exploit the possibilities

Recent Files

Files RSS Feed
Red Hat Security Advisory 2019-2582-01
Posted Aug 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2582-01 - Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
Ubuntu Security Notice USN-4112-1
Posted Aug 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4112-1 - Abhishek Lekshmanan discovered that the RADOS gateway implementation in Ceph did not handle client disconnects properly in some situations. A remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
Ubuntu Security Notice USN-4111-1
Posted Aug 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4111-1 - Hiroki Matsukuma discovered that the PDF interpreter in Ghostscript did not properly restrict privileged calls when -dSAFER restrictions were in effect. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
PilusCart 1.4.1 Local File Disclosure
Posted Aug 29, 2019
Authored by Damian Ebelties

PilusCart versions 1.4.1 and below suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
Jobberbase 2.0 subscribe SQL Injection
Posted Aug 29, 2019
Authored by Damian Ebelties

Jobberbase version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Webkit JSC JIT ArgumentsEliminationPhase::transform Uninitialized Variable Access
Posted Aug 29, 2019
Authored by Google Security Research, lokihardt

Webkit JSC JIT suffers from an uninitialized variable access vulnerability in ArgumentsEliminationPhase::transform.

tags | exploit
PHP Web Backdoor Decode
Posted Aug 29, 2019
Authored by Mohammad Ariful Islam

Whitepaper called PHP Web Backdoor Decode. It covers decoding an obfuscated/encoded web backdoor shell, recovering the original source code, and the encrypted password in order to login to the backdoor shell.

tags | paper, web, shell, php
Bro Network Security Monitor 2.6.4
Posted Aug 28, 2019
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: This is a security patch release to address a potential denial of service vulnerability. The NTLM analyzer did not properly handle AV Pair sequences that were either empty or unterminated, resulting in invalid memory access or heap buffer over-read. The NTLM analyzer is enabled by default and used in the analysis of SMB, DCE/RPC, and GSSAPI protocols.
tags | tool, intrusion detection
systems | unix
Ubuntu Security Notice USN-4110-4
Posted Aug 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4110-4 - USN-4110-1 fixed a vulnerability in Dovecot. The update introduced a regression causing a wrong check. This update fixes the problem for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Kernel Live Patch Security Notice LSN-0054-1
Posted Aug 28, 2019
Authored by Benjamin M. Romer

It was discovered that the USB video device class implementation in the Linux kernel did not properly validate control bits, resulting in an out of bounds buffer read. A local attacker could use this to possibly expose sensitive information (kernel memory). It was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities have also been addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux
Ubuntu Security Notice USN-4110-3
Posted Aug 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4110-3 - USN-4110-1 fixed a vulnerability in Dovecot. The update introduced a regression causing a wrong check. This update fixes the problem. Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Red Hat Security Advisory 2019-2579-01
Posted Aug 28, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2579-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. A crash issue was addressed.

tags | advisory
systems | linux, redhat
I2P 0.9.42
Posted Aug 28, 2019
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Bug fix release.
tags | tool
systems | unix
Cisco UCS / IMC Supervisor Authentication Bypass / Command Injection
Posted Aug 28, 2019
Authored by Pedro Ribeiro

Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data suffer from default password, authentication bypass, and command injection vulnerabilities.

tags | exploit, vulnerability, bypass
systems | cisco
Red Hat Security Advisory 2019-2548-01
Posted Aug 28, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2548-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a cross site request forgery vulnerability.

tags | advisory, csrf
systems | linux, redhat
Red Hat Security Advisory 2019-2571-01
Posted Aug 28, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2571-01 - Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
Red Hat Security Advisory 2019-2577-01
Posted Aug 28, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2577-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. A crash issue has been addressed.

tags | advisory
systems | linux, redhat
Ubuntu Security Notice USN-4110-2
Posted Aug 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4110-2 - USN-4110-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Debian Security Advisory 4510-1
Posted Aug 28, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4510-1 - Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve protocol parsers in the Dovecot email server do not properly validate input (both pre- and post-login). A remote attacker can take advantage of this flaw to trigger out of bounds heap memory writes, leading to information leaks or potentially the execution of arbitrary code.

tags | advisory, remote, arbitrary, imap, protocol
systems | linux, debian
Ubuntu Security Notice USN-4110-1
Posted Aug 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4110-1 - Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Joomla JomEstate 4.1 SQL Injection
Posted Aug 28, 2019
Authored by KingSkrupellos

Joomla version 2.5.28 with JomEstate component version 4.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Joomla Easy GuestBook 1.0 SQL Injection
Posted Aug 28, 2019
Authored by KingSkrupellos

Joomla version 1.0.15 with Easy GuestBook component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Outlook Password Recovery 2.10 Denial Of Service
Posted Aug 28, 2019
Authored by Velayutham Selvaraj, Praveen Thiyagarayam

Outlook Password Recovery version 2.10 suffers from a denial of service vulnerability.

tags | exploit, denial of service
Pulse Secure SSL VPN File Disclosure NSE
Posted Aug 27, 2019
Authored by r00tpgp

This is an Nmap NSE script to detect where or not a target is vulnerable to the Pulse Secure SSL VPN file disclosure vulnerability. It reads /etc/passwd.

tags | exploit
Red Hat Security Advisory 2019-2565-01
Posted Aug 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2565-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. An OpenSSL issue was addressed where an X509 name equality check did not work correctly.

tags | advisory, ruby
systems | linux, redhat
View Older Files →

Recent News

News RSS Feed
North Korean State Hackers Target Retired Diplomats And Military Officials
Posted Aug 28, 2019

tags | headline, hacker, government, cyberwar, korea, military
French Cybercops Dismantle Pirate Computer Network
Posted Aug 28, 2019

tags | headline, hacker, government, cybercrime, botnet, fraud, france
Undersea Cable To China Threatened By National Security Worries
Posted Aug 28, 2019

tags | headline, government, usa, china, cyberwar, google, facebook
The Final Season Of Mr. Robot Starts In October
Posted Aug 28, 2019

tags | headline, hacker
German Cartel Office To Take Facebook Case To Highest Court
Posted Aug 27, 2019

tags | headline, government, privacy, data loss, fraud, germany, identity theft, facebook
Apple Patches iPhone Jailbreaking Bug
Posted Aug 27, 2019

tags | headline, hacker, phone, flaw, patch, apple
Data Breach Of Hostinger Exposes 14 Million Users
Posted Aug 27, 2019

tags | headline, hacker, privacy, data loss
Hacktivism Activity And Chatter Has Markedly Dropped Since 2016
Posted Aug 27, 2019

tags | headline, hacker, government, anonymous
Astronaut Commits Identity Theft From Space
Posted Aug 26, 2019

tags | headline, bank, fraud, password, identity theft
The Cold War Spy Technology Which We All Use
Posted Aug 26, 2019

tags | headline, government, usa, russia, cyberwar, spyware, science
View More News →

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    9 Files
  • 23
    Aug 23rd
    6 Files
  • 24
    Aug 24th
    2 Files
  • 25
    Aug 25th
    2 Files
  • 26
    Aug 26th
    18 Files
  • 27
    Aug 27th
    9 Files
  • 28
    Aug 28th
    16 Files
  • 29
    Aug 29th
    7 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close