Twenty Year Anniversary
Showing 1 - 21 of 21 RSS Feed

Files Date: 2018-06-05

Bro Network Security Monitor 2.5.4
Posted Jun 5, 2018
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Multiple fixes and improvements to BinPAC generated code related to array parsing, with potential impact to all Bro's BinPAC-generated analyzers in the form of buffer over-reads or other invalid memory accesses depending on whether a particular analyzer incorrectly assumed that the evaluated-array-length expression is actually the number of elements that were parsed out from the input. Various other updates.
tags | tool, intrusion detection
systems | unix
MD5 | 2bc85f51d6257378594775d04177ba30
Ignite Realtime Openfire 3.7.1 Cross Site Scripting
Posted Jun 5, 2018
Authored by Yavuz Atlas

Ignite Realtime Openfire version 3.7.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11688
MD5 | 2e97079f3a9375b315b0242e3016270e
CGMiner 4.10.0 / BFGMiner 5.5.0 Buffer Overflow / Arbitrary File Write
Posted Jun 5, 2018
Authored by tintinweb

CGMiner versions 4.10.0 and below and BFGMiner versions 5.5.0 and below suffer from buffer overflow and path traversal vulnerabilities.

tags | exploit, overflow, vulnerability, file inclusion
advisories | CVE-2018-10057, CVE-2018-10058
MD5 | 876e492c7b39054088c8ae71f6f1ac38
macOS / iOS Kernel Heap Overflow
Posted Jun 5, 2018
Authored by Google Security Research, ianbeer

The macOS and iOS kernels suffer from a heap overflow due to a lack of lower size check in getvolattrlist.

tags | exploit, overflow, kernel
systems | cisco, ios
advisories | CVE-2018-4243
MD5 | 8bc2ddee4be107c0fed7f5978e377f2c
Ubuntu Security Notice USN-3670-1
Posted Jun 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3670-1 - Agostino Sarubbo discovered that elfutils incorrectly handled certain malformed ELF files. If a user or automated system were tricked into processing a specially crafted ELF file, elfutils could be made to crash or consume resources, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10254, CVE-2016-10255, CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613
MD5 | 2c814b85b27d8f83c8806b74e9e6b320
XNU Kernel MPTCP Head Overflow
Posted Jun 5, 2018
Authored by Google Security Research, ianbeer

The XNU kernel suffers from a heap overflow vulnerability due to bad bounds checking in MPTCP.

tags | exploit, overflow, kernel
advisories | CVE-2018-4241
MD5 | 449d61519abf2905830578f282b2544c
Jenkins Mailer Cross Site Request Forgery
Posted Jun 5, 2018
Authored by Kl3_GMjq6

Jenkins Mailer plugin versions prior to 1.20 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-8718
MD5 | 924b7a0ec9e48938b9d8278a33950267
macOS Kernel Use-After-Free
Posted Jun 5, 2018
Authored by Google Security Research, ianbeer

The macOS kernel suffers from a use-after-free vulnerability due to a lack of locking in the nvidia GeForce driver.

tags | exploit, kernel
advisories | CVE-2018-4230
MD5 | 9df96b20c281d23bcd8105e681608b33
WebKitGTK+ 2.21.3 pageURL Mishandling Denial Of Service
Posted Jun 5, 2018
Authored by Mishra Dhiraj

webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.

tags | exploit
advisories | CVE-2018-11646
MD5 | 4aa04572e2f242c2da834f23b0e01ea1
10-Strike Network Scanner 3.0 Local Buffer Overflow
Posted Jun 5, 2018
Authored by Hashim Jawad

10-Strike Network Scanner version 3.0 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
MD5 | fdd8fa543739944bb1bb7bcef3a80a0e
Sint Wind PI 01.26.19 Authentication Bypass
Posted Jun 5, 2018
Authored by Humberto Cabrera

Sint Wind PI version 01.26.19 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 174e4d33a42654a568b034c9ff1fb36a
Clone 2 GO Video Converter 2.8.2 Unicode Buffer Overflow
Posted Jun 5, 2018
Authored by Gokul Babu

Clone 2 GO Video Converter version 2.8.2 unicode buffer overflow remote code execution vulnerability.

tags | exploit, remote, overflow, code execution
MD5 | 3efa1715da902154dfa5a9969cba698f
Pagekit Cross Site Scripting Code Generator
Posted Jun 5, 2018
Authored by DEEPIN2

Pagekit versions prior to 1.0.13 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11564
MD5 | e0229463cc0d33dc6ba55902196ace72
MyBB Recent Threads 1.0 Cross Site Scripting
Posted Jun 5, 2018
Authored by 0xB9

MyBB Recent Threads plugin version 1.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11715
MD5 | a323305800c40845994bfaf49097fa4e
Linux Kernel ext4_read_inline_data() Memory Corruption
Posted Jun 5, 2018
Authored by Google Security Research

Linux Kernel versions prior to 4.16.11 suffer from an ext4_read_inline_data() memory corruption vulnerability.

tags | exploit, kernel
systems | linux
advisories | CVE-2018-11412
MD5 | ef90cc76075cfbbd5c9ca92c6da53beb
10-Strike Network Inventory Explorer Standard 8.54 Registration Key Overflow
Posted Jun 5, 2018
Authored by Hashim Jawad

10-Strike Network Inventory Explorer Standard version 8.54 suffers from a local buffer overflow vulnerability in the Enter Registration Key field.

tags | exploit, overflow, local
MD5 | 17ad7c5d7080ebbd766c9066712d2864
Microsoft Open Redirect
Posted Jun 5, 2018
Authored by Ismail Tasdelen

dpa-fwl.microsoft.com suffers from an open redirection vulnerability.

tags | exploit
MD5 | 9a992791db71dab2fd3cb6f1e0559793
10-Strike Network Inventory Explorer Standard 8.54 Buffer Overflow
Posted Jun 5, 2018
Authored by Hashim Jawad

10-Strike Network Inventory Explorer Standard version 8.54 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
MD5 | 2f8a0210fd1ec5ab9948105278bc39fd
Ubuntu Security Notice USN-3669-1
Posted Jun 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3669-1 - It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-11410, CVE-2018-11440, CVE-2018-11577
MD5 | fc1bfc637ae762561c44f451839b1f0f
EMS Master Calendar Cross Site Scripting
Posted Jun 5, 2018
Authored by Chris Barretto

EMS Master Calendar versions prior to 8.0.0.20180520 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11628
MD5 | 70ecdc8374901418dbc51401373c3955
Ubuntu Security Notice USN-3664-2
Posted Jun 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3664-2 - USN-3664-1 fixed a vulnerability in Apport. Sander Bos reported that Ubuntu 14.04 LTS was also vulnerable to this issue, but was incorrectly omitted from the previous updates. This update provides the corresponding update for Ubuntu 14.04 LTS. Sander Bos discovered that Apport incorrectly handled core dumps when certain files are missing from /proc. A local attacker could possibly use this issue to cause a denial of service, gain root privileges, or escape from containers. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2018-6552
MD5 | 67273d8fdf19a09dbdc393e426a31d0c
Page 1 of 1
Back1Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close