Twenty Year Anniversary
Showing 1 - 20 of 20 RSS Feed

Files Date: 2018-04-19

Ubuntu Security Notice USN-3628-2
Posted Apr 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3628-2 - USN-3628-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-0737
MD5 | d51441eb31e08b9b0e00243556d85ee3
Ubuntu Security Notice USN-3628-1
Posted Apr 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3628-1 - Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-0737
MD5 | ec6bd6ddad8ba2e58ccda93ef6aa7898
Ubuntu Security Notice USN-3627-1
Posted Apr 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3627-1 - Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server mod_authnz_ldap module incorrectly handled missing charset encoding headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Elar Lang discovered that the Apache HTTP Server incorrectly handled certain characters specified in <FilesMatch>. A remote attacker could possibly use this issue to upload certain files, contrary to expectations. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2017-15710, CVE-2017-15715, CVE-2018-1283, CVE-2018-1301, CVE-2018-1303, CVE-2018-1312
MD5 | e5a14b1abfb9798d648d23b33ff3cbf9
Seagate Media Server SRN21C Cross Site Scripting
Posted Apr 19, 2018
Authored by Yorick Koster

Seagate Personal Cloud model SRN21C running firmware versions 4.3.16.0 and 4.3.18.0 suffers from a persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 26ee374c709608e517d6ee7adb023c0b
Seagate Media Server Path Traversal
Posted Apr 19, 2018
Authored by Yorick Koster

Seagate Personal Cloud model SRN21C running firmware versions 4.3.16.0 and 4.3.18.0 suffer from a path traversal vulnerability.

tags | exploit, file inclusion
MD5 | 87a733abc7f20117965d25472991a72b
Seagate Personal Cloud SRN21C Arbitrary File Move
Posted Apr 19, 2018
Authored by Yorick Koster

Seagate Personal Cloud model SRN21C running firmware versions 4.3.16.0 and 4.3.18.0 allows for moving of arbitrary files.

tags | exploit, arbitrary
MD5 | 4a1b51ad89566e53f422c327f916fb1c
Microsoft Security Bulletin CVE Revision Increment For April, 2018
Posted Apr 19, 2018
Site microsoft.com

This Microsoft bulletin summary holds CVE revision updates for CVE-2018-1037.

tags | advisory
advisories | CVE-2018-1037
MD5 | d17a5cb173cbe39d175a245a74306617
Stegano 0.8.5
Posted Apr 19, 2018
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Fixed an encoding problem which occurred on Windows during the installation of the module.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 8e6e537fe7247631b9ec13345a94243d
Ansvif 1.9.1
Posted Apr 19, 2018
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This version is a bugfix release that includes lots of error handling.
tags | tool, fuzzer
systems | unix
MD5 | 97371b0e55e116f79ca220e8b3d2945c
Linux x86 TCP Port 1337 Bindshell Shellcode
Posted Apr 19, 2018
Authored by Anurag Srivastava

92 bytes small Linux x86 tcp/1337 bindshell shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | ff78686f2571f1c5269ce33e66a58c85
Microsoft Windows WLDP CLSID Policy .NET COM Instantiation UMCI Bypass
Posted Apr 19, 2018
Authored by James Forshaw, Google Security Research

The enlightened Windows Lockdown Policy check for COM Class instantiation can be bypassed by using a bug in .NET leading to arbitrary code execution on a system with UMCI enabled (e.g. Device Guard).

tags | exploit, arbitrary, code execution
systems | windows
MD5 | 9af4ae4b97751a5713a7402ad0feb6c6
Slackware Security Advisory - gd Updates
Posted Apr 19, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gd packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-6362, CVE-2017-7890
MD5 | f906e2806ad6a3fec00ca1a8785fcc70
Digital Guardian Management Console 7.1.2.0015 XXE Injection
Posted Apr 19, 2018
Authored by Pawel Gocyla

Digital Guardian Management Console version 7.1.2.0015 suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2018-10175
MD5 | 4580a4c26b72fed29c24bcb9499af56f
Digital Guardian Management Console 7.1.2.0015 Server Side Request Forgery
Posted Apr 19, 2018
Authored by Pawel Gocyla

Digital Guardian Management Console version 7.1.2.0015 suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2018-10174
MD5 | fb6b58b0bab3666f08404066bdb8c0bc
Lutron Quantum 3.2.243 Information Disclosure
Posted Apr 19, 2018
Authored by David Castro

Lutron Quantum versions 2.0 through 3.2.243 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 5fbf3f349a5f2b4e47f15ecd8b2d37f3
WordPress Caldera Forms 1.5.9.1 Cross Site Scripting
Posted Apr 19, 2018
Authored by Federico Scalco

WordPress Caldera Forms plugin version 1.5.9.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-7747
MD5 | 8a71154dd8f78326e22e2125132af1b6
Microsoft Security Bulletin CVE Revision Increment For April, 2018
Posted Apr 19, 2018
Site microsoft.com

This Microsoft bulletin summary holds CVE revision updates for CVE-2018-1035.

tags | advisory
advisories | CVE-2018-1035
MD5 | 33f8a4211549c2f8b27c463c7c829a37
Facebook Graph Groups Crosswalk User Metadata Mapping Weakness
Posted Apr 19, 2018
Authored by Todor Donev

Facebook Graph groups crosswalk user's metadata mapping weakness demo proof of concept script.

tags | exploit, proof of concept
MD5 | cedc3e5b3dddf3d9c0b7c2ff3cd164ac
Joomla JS Jobs 1.2.0 Cross Site Request Forgery
Posted Apr 19, 2018
Authored by Sureshbabu Narvaneni

Joomla JS Jobs component version 1.2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 767f3b2c945b596633a81343fe04997d
Geist WatchDog Console 3.2.2 XSS / XML Injection / Insecure Permissions
Posted Apr 19, 2018
Authored by bzyo

Geist WatchDog Console version 3.2.2 suffers from cross site scripting, XML external entity injection, and insecure file permission vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-10077, CVE-2018-10078, CVE-2018-10079
MD5 | 4811ca31e7f5fe461ed4376e43851ecc
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close