Twenty Year Anniversary
Showing 1 - 21 of 21 RSS Feed

Files Date: 2018-04-09

Ubuntu Security Notice USN-3616-2
Posted Apr 9, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3616-2 - USN-3616-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Python Crypto incorrectly generated ElGamal key parameters. A remote attacker could possibly use this issue to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, crypto, python
systems | linux, ubuntu
advisories | CVE-2018-6594
MD5 | bba26afb207ddfb1391a3848e4cd104d
CyberArk Password Vault Web Access Remote Code Execution
Posted Apr 9, 2018
Site redteam-pentesting.de

The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens, attackers are able to gain unauthenticated remote code execution on the web server. Versions prior to 9.9.5, prior to 10.1, and 10.1 are affected.

tags | exploit, remote, web, code execution
advisories | CVE-2018-9843
MD5 | 15df09b097ae3bbbbbf2b776522b1bc8
KYOCERA Multi-Set Template Editor 3.4 Out-Of-Band XML External Entity Injection
Posted Apr 9, 2018
Authored by LiquidWorm | Site zeroscience.mk

KYOCERA Multi-Set Template Editor version 3.4.0906 suffers from an out-of-band XML external entity injection vulnerability.

tags | exploit, xxe
MD5 | 0c8850a036da5916bbb8e718eccc4d21
Gentoo Linux Security Advisory 201804-09
Posted Apr 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-9 - A vulnerability in SPICE VDAgent could allow local attackers to execute arbitrary commands. Versions prior to 0.17.0_p20180319 are affected.

tags | advisory, arbitrary, local
systems | linux, gentoo
advisories | CVE-2017-15108
MD5 | dcdaf45598f66ad01e48ce3603651b58
WordPress Simple Fields 0.3.5 File Inclusion / Remote Code Execution
Posted Apr 9, 2018
Authored by Graeme Robinson

WordPress Simple Fields plugin versions 0.2 through 0.3.5 suffer from file inclusion and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | 6e2bf334cdac7f3f761fe52b39953c1e
WolfCMS 0.8.3.1 Open Redirect
Posted Apr 9, 2018
Authored by Sureshbabu Narvaneni

WolfCMS 0.8.3.1 suffers from an open redirect vulnerability.

tags | exploit
advisories | CVE-2018-8813
MD5 | 9659658b3ba770b72d025bbfce1467ca
Gentoo Linux Security Advisory 201804-08
Posted Apr 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-8 - Multiple vulnerabilities have been found in QEMU, the worst of which may allow an attacker to execute arbitrary code. Versions less than 2.11.1-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-13672, CVE-2017-15124, CVE-2017-16845, CVE-2017-17381, CVE-2017-18030, CVE-2017-18043, CVE-2017-5715, CVE-2018-5683, CVE-2018-5748, CVE-2018-7550
MD5 | c969153354519977c6d88060ae101ad8
MyBB Recent Threads On Index 17.0 Cross Site Scripting
Posted Apr 9, 2018
Authored by Perileos

MyBB Recent Threads On Index plugin version 17.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8307c11ddec1b8fa0f7961c36a8fbefc
KYOCERA Net Admin 3.4 Cross Site Request Forgery
Posted Apr 9, 2018
Authored by LiquidWorm | Site zeroscience.mk

KYOCERA Net Admin version 3.4.0906 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 7ad8f76f1fae53993f2d3a96a9888f6f
KYOCERA Net Admin 3.4 Cross Site Scripting
Posted Apr 9, 2018
Authored by LiquidWorm | Site zeroscience.mk

KYOCERA Net Admin version 3.4.0906 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 018207298d9757ca292421d347ec5edb
Gentoo Linux Security Advisory 201804-07
Posted Apr 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-7 - Multiple vulnerabilities have been discovered in libvirt, the worst of which may result in the execution of arbitrary commands. Versions less than 4.1.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-5748, CVE-2018-6764
MD5 | b04af1b683130936c53fe58b5133575d
Gentoo Linux Security Advisory 201804-06
Posted Apr 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-6 - Multiple vulnerabilities were discovered in mailx, the worst of which may allow a remote attacker to execute arbitrary commands. Versions less than 8.1.2.20160123 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2004-2771, CVE-2014-7844
MD5 | 2e4e9fe8ef30bcc7e51cf5d14291f7bb
SSH/SSL RSA Private Key Passphrase Dictionary Enumerator
Posted Apr 9, 2018
Authored by Todor Donev

This is a script to perform SSH/SSL RSA private key passphrase enumeration with a dictionary attack.

tags | tool, cracker
MD5 | a7800e5b746d5a13f5f887936bcbc785
CyberArk Password Vault Memory Disclosure
Posted Apr 9, 2018
Site redteam-pentesting.de

CyberArk Password Vault versions prior to 9.7 and 10 suffer from a memory disclosure vulnerability.

tags | exploit
advisories | CVE-2018-9842
MD5 | b723ff08301bf0026842a24515018be5
GoldWave 5.70 Local Buffer Overflow
Posted Apr 9, 2018
Authored by bzyo

GoldWave version 5.70 SEH unicode local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 544a4441dc2643b7e93657646a616123
H2 Database Arbitrary Code Execution
Posted Apr 9, 2018
Authored by gambler

H2 Database suffers from an alias related arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
MD5 | 6258e5f0b2d9984d657f41ca330733fb
Yahei PHP Prober 0.4.7 Cross Site Scripting
Posted Apr 9, 2018
Authored by ManhNho

Yahei PHP Prober version 0.4.7 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
advisories | CVE-2018-9238
MD5 | f12a62cb7579b29c118d5b72292a0c3e
WP Live Chat Support 8.0.05 Cross Site Scripting
Posted Apr 9, 2018
Authored by Luigi Gubello

WP Live Chat Support version 8.0.05 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 49cae5682990389bb8e36325ff6af95d
Buddypress Xprofile Custom Fields Type 2.6.3 Remote Code Execution
Posted Apr 9, 2018
Authored by Lenon Leite

Buddypress Xprofile Custom Fields Type version 2.6.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | b1271d808196ceb371045fc509388d79
Cobub Razor 0.7.2 Add New Superuser Account
Posted Apr 9, 2018
Authored by ppb

Cobub Razor version 0.7.2 bypass exploit to add new superuser account without authentication.

tags | exploit
advisories | CVE-2018-7745
MD5 | 0e1d53745d7c2e94e6421e548e49b273
TestSSL 2.9.5-4
Posted Apr 9, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains a bugfix (and a clarification in help/documentation) only. It does not contain any new features.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | d067f85eced11c0a7f36d863e08a45ab
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    19 Files
  • 23
    Oct 23rd
    24 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close