Twenty Year Anniversary
Showing 1 - 17 of 17 RSS Feed

Files Date: 2018-04-02

OpenSSH 7.7p1
Posted Apr 2, 2018
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Multiple updates.
tags | tool, encryption
systems | linux, unix, openbsd
MD5 | 68ba883aff6958297432e5877e9a0fe2
Debian Security Advisory 4163-1
Posted Apr 2, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4163-1 - It was discovered that a race condition in beep (if configured as setuid via debconf) allows local privilege escalation.

tags | advisory, local
systems | linux, debian
advisories | CVE-2018-0492
MD5 | 5c516dc597f2f23c07f27afaa1ff77d1
Ubuntu Security Notice USN-3614-1
Posted Apr 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3614-1 - It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. It was discovered that the LDAP implementation in OpenJDK did not properly encode login names. A remote attacker could possibly use this to expose sensitive information. It was discovered that the DNS client implementation in OpenJDK did not properly randomize source ports. A remote attacker could use this to spoof responses to DNS queries made by Java applications. Various other issues were also addressed.

tags | advisory, java, remote, spoof
systems | linux, ubuntu
advisories | CVE-2018-2579, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678
MD5 | 1eb05c541d1ecdd0ca635e9bf8042111
Ubuntu Security Notice USN-3613-1
Posted Apr 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3613-1 - It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. It was discovered that the Hotspot component of OpenJDK did not properly validate uses of the invokeinterface JVM instruction. An attacker could possibly use this to access unauthorized resources. It was discovered that the LDAP implementation in OpenJDK did not properly encode login names. A remote attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678
MD5 | b74e4fe8101363c9917ff4bc56307115
Kernel Live Patch Security Notice LSN-0036-1
Posted Apr 2, 2018
Authored by Benjamin M. Romer

Wi-Fi Protected Access (WPA and WPA2) allows re-installation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2017-13080, CVE-2017-16995
MD5 | 5db75445369ea25794ef7fbcfd8160c8
ShoprLynx 9.2.3 Insecure File Permissions
Posted Apr 2, 2018
Authored by LiquidWorm | Site zeroscience.mk

ShoprLynx version 9.2.3 suffers from an insecure file permissions vulnerability.

tags | exploit
MD5 | 34cb6eae09a136075078fd8f17fca5cf
OpenCMS 10.5.3 Cross Site Request Forgery
Posted Apr 2, 2018
Authored by Sureshbabu Narvaneni

OpenCMS version 10.5.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-8811
MD5 | efb5fe1b11d7f261d4ebe9651d26f1ea
OpenCMS 10.5.3 Cross Site Scripting
Posted Apr 2, 2018
Authored by Sureshbabu Narvaneni

OpenCMS version 10.5.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-8815
MD5 | ae0ac77e764c93b388167c27e57b6978
Packet Storm New Exploits For March, 2018
Posted Apr 2, 2018
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 149 exploits added to Packet Storm in March, 2018.

tags | exploit
MD5 | 8795f58eadb2bd344638565a14045368
Secutech RiS-11/RiS-22/RiS-33 5.07.52_es_FRI01 Remote DNS Changer
Posted Apr 2, 2018
Authored by Todor Donev

Secutech RiS-11/RiS-22/RiS-33 version 5.07.52_es_FRI01 remote DNS changer proof of concept exploit.

tags | exploit, remote, proof of concept
MD5 | b9610e5f8f43db01a247cd469065591e
Ubuntu Security Notice USN-3587-2
Posted Apr 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3587-2 - USN-3587-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Dovecot incorrectly handled parsing certain email addresses. A remote attacker could use this issue to cause Dovecot to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-14461, CVE-2017-15130
MD5 | 963da2871bf71ac3e836e99dde64e83f
Debian Security Advisory 4160-1
Posted Apr 2, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4160-1 - It was discovered that insufficient input sanitising in libevt, a library to access the Windows Event Log (EVT) format, could result in denial of service or the execution of arbitrary code if a malformed EVT file is processed.

tags | advisory, denial of service, arbitrary
systems | linux, windows, debian
advisories | CVE-2018-8754
MD5 | 56083155a69e5261367f558feae2ff21
ifchk 1.1.0
Posted Apr 2, 2018
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Various updates.
tags | tool
systems | unix
MD5 | 7fcbd8dae98d3cd489caf8abfbb56657
Chameleon Mini Smartcard Emulator Iceman Fork Rebooted Blue GUI 1.1
Posted Apr 2, 2018
Authored by Christian Herrmann | Site github.com

This is a mostly working firmware for the ChameleonMini RevE rebooted device. It compiles without errors or warnings and gives you more or less the same functionality as the stock firmware. This version compiles and gives you the same functionality (and more) as the original Chameleon Mini rebooted GUI.

Changes: Multiple new features added including user-friendly dump file management and improved GUI layout.
tags | tool
systems | unix
MD5 | 1c74d930570e8f705ea21126eac3e13a
WampServer 3.1.2 Cross Site Request Forgery
Posted Apr 2, 2018
Authored by Vipin Chaudhary

WampServer version 3.1.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-8817
MD5 | 4139924603829682cf0be995ba66e7f0
WebLog Expert Enterprise 9.4 Privilege Escalation
Posted Apr 2, 2018
Authored by bzyo

WebLog Expert Enterprise version 9.4 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | 21e2f82d1153349195d1ab250999713f
IBM Virtual Security Operations Center (VSOC) Cross Site Scripting
Posted Apr 2, 2018
Authored by Kushal Jaisingh

IBM Virtual Security Operations Center (VSOC) suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | cb2ec01a675c52894c739a8de2e97136
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    19 Files
  • 23
    Oct 23rd
    24 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close