Twenty Year Anniversary
Showing 1 - 25 of 40 RSS Feed

Files Date: 2018-05-22

Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted May 22, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix a regression in the getsockopt() function and to fix two denial-of-service security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2018-1000004, CVE-2018-1092
MD5 | 8caf7aae5ece3cc39bc7cd300775c178
Epic Games Launcher 7.9.4-4058369 Insecure File Permissions
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Launcher version 7.9.4-4058369 suffers from an insecure file permissions vulnerability.

tags | exploit
MD5 | 7fa8529b91bb7a5f82012456098247bf
Epic Games Fortnite 4.2-CL-4072250 Insecure File Permissions
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Fortnite version 4.2-CL-4072250 suffers from an insecure file permissions vulnerability.

tags | exploit
MD5 | 53874ec8a31c983f1f18e22c35e62744
Procps-ng Audit Report
Posted May 22, 2018
Site qualys.com

Qualys performed an extensive audit of procps-ng. They discovered hundreds of bugs and vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2018-1120, CVE-2018-1121, CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1125, CVE-2018-1126
MD5 | f1ccc03a8fc209831a2c1cce59c6e9f9
Feedy RSS News Ticker 2.0 SQL Injection
Posted May 22, 2018
Authored by Ozkan Mustafa Akkus

Feedy RSS News Ticker version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a1f291cb95d90b615a7aab97be1c398d
QNAP PhotoStation Cross Site Scripting
Posted May 22, 2018
Authored by SaeedReza Zamanian

QNAP PhotoStation versions prior to 5.x suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 05f5de9d0cbcfeb0b09d981b2c4c7cc6
Debian Security Advisory 4207-1
Posted May 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4207-1 - Matthias Gerstner discovered that PackageKit, a DBus abstraction layer for simple software management tasks, contains an authentication bypass flaw allowing users without privileges to install local packages.

tags | advisory, local
systems | linux, debian
advisories | CVE-2018-1106
MD5 | 818bf44649183241556978bcfc04e17d
Debian Security Advisory 4208-1
Posted May 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4208-1 - The Qualys Research Labs discovered multiple vulnerabilities in procps, a set of command line and full screen utilities for browsing procfs.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1125, CVE-2018-1126
MD5 | f85b2103baa8b53441d31885f22b6509
EasyService Billing 1.0 SQL Injection / Cross Site Scripting
Posted May 22, 2018
Authored by Ozkan Mustafa Akkus

EasyService Billing version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | aceaf6b54180e7b1e5aa621e5fe14e10
FTPShell Server 6.80 Local Buffer Overflow
Posted May 22, 2018
Authored by Hashim Jawad

FTPShell Server version 6.80 local buffer overflow exploit with SafeSEH bypass.

tags | exploit, overflow, local
MD5 | 40cfd7e488e4d9cdb73978bb8844d4f1
Teradek VidiU Pro 3.0.3 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek VidiU Pro version 3.0.3 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
MD5 | 85f74b0bec8310d4a27675d34c91fdcf
Teradek Slice 7.3.15 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Slice version 7.3.15 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
MD5 | 0cf6b30e0f45999cc94c85ea740b66ed
Teradek T-RAX 7.3.2 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek T-RAX version 7.3.2 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
MD5 | b94d2810cd0ee343c10b24d906ad3e7d
PaulPrinting CMS Printing 1.0 SQL Injection
Posted May 22, 2018
Authored by Mehmet Onder Key

PaulPrinting CMS Printing version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1b15f77a709406610d5c406023fd16c6
Siemens SIMATIC S7-1200 CPU Cross Site Scripting
Posted May 22, 2018
Authored by Jameel Nabbo, t4rkd3vilz

Siemens SIMATIC S7-1200 CPU suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-2908
MD5 | 694030f7dbd9a8de71aec5f3772be83d
Teradek Slice 7.3.15 Change Password Cross Site Request Forgery
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Slice version 7.3.15 suffers from a password changing cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | c4cc6381be728820054867a92156d4a7
Teradek Cube 7.3.6 Change Password Cross Site Request Forgery
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Cube version 7.3.6 suffers from a password changing cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 6ee2897fda34fa7704724bbd3ddae301
NewsBee CMS 1.4 SQL Injection
Posted May 22, 2018
Authored by Ozkan Mustafa Akkus

NewsBee CMS version 1.4 suffers from a remote SQL injection vulnerability in home-text-edit.php.

tags | exploit, remote, php, sql injection
MD5 | cefa5350f0ab6bfdef55bcda50287284
Teradek Cube 7.3.6 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Cube version 7.3.6 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
MD5 | 4503c90da737c7d782d2b0c1ff45ad01
ERPnext 11.x.x Cross Site Scripting
Posted May 22, 2018
Authored by Veerababu Penugonda

ERPnext version 11.x.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11339
MD5 | c6e2544bb660ab243da6a87411202ca9
Siemens SIMATIC S7-1200 CPU Cross Site Request Forgery
Posted May 22, 2018
Authored by Jameel Nabbo, t4rkd3vilz

Siemens SIMATIC S7-1200 suffers from a CPU functionality related cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-5698
MD5 | 3918f1d4882eb7d0a69bb075197dc03b
Nordex N149/4.0-4.5 Wind Turbine Web Server SQL Injection
Posted May 22, 2018
Authored by t4rkd3vilz

Nordex N149/4.0-4.5 Wind Turbine Web Server suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 2c581c04b219d80725898e6fafc219f3
AF_PACKET chocobo_root Privilege Escalation
Posted May 22, 2018
Authored by rebel, Brendan Coles | Site metasploit.com

This Metasploit module exploits a race condition and use-after-free in the packet_set_ring function in net/packet/af_packet.c (AF_PACKET) in the Linux kernel to execute code as root (CVE-2016-8655). The bug was initially introduced in 2011 and patched in 2016 in version 4.4.0-53.74, potentially affecting a large number of kernels; however this exploit targets only systems using Ubuntu (Trusty / Xenial) kernels 4.4.0 < 4.4.0-53, including Linux distros based on Ubuntu, such as Linux Mint. The target system must have unprivileged user namespaces enabled and two or more CPU cores. Bypasses for SMEP, SMAP and KASLR are included. Failed exploitation may crash the kernel. This Metasploit module has been tested successfully on Linux Mint 17.3 (x86_64); Linux Mint 18 (x86_64); and Ubuntu 16.04.2 (x86_64) with kernel versions 4.4.0-45-generic and 4.4.0-51-generic.

tags | exploit, kernel, root
systems | linux, ubuntu
advisories | CVE-2016-8655
MD5 | 4e74e49fb99838182c2b1099fc25b230
ILIAS 5.3.2 / 5.2.14 / 5.1.25 Cross Site Scripting
Posted May 22, 2018
Authored by Moritz Bechler

ILIAS versions 5.3.2, 5.2.14, and 5.1.25 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-10428
MD5 | e040c53ef97a1cf82b56b47ee94179a8
Red Hat Security Advisory 2018-1630-01
Posted May 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1630-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | 69027405b66a9d47b61f199b6db17fab
Page 1 of 2
Back12Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    10 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close