exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2018-04-24

Debian Security Advisory 4179-1
Posted Apr 24, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4179-1 - This update doesn't fix a vulnerability in linux-tools, but provides support for building Linux kernel modules with the "retpoline" mitigation for CVE-2017-5715 (Spectre variant 2).

tags | advisory, kernel
systems | linux, debian
SHA-256 | e29587414760c63eeb7cf858b2e6b01daa6dc707328f9c69d310f296e1f5a324
Building A Simple Proxy Fuzzer For THe MQTT Protocol Using The Polymorph Framework
Posted Apr 24, 2018
Authored by Santiago Hernandez Ramos

Whitepaper that shows how easy you can build a fuzzer for the MQTT protocol by using the Polymorph framework.

tags | paper, protocol, fuzzer
SHA-256 | 08c5ab2ad5f854437afe7515216244845ac796c7dae4ab83db7966b2c5810898
Red Hat Security Advisory 2018-1224-01
Posted Apr 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1224-01 - PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-1106
SHA-256 | bad710e17201049c5319f02471a51b4c1cb154a5e6001c710ddad4784dd532bf
Allok Video To DVD Burner 2.6.1217 Buffer Overflow
Posted Apr 24, 2018
Authored by T3jv1l

Allok Video to DVD Burner version 2.6.1217 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 8901ee721d781e1fd0a856549d7129ba2ac82247d4649a08ad4868f126920ae9
WordPress Woo Import Export 1.0 Arbitrary File Deletion
Posted Apr 24, 2018
Authored by Lenon Leite

WordPress Woo Import Export plugin version 1.0 suffers from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | 415d9978fdf0f28a062fa30021e625eaa7abb1680f6ca29af05bc9eb3d49434d
Easy File Sharing Web Server 7.2 UserID Buffer Overflow
Posted Apr 24, 2018
Authored by Hashim Jawad

Easy File Sharing Web Server version 7.2 UserID remote buffer overflow exploit with DEP bypass.

tags | exploit, remote, web, overflow
advisories | CVE-2018-9059
SHA-256 | 4921ef9c36be40af22b9321dd08429c158a520e6f64cea812a68495053776355
VLC Media Player/Kodi/PopcornTime Memory Corruption
Posted Apr 24, 2018
Authored by SivertPL

VLC Media Player/Kodi/PopcornTime versions prior to 2.2.5 Red Chimera memory corruption proof of concept exploit.

tags | exploit, proof of concept
advisories | CVE-2017-8311
SHA-256 | 073a715dedfca9fc8d37477886c92074525cfc2bbaa16ec36747c4c85515e2ac
Bridging The Gap Between SIPR And NIPR Using KVM Switches
Posted Apr 24, 2018
Authored by debug.net

This paper documents a minor but somewhat easy way to compromise air gapped systems that share a kvm.

tags | paper
SHA-256 | 6294f7c7ccaeb2b6e4ec63378230b7fa7a831884b254b64da4282f5734847e6c
Zyxel ZyWALL ZLD 4.30 Cross Site Scripting
Posted Apr 24, 2018
Authored by T. Weber | Site sec-consult.com

Zyxel ZyWALL ZLD versions 4.30 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 70cc9aaccabd73574249df6071fa934b5a0458febf8117a3a9555126bb2a51d1
WSO2 Identity Server 5.3.0 Cross Site Scripting
Posted Apr 24, 2018
Authored by W. Schober | Site sec-consult.com

WSO2 Identity Sever version 5.3.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-8716
SHA-256 | 4990846341d76b6fb9e53aeae7fb7c68f1253c3a015c256315cf5ff03976dd38
Red Hat Security Advisory 2018-1213-02
Posted Apr 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1213-02 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability.

tags | advisory, remote, arbitrary, protocol, python, bypass
systems | linux, redhat
advisories | CVE-2018-7750
SHA-256 | 1df1649f7680fb00e771e7c01cd1480e5c94068d2c416d51b43ef7b2c6a5ba1c
Ubuntu Security Notice USN-3633-1
Posted Apr 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3633-1 - Jann Horn discovered that the Berkeley Packet Filter implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-16995
SHA-256 | d3de2ae1cc871a46858dde71234bd3509254083fcd27c016ea8f204362973d8e
Ubuntu Security Notice USN-3632-1
Posted Apr 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3632-1 - It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM implementation in the Linux kernel allowed passthrough of the diagnostic I/O port 0x80. An attacker in a guest VM could use this to cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-0861, CVE-2017-1000407, CVE-2017-15129, CVE-2017-16994, CVE-2017-17448, CVE-2017-17450, CVE-2017-17741, CVE-2017-17805, CVE-2017-17806, CVE-2017-17807, CVE-2018-1000026, CVE-2018-5332, CVE-2018-5333, CVE-2018-5344, CVE-2018-8043
SHA-256 | f8553fc2b1fbe9a47e2b4b2ce0f11da61f2c04cd45e5a0719d72c05c601fef36
Ubuntu Security Notice USN-3631-2
Posted Apr 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3631-2 - USN-3631-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13305, CVE-2017-16538, CVE-2018-1000004, CVE-2018-5750, CVE-2018-7566
SHA-256 | 8c11dde9cfc9285201a93a634d7dc7a7c852023b641bd9ef89d596e787a65db5
Ubuntu Security Notice USN-3631-1
Posted Apr 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3631-1 - It was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information. It was discovered that the DM04/QQBOX USB driver in the Linux kernel did not properly handle device attachment and warm-start. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-13305, CVE-2017-16538, CVE-2018-1000004, CVE-2018-5750, CVE-2018-7566
SHA-256 | 0f29ea5c7c19aa1c45fa2652f9df2d46bdaad22952487e8f4b2f06d34b2f3331
Ubuntu Security Notice USN-3630-2
Posted Apr 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3630-2 - USN-3630-1 fixed a vulnerability in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that the Broadcom UniMAC MDIO bus controller driver in the Linux kernel did not properly validate device resources. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-8043
SHA-256 | da5edcf5fe7d9960c0fc14a80dbcbbe63c373993eb63a21aa1cb6b5209540b01
Ubuntu Security Notice USN-3630-1
Posted Apr 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3630-1 - It was discovered that the Broadcom UniMAC MDIO bus controller driver in the Linux kernel did not properly validate device resources. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-8043
SHA-256 | 841517345a366bff6a67067a64330277230469e84daa8bef61a90d192b4f7a97
Linux/x86 Setuid Shell Shellcode
Posted Apr 24, 2018
Authored by absolomb

74 bytes small Linux/x86 cp /bin/sh /tmp/sh; chmod +s /tmp/sh shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | c0151711757b8e9e9755280b992b9197b1b83e5cafa60a05e7d4e526c3c9d0f1
WordPress UK Cookie Consent 2.3.9 Cross Site Scripting
Posted Apr 24, 2018
Authored by B0UG

WordPress UK Cookie Consent plugin version 2.3.9 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-10310
SHA-256 | 4525b3db4d8f5559251bd4d6bda7310e49a4a07217daf9542e7dc57871d6a6cf
Wuzhi CMS 4.1.0 Cross Site Request Forgery
Posted Apr 24, 2018
Authored by jiguang

Wuzhi CMS version 4.1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-10312
SHA-256 | c86fb6753dd60d9fb1f38c751103511e57cf0d1d9d2f1bf62e0a17d2c8a8bdb5
Gentoo Linux Security Advisory 201804-22
Posted Apr 24, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-22 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code. Versions less than 66.0.3359.117 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-6085, CVE-2018-6086, CVE-2018-6087, CVE-2018-6088, CVE-2018-6089, CVE-2018-6090, CVE-2018-6091, CVE-2018-6092, CVE-2018-6093, CVE-2018-6094, CVE-2018-6095, CVE-2018-6096, CVE-2018-6097, CVE-2018-6098, CVE-2018-6099, CVE-2018-6100, CVE-2018-6101, CVE-2018-6102, CVE-2018-6103, CVE-2018-6104, CVE-2018-6105, CVE-2018-6106, CVE-2018-6107, CVE-2018-6108, CVE-2018-6109, CVE-2018-6110, CVE-2018-6111, CVE-2018-6112
SHA-256 | c353629d367b741906fb92bc8f04662831005a826bbcd2a2e00f2f1d4211197f
Ubuntu Security Notice USN-3629-1
Posted Apr 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3629-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.60 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.22. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-2755, CVE-2018-2758, CVE-2018-2759, CVE-2018-2761, CVE-2018-2762, CVE-2018-2766, CVE-2018-2769, CVE-2018-2771, CVE-2018-2773, CVE-2018-2775, CVE-2018-2776, CVE-2018-2777, CVE-2018-2778, CVE-2018-2779, CVE-2018-2780, CVE-2018-2781, CVE-2018-2782, CVE-2018-2784, CVE-2018-2786, CVE-2018-2787, CVE-2018-2810, CVE-2018-2812, CVE-2018-2813, CVE-2018-2816, CVE-2018-2817, CVE-2018-2818, CVE-2018-2819, CVE-2018-2839
SHA-256 | b058dfe15513ee9316cb817d677615050b385f79d3fd61096f81213a82157fc9
MyBB Threads To Link 1.3 Cross Site Scripting
Posted Apr 24, 2018
Authored by 0xB9

MyBB Threads to Link plugin version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 96173d80bddfd3f77cb73fdb4398da9ccbd0be0229284f03a26bf59ac24808e1
Gentoo Linux Security Advisory 201804-21
Posted Apr 24, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-21 - A vulnerability has been found in librelp that may allow a remote attacker to execute arbitrary code. Versions less than 1.2.15 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2018-1000140
SHA-256 | c46159ad1b4b4733d6c42107d6759724abe8738e5d3eec6257edcaccea0850de
Red Hat Security Advisory 2018-1200-01
Posted Apr 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1200-01 - The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file. Patch should be installed because it is a common way of upgrading applications. Issues addressed include a patching vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1000156
SHA-256 | 008a77af21110101f7579caf2f6d8f354605f116ebadf9c11d7e03e0418ba3e6
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close