exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2018-05-09

Mantis manage_proj_page PHP Code Execution
Posted May 9, 2018
Authored by EgiX, Lars Sorenson | Site metasploit.com

Mantis versions 1.1.3 and earlier are vulnerable to a post-authentication remote code execution vulnerability in the sort parameter of the manage_proj_page.php page.

tags | exploit, remote, php, code execution
advisories | CVE-2008-4687
SHA-256 | bf6d1e2f1321eacf2214a3400a3201acd1c33bb08ba4cb9b45cfa3ee93eefbeb
Ubuntu Security Notice USN-3643-2
Posted May 9, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3643-2 - USN-3643-1 fixed a vulnerability in Wget. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Wget incorrectly handled certain inputs. An attacker could possibly use this to inject arbitrary cookie values.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-0494
SHA-256 | 2baa914e2be3c4ec3d77cc267df8d63b6e6846eb6c6eef59e5a355c709834908
Red Hat Security Advisory 2018-1367-01
Posted May 9, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1367-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 29.0.0.171. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2018-4944
SHA-256 | 6746edefeda3dc5f46a3a988882fb23abb9a39be3320b013002753b5735b331b
Ubuntu Security Notice USN-3643-1
Posted May 9, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3643-1 - It was discovered that Wget incorrectly handled certain inputs. An attacker could possibly use this to inject arbitrary cookie values.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-0494
SHA-256 | ecfcf061117b86f26fc3ca56b8d318d370404b541e43650c789354a123064194
t2'18 Call For Papers
Posted May 9, 2018
Site t2.fi

The t2'18 Call For Papers has been announced. It will take place October 25th through the 26th, 2018 in Helsinki, Finland.

tags | paper, conference
SHA-256 | d86ebebe30e3915de42951a12bd66a55fcf5fcb4bd942d990994fe5547c3f4a8
Ubuntu Security Notice USN-3642-1
Posted May 9, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3642-1 - Maxime Coquelin discovered that DPDK incorrectly handled guest physical ranges. A malicious guest could use this issue to possibly access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-1059
SHA-256 | 08e6165a0e06d26de942f15ce22ab0662f9668980fd003df685f4033c97fca69
Red Hat Security Advisory 2018-1364-01
Posted May 9, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1364-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a ns-slapd crash.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-1089
SHA-256 | d05b2c0a4545572bcf49fef48379e3e9d41eeaaa1fec555d0fe178253ec17339
Microsoft Windows FxCop 12 XXE Injection
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft FxCop versions 10 through 12 are vulnerable to XML injection attacks allowing local file ex-filtration and or NTLM hash theft. Tested in Windows 7 and Windows 10 download SDK it works in both.

tags | exploit, local
systems | windows
SHA-256 | 529e37622cb8b9a8c7ff1df46c0f23167d4d261569eec1722cd310507eb17b47
Easy Hosting Control Panel 0.37.12.b Unverified Password Change
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from an unverified password change vulnerability.

tags | exploit
advisories | CVE-2018-6617
SHA-256 | 6b9c2fb76cb2b2e1b5b400414e61b2bf2bf5bfced4755d05b2ca17ff0c94490c
Easy Hosting Control Panel 0.37.12.b Clear-Text Password Storage
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from a clear-text password storage vulnerability.

tags | exploit
advisories | CVE-2018-6618
SHA-256 | 1c215b802e217d75ea942c972e7bec45f141b5f896ddc956d47e80412dacf3da
Easy Hosting Control Panel 0.37.12.b Insecure Cryptography
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from an insecure cryptography vulnerability.

tags | exploit
advisories | CVE-2018-6619
SHA-256 | 687d246182ae3672c456fe67465befb2213e45306ceba378cd7184753e4c3db7
Easy Hosting Control Panel 0.37.12.b Cross Site Request Forgery
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2018-6458
SHA-256 | ddd48bb3bcd858b591a5ba8418dc05789be98692830c6205c8a540e4ad205676
Easy Hosting Control Panel 0.37.12.b Cross Site Scripting Cookie Theft
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from a cross site scripting vulnerability that allows you to steal the cookie.

tags | exploit, xss
advisories | CVE-2018-6362
SHA-256 | 61246ca67241380fbb3cf68fbfbd65cd27a9c327ff9125e7f8cd3a8234b67333
Easy Hosting Control Panel 0.37.12.b Cross Site Scripting Add FTP Account
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Easy Hosting Control Panel version 0.37.12.b suffers from a cross site scripting vulnerability that allows you to add a backdoor FTP account.

tags | exploit, xss
advisories | CVE-2018-6361
SHA-256 | efa2eac7432c41578c130f45589ae285362ea92d776fd1be1470c47380d3c2e7
Kernel Live Patch Security Notice LSN-0038-1
Posted May 9, 2018
Authored by Benjamin M. Romer

On May 8, fixes for CVE-2018-1087 and CVE-2018-8897 were released in linux kernel version 4.4.0-124.148. These CVEs are both related to the way that the linux kernel handles certain interrupt and exception instructions. If an interrupt or exception instruction (INT3, SYSCALL, etc.) is immediately preceded by a MOV SS or POP SS instruction, the resulting interrupt will be incorrectly handled, possibly crashing the operating system. The issue can be triggered by an unprivileged user. The fix for this problem requires modification of the interrupt descriptor tables (IDT), and modification of the interrupt handlers. Livepatch is unable to safely modify these areas, so upgrading to a corrected kernel and rebooting is required to fix the problem.

tags | advisory, kernel
systems | linux
advisories | CVE-2018-1087, CVE-2018-8897
SHA-256 | 0ed9608f57e15a5b058be5eb06c92f72ea884cf0e997d30b7285a27811e380ab
Debian Security Advisory 4196-1
Posted May 9, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4196-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2018-1087, CVE-2018-8897
SHA-256 | 93cc48d260bc7594d1b33464cbeae85c8108f7abd086bf698c5a407b0654ccb2
Linux/x86 TCP/9443 Bindshell Shellcode
Posted May 9, 2018
Authored by Amine Kanane

113 bytes small Linux/x86 bindshell forking null-free shellcode for TCP/9443.

tags | x86, tcp, shellcode
systems | linux
SHA-256 | b04bdb837a2ff84a3bb3deb229558fd9c8358cdbe9ec0a081b72bdfe56b0bf9f
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close