exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2018-06-05

Bro Network Security Monitor 2.5.4
Posted Jun 5, 2018
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Multiple fixes and improvements to BinPAC generated code related to array parsing, with potential impact to all Bro's BinPAC-generated analyzers in the form of buffer over-reads or other invalid memory accesses depending on whether a particular analyzer incorrectly assumed that the evaluated-array-length expression is actually the number of elements that were parsed out from the input. Various other updates.
tags | tool, intrusion detection
systems | unix
SHA-256 | 80daea433fa654f2602cf67b19b9121ff6ad57761bad73cc29020c4f490c5f1f
Ignite Realtime Openfire 3.7.1 Cross Site Scripting
Posted Jun 5, 2018
Authored by Yavuz Atlas

Ignite Realtime Openfire version 3.7.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11688
SHA-256 | c10f3c6ace6529c0ad221c414802d91b8aafa5e9cc0a5c883951f87d29b5c532
CGMiner 4.10.0 / BFGMiner 5.5.0 Buffer Overflow / Arbitrary File Write
Posted Jun 5, 2018
Authored by tintinweb

CGMiner versions 4.10.0 and below and BFGMiner versions 5.5.0 and below suffer from buffer overflow and path traversal vulnerabilities.

tags | exploit, overflow, vulnerability, file inclusion
advisories | CVE-2018-10057, CVE-2018-10058
SHA-256 | fa4fcd5a2e44edf0c29b6ad66381cdaee61adb9f18ca7cb776665f37c4daf012
macOS / iOS Kernel Heap Overflow
Posted Jun 5, 2018
Authored by Google Security Research, Ian Beer

The macOS and iOS kernels suffer from a heap overflow due to a lack of lower size check in getvolattrlist.

tags | exploit, overflow, kernel
systems | cisco, ios
advisories | CVE-2018-4243
SHA-256 | f1c3b9023d02313f1fc1abb64c64d84e4ea581179d6b4d5a3425103544649ed7
Ubuntu Security Notice USN-3670-1
Posted Jun 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3670-1 - Agostino Sarubbo discovered that elfutils incorrectly handled certain malformed ELF files. If a user or automated system were tricked into processing a specially crafted ELF file, elfutils could be made to crash or consume resources, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10254, CVE-2016-10255, CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613
SHA-256 | cba8a2e28c73b05551966e6f681349ffd0bf42b5553713c3cf8a26cae4032542
XNU Kernel MPTCP Head Overflow
Posted Jun 5, 2018
Authored by Google Security Research, Ian Beer

The XNU kernel suffers from a heap overflow vulnerability due to bad bounds checking in MPTCP.

tags | exploit, overflow, kernel
advisories | CVE-2018-4241
SHA-256 | ab1dba51b69b26269ebf87264489c261941c2b7f55161734beeceefe097f984c
Jenkins Mailer Cross Site Request Forgery
Posted Jun 5, 2018
Authored by Kl3_GMjq6

Jenkins Mailer plugin versions prior to 1.20 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-8718
SHA-256 | 8965ea91c46e6a72747d01cc2b374557bf8f2de7465a2a523e4f6efbc46fb6f1
macOS Kernel Use-After-Free
Posted Jun 5, 2018
Authored by Google Security Research, Ian Beer

The macOS kernel suffers from a use-after-free vulnerability due to a lack of locking in the nvidia GeForce driver.

tags | exploit, kernel
advisories | CVE-2018-4230
SHA-256 | d0dcd6d0f0048420298561799aa73fc74597cbca38483aca36320551f2eeae4a
WebKitGTK+ 2.21.3 pageURL Mishandling Denial Of Service
Posted Jun 5, 2018
Authored by Dhiraj Mishra

webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.

tags | exploit
advisories | CVE-2018-11646
SHA-256 | 3725c738a09fea389fabaa7eb29da7d502f1c4ac44e99b11eeacaad53d765aa1
10-Strike Network Scanner 3.0 Local Buffer Overflow
Posted Jun 5, 2018
Authored by Hashim Jawad

10-Strike Network Scanner version 3.0 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | 4c5f0b666b1e0a95dc09e2022cf1d874e70a80d21966c376517976bc0e7d8700
Sint Wind PI 01.26.19 Authentication Bypass
Posted Jun 5, 2018
Authored by Humberto Cabrera

Sint Wind PI version 01.26.19 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 75a058c1e4408185eadda4db58ff7149ce94ba38afe34a983300dd97bb2d9801
Clone 2 GO Video Converter 2.8.2 Unicode Buffer Overflow
Posted Jun 5, 2018
Authored by Gokul Babu

Clone 2 GO Video Converter version 2.8.2 unicode buffer overflow remote code execution vulnerability.

tags | exploit, remote, overflow, code execution
SHA-256 | 487a673b2e8db8fb4aaa17e7d695d49b0d7652fd214fb9ac2e5f91973f48183d
Pagekit Cross Site Scripting Code Generator
Posted Jun 5, 2018
Authored by DEEPIN2

Pagekit versions prior to 1.0.13 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11564
SHA-256 | 2b8404ce71950c6f51a9c3a533696cae704a6b32c473193a05a3fd033cf9f6bb
MyBB Recent Threads 1.0 Cross Site Scripting
Posted Jun 5, 2018
Authored by 0xB9

MyBB Recent Threads plugin version 1.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11715
SHA-256 | 2159b3f17df67c386fab05ff778ade669befbf9efe75501956f91227028c510e
Linux Kernel ext4_read_inline_data() Memory Corruption
Posted Jun 5, 2018
Authored by Google Security Research

Linux Kernel versions prior to 4.16.11 suffer from an ext4_read_inline_data() memory corruption vulnerability.

tags | exploit, kernel
systems | linux
advisories | CVE-2018-11412
SHA-256 | f43855fa683dd79a2c3bc32dce30916f143b2462f4ccd05cc760ef2a59b47e87
10-Strike Network Inventory Explorer Standard 8.54 Registration Key Overflow
Posted Jun 5, 2018
Authored by Hashim Jawad

10-Strike Network Inventory Explorer Standard version 8.54 suffers from a local buffer overflow vulnerability in the Enter Registration Key field.

tags | exploit, overflow, local
SHA-256 | c4b79a122512401dd630e882d0940ed9966ed72d66fdeeeb21bff38c89ef419c
Microsoft Open Redirect
Posted Jun 5, 2018
Authored by Ismail Tasdelen

dpa-fwl.microsoft.com suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | cc2183a3ffe07e0d54ebb0988e05ca695cfc3e42a13d8d057010463352561e9c
10-Strike Network Inventory Explorer Standard 8.54 Buffer Overflow
Posted Jun 5, 2018
Authored by Hashim Jawad

10-Strike Network Inventory Explorer Standard version 8.54 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | 7f3172b7061baf4d6fab00b5b8ce4f4c54070897bdf1312522a27b8caae4de6e
Ubuntu Security Notice USN-3669-1
Posted Jun 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3669-1 - It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-11410, CVE-2018-11440, CVE-2018-11577
SHA-256 | d7542c5dbf17a2f4b8cb7e4c903ca06cb2d8ae3d5b81fe823aa4394602a4793d
EMS Master Calendar Cross Site Scripting
Posted Jun 5, 2018
Authored by Chris Barretto

EMS Master Calendar versions prior to 8.0.0.20180520 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11628
SHA-256 | 9de08681497ed3fd4b4c62645f41c52394683d9f31f32cb1e74f1ed97cdf21fd
Ubuntu Security Notice USN-3664-2
Posted Jun 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3664-2 - USN-3664-1 fixed a vulnerability in Apport. Sander Bos reported that Ubuntu 14.04 LTS was also vulnerable to this issue, but was incorrectly omitted from the previous updates. This update provides the corresponding update for Ubuntu 14.04 LTS. Sander Bos discovered that Apport incorrectly handled core dumps when certain files are missing from /proc. A local attacker could possibly use this issue to cause a denial of service, gain root privileges, or escape from containers. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2018-6552
SHA-256 | 82738ed5a01bd47de75aafd897c85fc8bcf1629b34e058f286faf7fd5e618bc9
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close