what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-11-07

Debian Security Advisory 4021-1
Posted Nov 7, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4021-1 - It was discovered that missing input validation in the Open Ticket Request System could result in privilege escalation by an agent with write permissions for statistics.

tags | advisory
systems | linux, debian
advisories | CVE-2017-14635
SHA-256 | 46174041eee2ab2c43cd5885c840d69d62fef65fc810d9e85c8870196855c110
Red Hat Security Advisory 2017-3151-01
Posted Nov 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3151-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 62.0.3202.89. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-15398, CVE-2017-15399
SHA-256 | 01a5863bdb2e1c83676085b05c2e32e883f7c18af516054412fc293fef77f422
Red Hat Security Advisory 2017-3141-01
Posted Nov 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3141-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. The following packages have been upgraded to a later upstream version: rhvm-appliance. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2017-7525, CVE-2017-7536
SHA-256 | 34b7a30b3589da9e4a51385d7d803316680ee92e4b1e7452e88463f111d44d8c
WordPress Duplicator Migration 1.2.28 Cross Site Scripting
Posted Nov 7, 2017
Authored by Ricardo Sanchez

WordPress Duplicator Migration plugin version 1.2.28 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9407fb8b897caafc5e1b8e9977cf4d7b4309b166ac940c38c84ee0fac03fa419
Hashcat Advanced Password Recovery 4.0.1 Source Code
Posted Nov 7, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Fixed a memory leak while parsing a wordlist. Fixed compile of kernels on AMD systems on windows due to invalid detection of ROCm. Various other fixes.
tags | tool, cracker
systems | unix
SHA-256 | 7fa24447eb9798f6926093a6d52ce77b34d8883866b23cf473d4dfbb22974edd
Hashcat Advanced Password Recovery 4.0.1 Binary Release
Posted Nov 7, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.

Changes: Fixed a memory leak while parsing a wordlist. Fixed compile of kernels on AMD systems on windows due to invalid detection of ROCm. Various other fixes.
tags | tool, cracker
SHA-256 | 48246eeaf682060c34a42e7e8fbfbd2e9315d0442eda35bf0aa8f81796184fac
Linux Kernel 4.1.3 (Ubuntu 17.10) waitid() SMEP/SMAP Privilege Escalation
Posted Nov 7, 2017
Authored by Chris Salls

This is a proof of concept exploit for the waitid bug introduced in version 4.13 of the Linux kernel. It can be used to break out of sandboxes such as that in Google Chrome.

tags | exploit, kernel, proof of concept
systems | linux
advisories | CVE-2017-5123
SHA-256 | 854cb1ce85981606e24a931ab89249e09b5fa308d5a78568be232d6518a25db0
Actiontec C1000A Modem Backdoor Account
Posted Nov 7, 2017
Authored by Joseph McDonagh

The Actiontec C1000A modem has a hard-coded backdoor admin account.

tags | exploit
SHA-256 | 7aa04dfc9b9663ddbe61642784f332a3eb456374919d4f245ff02f79ec4020b1
Debian Security Advisory 4020-1
Posted Nov 7, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4020-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2017-15386, CVE-2017-15387, CVE-2017-15388, CVE-2017-15389, CVE-2017-15390, CVE-2017-15391, CVE-2017-15392, CVE-2017-15393, CVE-2017-15394, CVE-2017-15395, CVE-2017-15396, CVE-2017-5124, CVE-2017-5125, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129, CVE-2017-5131, CVE-2017-5132, CVE-2017-5133
SHA-256 | 51d8534707215b9fcfcea8f5f7f99697967bc9bc5dc70ff0de5b08501d62f900
pfSense 2.3.1_1 Post-Authentication Command Execution
Posted Nov 7, 2017
Authored by s4squatch

pfSense versions 2.3.1_1 and below suffers from a post authentication command execution vulnerability.

tags | exploit
SHA-256 | 38bd905e4f39ebc728fa322253ee554cfc343e8e8ca0434b0a367fb01c15667a
Logitech Media Server 7.9.0 Cross Site Scripting
Posted Nov 7, 2017
Authored by Dewank Pant

Logitech Media Server version 7.9.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, xss
advisories | CVE-2017-16567, CVE-2017-16568
SHA-256 | b1bfdb8ccec705460c6f34a4c22e3f5d8cbb7d14f586b50b59fe43c388abf285
mkvalidator 0.5.1 Denial Of Service
Posted Nov 7, 2017
Authored by qflb.wu

mkvalidator version 0.5.1 suffers from multiple denial of service vulnerabilities leveraging libebml2 and mkclean.

tags | exploit, denial of service, vulnerability
advisories | CVE-2017-12779, CVE-2017-12780, CVE-2017-12781, CVE-2017-12782, CVE-2017-12783, CVE-2017-12800, CVE-2017-12801, CVE-2017-12802, CVE-2017-12803
SHA-256 | 0bdf141bdfb7de47a639d251451705eb395327dbf7663d76b912272f735689ec
POC OR GTFO 0x16
Posted Nov 7, 2017
Authored by pocgtfo

This is the sixteenth issue of POC || GTFO.

tags | magazine
SHA-256 | 10f0cb977f03824737a413079ded14b237b7ee155a5397e804586ab7151ed0a3
WordPress UserPro 4.6.17 Authentication Bypass
Posted Nov 7, 2017
Authored by Iain Hadgraft, Colette Chamberland

WordPress Userpro plugin versions 4.9.17 and below suffer from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 1e3fc1792990d89b365e5eb74600cf679a077e06015dad3fee9f573618e25bcc
Debut Embedded httpd 1.20 Denial Of Service
Posted Nov 7, 2017
Authored by z00n

The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web interface is inaccessible. An attacker can continuously send this malformed request to keep the device inaccessible to legitimate traffic. Version 1.20 is affected.

tags | exploit, web, denial of service
advisories | CVE-2017-16249
SHA-256 | 33b51d9203941cb12d9921c3219f8a481b8821ca9ff20c985b0a30b00156a38f
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close