerability.

tags | exploit, denial of service
macOS 10.13 Kernel Memory Disclosure
Posted Jan 18, 2018
Authored by Google Security Research, ianbeer

macOS version 10.13 suffers from a kernel memory disclosure due to lack of bounds checking in AppleIntelCapriController::getDisplayPipeCapability.

tags | exploit, kernel
Microsoft Edge Chakra JIT ImplicitCallFlags Update Bugs
Posted Jan 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from multiple ImplicitCallFlags update bugs with RegExp.

tags | advisory
Red Hat Security Advisory 2018-0095-01
Posted Jan 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0095-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.

tags | advisory, java
systems | linux, redhat
Ubuntu Security Notice USN-3536-1
Posted Jan 18, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3536-1 - It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd syscall. A local attacker could potentially exploit this to execute arbitrary code in setuid programs and gain administrative privileges.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
View Older Files →

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Recent News

News RSS Feed
Intel Fix Causes Reboots And Slowdowns
Posted Jan 18, 2018

tags | headline, flaw, intel
Text Bomb Is Latest Apple Bug
Posted Jan 18, 2018

tags | headline, phone, denial of service, flaw, apple
Industrial Systems Scrambling To Catch Up With Meltdown, Spectre
Posted Jan 18, 2018

tags | headline, flaw, scada, intel
German Hacker Offers Rare Look Inside Secretive World Of Julian Assange, WikiLeaks
Posted Jan 18, 2018

tags | headline, hacker, government, britain, data loss, germany
Google Intros Security Center Tool For G Suite
Posted Jan 18, 2018

tags | headline, google
Hackers Can't Dig Into Latest Xiaomi Phone Due To GPL Violations
Posted Jan 18, 2018

tags | headline, hacker, phone, google
Ex-Santander Bank Manager Pleads Guilty To Computer Misuse Crimes
Posted Jan 18, 2018

tags | headline, privacy, bank, data loss, fraud
BIND Comes Apart Thanks To Ancient Denial Of Service Vuln
Posted Jan 17, 2018

tags | headline, dns, denial of service, flaw
Another Round Of Click-Fraud Extensions Pulled From Chrome Store
Posted Jan 17, 2018

tags | headline, malware, phone, google
Satori Botnet Successor Targets Ethereum Mining Rigs
Posted Jan 17, 2018

tags | headline, malware, bank, botnet, fraud
View More News →

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    7 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close