Twenty Year Anniversary

Recent Files

Files RSS Feed
Linux/Ubuntu Coredump Reading Access Bypass
Posted Jul 13, 2018
Authored by Jann Horn, Google Security Research

Linux/Ubuntu suffers from a vulnerability where other users' coredumps can be read via a setgid directory and killpriv bypass.

tags | exploit
systems | linux, ubuntu
Microsoft Windows POP/MOV SS Local Privilege Elevation
Posted Jul 13, 2018
Authored by Nick Peterson, can1357, bwatters-r7, Nemanja Mulasmajic | Site metasploit.com

This Metasploit module exploits a vulnerability in a statement in the system programming guide of the Intel 64 and IA-32 architectures software developer's manual being mishandled in various operating system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS. This Metasploit module will upload the pre-compiled exploit and use it to execute the final payload in order to gain remote code execution.

tags | exploit, remote, kernel, code execution
Hadoop YARN ResourceManager Unauthenticated Command Execution
Posted Jul 13, 2018
Authored by cbmixx | Site metasploit.com

This Metasploit module exploits an unauthenticated command execution vulnerability in Apache Hadoop through ResourceManager REST API.

tags | exploit
GNU Privacy Guard 2.2.9
Posted Jul 13, 2018
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Multiple bug fixes and code improvements added.
tags | tool, encryption
VMware Security Advisory 2018-0017
Posted Jul 13, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0017 - VMware Tools update addresses an out-of-bounds read vulnerability.

tags | advisory
G DATA TOTAL SECURITY 25.4.0.3 Active-X Buffer Overflow
Posted Jul 13, 2018
Authored by Felipe Xavier Oliveira

G DATA TOTAL SECURITY version 25.4.0.3 suffers from an active-x buffer overflow vulnerability.

tags | exploit, overflow, activex
Total AV 4.6.19 Insecure Permissions
Posted Jul 13, 2018
Authored by Felipe Xavier Oliveira

A vulnerability allows local attackers to escalate privilege on TotalAV versions 4.1.7 through 4.6.19 because of weak "C:\Program Files\TotalAV" permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM.

tags | exploit, arbitrary, local
ISS For Business 14.0.1400.2029 Blue Screen Of Death
Posted Jul 13, 2018
Authored by Felipe Xavier Oliveira

In MicroWorld eScan Internet Security Suite (ISS) for Business version 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).

tags | advisory, denial of service
OpenConext-EngineBlock 5.7.3 Cross Site Scripting
Posted Jul 13, 2018
Authored by Andrew Klaus

OpenConext-EngineBlock versions 5.7.0 through 5.7.3suffers from a cross site scripting vulnerability.

tags | exploit, xss
Fortify SSC 17.10 / 17.20 / 18.10 XXE Injection
Posted Jul 13, 2018
Authored by Alt3kx

Fortify SSC versions 17.10, 17.20, and 18.10 suffer from an out-of-band XML external entity injection vulnerability.

tags | exploit
Barracuda ADC 5.x Cross Site Scripting
Posted Jul 13, 2018
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Barracuda ADC version 5.x suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
Linux execve(/bin/sh) Shellcode
Posted Jul 13, 2018
Authored by Hashim Jawad

21 bytes small Linux x86_64 execve(/bin/sh) shellcode.

tags | shellcode
systems | linux
macOS / iOS OfficeImporter JavaScript Injection
Posted Jul 13, 2018
Authored by Google Security Research, lokihardt

macOS and iOS suffer from a javascript injection bug in OfficeImporter.

tags | exploit, javascript
systems | cisco, ios
Huawei eNSP Buffer Overflow
Posted Jul 13, 2018
Authored by S.AbenMassaoud | Site vulnerability-lab.com

Huawei eNSP version 1 suffers from a buffer overflow vulnerability that results in a denial of service condition.

tags | advisory, denial of service, overflow
Zeta Producer Desktop CMS 14.2.0 Code Execution / File Disclosure
Posted Jul 12, 2018
Authored by P. Morimoto | Site sec-consult.com

Zeta Producer Desktop CMS versions 14.2.0 and below suffers from code execution and file disclosure vulnerabilities.

tags | exploit, vulnerability, code execution
Manage Engine Exchange Reporter Plus Unauthenticated Remote Code Execution
Posted Jul 12, 2018
Authored by Kacper Szurek | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability that exists in Exchange Reporter Plus versions 5310 and below, caused by execution of bcp.exe file inside ADSHACluster servlet

tags | exploit, remote, code execution
Apache CouchDB Arbitrary Command Execution
Posted Jul 12, 2018
Authored by Max Justicz, Joan Touzet | Site metasploit.com

CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.

tags | exploit, web, arbitrary, shell
phpMyAdmin Authenticated Remote Code Execution
Posted Jul 12, 2018
Authored by Jacob Robles, ChaMd5, Henry Huang | Site metasploit.com

phpMyAdmin v4.8.0 and v4.8.1 are vulnerable to local file inclusion, which can be exploited post-authentication to execute PHP code by application. The module has been tested with phpMyAdmin v4.8.1.

tags | exploit, local, php, file inclusion
HP Security Bulletin MFSBGN03811 1
Posted Jul 12, 2018
Authored by HP | Site hp.com

HP Security Bulletin MFSBGN03811 1 - An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC) allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Revision 1 of this advisory.

tags | advisory, remote, arbitrary
RSA Identity Governance And Lifecycle Bypass / XSS
Posted Jul 12, 2018
Authored by Lukasz Plonka | Site emc.com

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security Policies. Once bypassed, a malicious user could potentially run arbitrary system commands at the OS level with application owner privileges on the affected system. RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser.

tags | advisory, remote, web, arbitrary, javascript, xss, bypass
Microsoft Edge Chakra JIT SetConcatStrMultiItemBE Type Confusion
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a type confusion vulnerability with hoisted SetConcatStrMultiItemBE instructions.

tags | exploit
Ubuntu Security Notice USN-3714-1
Posted Jul 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3714-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass CORS restrictions, obtain sensitive information, or execute arbitrary code. It was discovered that S/MIME and PGP decryption oracles can be built with HTML emails. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Red Hat Security Advisory 2018-2186-01
Posted Jul 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2186-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, web, sql injection
systems | linux, redhat
Red Hat Security Advisory 2018-2185-01
Posted Jul 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2185-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, web, sql injection
systems | linux, redhat
Ubuntu Security Notice USN-3716-1
Posted Jul 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3716-1 - This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover.

tags | advisory, root
systems | linux, ubuntu
View Older Files →

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Recent News

News RSS Feed
Ukraine Claims It Blocked VPNFilter Attack At Chemical Plant
Posted Jul 13, 2018

tags | headline, malware, cyberwar, scada
Ticketmaster Breach Part Of Massive Card Skimming Campaign
Posted Jul 12, 2018

tags | headline, hacker, privacy, bank, data loss, fraud
Hackers Are Selling Backdoors Into PCs For $10
Posted Jul 12, 2018

tags | headline, hacker, fraud, backdoor
Cambridge Analytica Staff Set Up New Firm
Posted Jul 12, 2018

tags | headline, government, privacy, data loss, fraud, cyberwar, facebook
Stolen Sensitive Drone Files Sold On Dark Web
Posted Jul 12, 2018

tags | headline, hacker, government, data loss, cyberwar
A Curious Tale Of The Priest, The Broker, The Hacked Newswires, And $100 Million Of Insider Trades
Posted Jul 11, 2018

tags | headline, hacker, bank, russia, fraud
The Crypto Currencies That Die Before They Have Bloomed
Posted Jul 11, 2018

tags | headline, bank, fraud, cryptography
Adobe Fixes Over 100 Vulnerabilities In Latest Security Patch Update
Posted Jul 11, 2018

tags | headline, flaw, adobe, patch
Arch Linux PDF Reader Package Poisoned
Posted Jul 11, 2018

tags | headline, malware, backdoor
Looks Like Macy's And Bloomingdale's Got Breached Now
Posted Jul 10, 2018

tags | headline, hacker, privacy, data loss
View More News →

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close