what you don't know can hurt you
Showing 1 - 25 of 55 RSS Feed

Files Date: 2018-05-24

TOR Virtual Network Tunneling Tool 0.3.3.6
Posted May 24, 2018
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.3.6 is the first stable release in the 0.3.3 series. It backports several important fixes from the 0.3.4.1-alpha. The Tor 0.3.3 series includes controller support and other improvements for v3 onion services, official support for embedding Tor within other applications, and our first non-trivial module written in the Rust programming language. (Rust is still not enabled by default when building Tor.) And as usual, there are numerous other smaller bugfixes, features, and improvements.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 99bc59f6dbf395894de12f3a83b3251a82dfd93dc7f6d3afcbbd80f6111433b7
D-Link DSL-2750B OS Command Injection
Posted May 24, 2018
Authored by p, Marcin Bury | Site metasploit.com

This Metasploit module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through "cli" parameter that is directly used to invoke "ayecli" binary. Vulnerable firmwares are from 1.01 up to 1.03.

tags | exploit, remote
SHA-256 | 7cf7e6a9370862148d53fd85566a178ffcef9370005515e69583c6302f892ef1
Ubuntu Security Notice USN-3598-2
Posted May 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3598-2 - USN-3598-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. Phan Thanh discovered that curl incorrectly handled certain FTP paths. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000301
SHA-256 | c5d6344504a7945abbf4776b4bf8a96624a9b4f396644b64ae184261943023f6
Ubuntu Security Notice USN-3659-1
Posted May 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3659-1 - Frediano Ziglio discovered that Spice incorrectly handled certain client messages. An attacker could possibly use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-12194
SHA-256 | d52663890c0d8cb6a4bdb3c8644adaab7e7444d362b40550e58a32bfee78867a
Red Hat Security Advisory 2018-1713-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1713-01 - The UnboundID LDAP SDK for Java is a free Java library for communicating with LDAP directory servers and performing related tasks like reading and writing LDIF, encoding and decoding data using base64 and ASN.1 BER, and performing secure communications. The following packages have been upgraded to a later upstream version: unboundid-ldapsdk. Issues addressed include an access control vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-1000134
SHA-256 | dd9272d56b56f15f86ef19e47196e64305150b7aefbf41d2eea04acc78fe1e15
PHP Login And User Management 4.1.0 Shell Upload
Posted May 24, 2018
Authored by Reginald Dodd

PHP Login and User Management versions 4.1.0 and below suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
advisories | CVE-2018-11392
SHA-256 | 118f27e91f83c0bf5c886ce61f1c84f12f812e5ff1f27ae88d5738ffe6f299dd
Microsoft Internet Explorer 11 Vbscript Code Execution
Posted May 24, 2018
Authored by smgorelik

Microsoft Internet Explorer 11 on Windows 7 x64/x86 suffers from a vbscript code execution vulnerability.

tags | exploit, x86, code execution
systems | windows
advisories | CVE-2018-8174
SHA-256 | 5ea819396cd5fb910aa32e5974bd278e3661029f3b11021d68c0ae940bbf7285
Ubuntu Security Notice USN-3658-1
Posted May 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3658-1 - It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges. It was discovered that the procps-ng ps tool incorrectly handled memory. A local user could possibly use this issue to cause a denial of service. It was discovered that libprocps incorrectly handled the file2strvec function. A local attacker could possibly use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1125, CVE-2018-1126
SHA-256 | 6c482ce89fc0489037c921eae41b9c5bf25503ef49a7c0170a3d43294c052ca3
PaulNews 1.0 Cross Site Scripting / SQL Injection
Posted May 24, 2018
Authored by Ozkan Mustafa Akkus

PaulNews version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 9305dd447cb777e0976c371e92771715b0201fe1d9284cd2493d3921facffc76
LikeSoftware CMS Cross Site Request Forgery / Shell Upload
Posted May 24, 2018
Authored by Mr.7z

LikeSoftware CMS suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
SHA-256 | da38e6a76d6acf6d74cadc55bef94abab216e0374bf1e027a3d7d49761780a0c
Red Hat Security Advisory 2018-1711-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1711-01 - The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | e886f234d79b87efe7f7cd426d7cc08c09c97dad7766beefc21e061a21abae82
GNU glibc Local Buffer Overflow
Posted May 24, 2018
Authored by Jameel Nabbo

GNU glibc versions prior to 2.27 suffer from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2018-11237
SHA-256 | b343af88553f32eaebef15dc533583e14be83f18b64bb6bc38800f729025d2e4
NewsBee CMS 1.4 Cross Site Request Forgery
Posted May 24, 2018
Authored by indoushka

NewsBee CMS version 1.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | d4dbbcb4302888ff0af174e212129542cbdefac9073b74f2a3977d0b7714e526
Micro Focus Security Bulletin MFSBGN03808 1
Posted May 24, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03808 1 - A potential security vulnerability has been identified in Micro Focus Universal CMDB/CMS and Micro Focus UCMDB Browser. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
advisories | CVE-2018-6495
SHA-256 | fe9d3155cabe6bc0073c518cb04078e48b150412142865699dc7da98aaabdc46
EU MRV Regulatory Complete Solution 1 SQL Injection
Posted May 24, 2018
Authored by Veyselxan

EU MRV Regulatory Complete Solution version 1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3a6a1cc01b1e0f0afe0d8136bd9098728c054cfc256eb650d1f6a45e2a8eefb0
Red Hat Security Advisory 2018-1710-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1710-01 - The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | 23297ab3f872b67103644c028bcad01fbd7c1f3a2d71e75c2861b3cbf8b52a33
Red Hat Security Advisory 2018-1707-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1707-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
advisories | CVE-2018-1000140
SHA-256 | e95cbdad63d316bb454bef620f4b4a3928f2291a0df072f9632346ff168b799f
Red Hat Security Advisory 2018-1703-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1703-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
advisories | CVE-2018-1000140
SHA-256 | e6da746e4377db7b862e8fd5e37c602aecb374ccbbb1aa4a0d07724a751939c5
Honeywell XL Web Controller Cross Site Scripting / SQL Injection
Posted May 24, 2018
Authored by t4rkd3vilz

Honeywell XL Web Controller suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection
advisories | CVE-2014-3110
SHA-256 | 84c96e927f1d9f4a4db0f819b9d00762694fa62b9c41bd7450bbf2c5e56e8a93
Timber 1.1 Cross Site Request Forgery
Posted May 24, 2018
Authored by Borna Nematzadeh

Timber version 1.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 98125c64ad8f40b05398adc5800e2dcda0ab9d8c496cb8cbce6e95222d1a2baf
Easy File Uploader 1.7 Shell Upload
Posted May 24, 2018
Authored by indoushka

Easy File Uploader version 1.7 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
SHA-256 | ee8720840c5ab06ce21c9605205b8d6f58881eafe02c6f39625c4e1b8c21fe16
Red Hat Security Advisory 2018-1702-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1702-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
advisories | CVE-2018-1000140
SHA-256 | 4cc397327257299a1496198d18c44da3721840f1b4815298d76c0e80f995e86a
OpenDaylight SQL Injection
Posted May 24, 2018
Authored by Jameel Nabbo

OpenDaylight suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-1132
SHA-256 | 43255904a087721be0857057b2ec5652bb0704796a76fd5486ba3a6e54e048c5
ASP.NET jVideo Kit 1.0 SQL Injection
Posted May 24, 2018
Authored by Ozkan Mustafa Akkus

ASP.NET jVideo Kit version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection, asp
SHA-256 | eb792f18f1f53dbfb6b5c50d9878dc053d894293efeeb4b0f55522c1f6d55849
WordPress Peugeot Music 1.0 Shell Upload / Cross Site Request Forgery
Posted May 24, 2018
Authored by Mr.7z

WordPress Peugeot Music plugin version 1.0 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
SHA-256 | 0265470eee421e7152351b838d957203ae7a76360be0f3eb87db1138e333d266
Page 1 of 3
Back123Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close