Twenty Year Anniversary

Recent Files

Files RSS Feed
WordPress Redirection 2.7.1 Deserialization Code Execution
Posted Jun 15, 2018
Authored by Glyn Wintle

WordPress Redirection plugin version 2.7.1 suffers from a code execution vulnerability.

tags | exploit, code execution
CA Privileged Access Manager 2.x Code Execution
Posted Jun 15, 2018
Authored by Ken Williams | Site www3.ca.com

CA Technologies Support is alerting customers to multiple potential risks with CA Privileged Access Manager. Multiple vulnerabilities exist that can allow a remote attacker to conduct a variety of attacks. These risks include seven vulnerabilities privately reported within the past year to CA Technologies by security researchers, and nine vulnerabilities for Xceedium Xsuite that were publicly disclosed in July 2015. CA Technologies acquired Xceedium in August 2015, and Xceedium products were renamed and became part of Privileged Access Management solutions from CA Technologies. Sixteen vulnerabilities are outlined in this advisory.

tags | advisory, remote, vulnerability
Apple Security Advisory 2018-06-13-01
Posted Jun 15, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-13-01 - Xcode 9.4.1 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
Easy Chat Server 3.1 Add User Local Buffer Overflow
Posted Jun 15, 2018
Authored by Hashim Jawad

Easy Chat Server version 3.1 add user local buffer overflow exploit.

tags | exploit, overflow, local
RSA Authentication Manager Cross Site Scripting
Posted Jun 14, 2018
Site emc.com

RSA Authentication Manager versions prior to 8.3 P1 suffer from a cross site scripting vulnerability.

tags | advisory, xss
Debian Security Advisory 4228-1
Posted Jun 14, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4228-1 - Several vulnerabilities were found in SPIP, a website engine for publishing, resulting in cross-site scripting and PHP injection.

tags | advisory, php, vulnerability, xss
systems | linux, debian
Ubuntu Security Notice USN-3678-4
Posted Jun 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3678-4 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. It was discovered that the 802.11 software simulator implementation in the Linux kernel contained a memory leak when handling certain error conditions. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, ubuntu
Red Hat Security Advisory 2018-1852-01
Posted Jun 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1852-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
Ubuntu Security Notice USN-3675-2
Posted Jun 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3675-2 - USN-3675-1 fixed a vulnerability in GnuPG 2 for Ubuntu 18.04 LTS and Ubuntu 17.10. This update provides the corresponding update for GnuPG 2 in Ubuntu 16.04 LTS and Ubuntu 14.04 LTS. Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that would cause an application parsing GnuPG output to incorrectly interpret the status of the cryptographic operation reported by GnuPG. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
WebKitGTK+ Data Leak / Code Execution
Posted Jun 14, 2018
Authored by WebKitGTK+ Team

Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit that can lead to leaking of sensitive data, code execution, and more. Various 2.20.x versions are affected.

tags | advisory, vulnerability, code execution
Ubuntu Security Notice USN-3685-1
Posted Jun 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3685-1 - Some of these CVEs were already addressed in previous USN: 3439-1, 3553-1, 3528-1. It was discovered that Ruby incorrectly handled certain inputs. An attacker could use this to cause a buffer overrun. It was discovered that Ruby incorrectly handled certain files. An attacker could use this to overwrite any file on the filesystem. Various other issues were also addressed.

tags | advisory, overflow, ruby
systems | linux, ubuntu
Gentoo Linux Security Advisory 201806-04
Posted Jun 14, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201806-4 - Multiple vulnerabilities have been found in Quassel, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 0.12.5 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
Ubuntu Security Notice USN-3686-1
Posted Jun 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3686-1 - Alexander Cherepanov discovered that file incorrectly handled a large number of notes. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. Alexander Cherepanov discovered that file incorrectly handled certain long strings. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. Alexander Cherepanov discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Microsoft Security Advisory Updates For June 13, 2018
Posted Jun 14, 2018
Site microsoft.com

This Microsoft advisory notification includes advisories released or updated on June 13, 2018.

tags | advisory
msploitego 1.0
Posted Jun 14, 2018
Authored by Marc Gurreri | Site github.com

msploitego is the pentesting suite for Maltego. msploitego leverages the data gathered in a Metasploit database by enumerating and creating specific entities for services. Services like samba, smtp, snmp, http have transforms to enumerate even further.

tags | tool, web
systems | unix
rtorrent 0.9.6 Denial Of Service
Posted Jun 14, 2018
Authored by ecx86

rtorrent versions 0.9.6 and below denial of service exploit.

tags | exploit, denial of service
Joomla Ek Rishta 2.10 SQL Injection
Posted Jun 14, 2018
Authored by Guilherme Assmann

Joomla Ek Rishta component version 2.10 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Soroush IM Desktop App 0.15 Authentication Bypass
Posted Jun 14, 2018
Authored by VortexNeoX64

Soroush IM Desktop App version 0.15 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
EggHunter Buffer Overflow For Windows
Posted Jun 14, 2018
Authored by Haboob Team

Whitepaper called EggHunter Buffer Overflow for Windows. Written in Arabic.

tags | paper, overflow
systems | windows
Lateral Movement Using WinRM
Posted Jun 14, 2018
Authored by Haboob Team

Whitepaper called Lateral Movement using WinRM. Written in Arabic.

tags | paper
Eclipse Vert.x 3.5.1 HTTP Header Injection
Posted Jun 13, 2018
Authored by Lukasz D.

Eclipse Vert.x versions 3.0.0 through 3.5.1 suffer from an HTTP header injection vulnerability.

tags | exploit, web
Samsung Web Viewer For Samsung DVR Cross Site Scripting
Posted Jun 13, 2018
Authored by Yavuz Atlas

Samsung Web Viewer for Samsung DVR suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
Rockwell Automation RSLinx Classic / FactoryTalk Linx Gateway Privilege Escalation
Posted Jun 13, 2018
Authored by LiquidWorm | Site zeroscience.mk

Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway suffer from a privilege escalation vulnerability. Rockwell Automation RSLinx Classic versions 3.90.01, 3.73.00, 3.72.00, and 2.58.00 are susceptible. Rockwell Automation FactoryTalk Linx Gateway version 3.90.00 is susceptible.

tags | exploit
Ecos Secure Boot Stick 5.6.5 Credential Disclosure / Information Leak
Posted Jun 13, 2018
Authored by Michael Rossberg, Guenter Schaefer, Franz Girlich, Robert Lasch | Site telematik.prakinf.tu-ilmenau.de

Ecos Secure Boot Stick version 5.6.5 and System Management version 5.2.68 suffers from credential disclosure and various other security vulnerabilities that can lead to information disclosure.

tags | exploit, vulnerability, info disclosure
Ubuntu Security Notice USN-3684-1
Posted Jun 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3684-1 - It was discovered that Perl incorrectly handled certain archive files. An attacker could possibly use this to overwrite arbitrary files.

tags | advisory, arbitrary, perl
systems | linux, ubuntu
View Older Files →

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Recent News

News RSS Feed
Ether Doesn't Fall Under SEC Rules
Posted Jun 15, 2018

tags | headline, government, bank, usa, cryptography
Decades-Old PGP Bug Allowed Hackers To Spoof Just About Anyone's Signature
Posted Jun 15, 2018

tags | headline, flaw, cryptography
LuckyMouse Threat Group Attacks Government Websites
Posted Jun 14, 2018

tags | headline, hacker, government, malware, china
US Senators Get Digging To Find Out The Truth About FCC DDoS Attack
Posted Jun 14, 2018

tags | headline, government, usa, denial of service, fraud
Backdoored Images Downloaded 5 Million Times Finally Removed From Docker Hub
Posted Jun 14, 2018

tags | headline, hacker, fraud, backdoor
Apple To Patch Flaw FBI Has Been Using To Hack iPhones
Posted Jun 14, 2018

tags | headline, government, privacy, usa, phone, flaw, patch, apple, fbi
Microsoft Fixes Cortana Lock Screen Bypass Flaw
Posted Jun 14, 2018

tags | headline, microsoft, flaw, password, patch
Paladin's Anti-Hacking Browser Extension Looks Like Snake Oil
Posted Jun 14, 2018

tags | headline, hacker
Intel Chip Flaw - Math Unit May Spill Crypto Secrets To Apps
Posted Jun 14, 2018

tags | headline, data loss, flaw, cryptography, intel
Smart Lock Can Be Hacked In Seconds
Posted Jun 13, 2018

tags | headline, hacker, flaw
View More News →

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    9 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    34 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close