Twenty Year Anniversary
Showing 1 - 23 of 23 RSS Feed

Files Date: 2018-06-26

I2P 0.9.35
Posted Jun 26, 2018
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: This version includes SusiMail folders and SSL Wizard.
tags | tool
systems | unix
MD5 | 5a1cc327e64503f7fabc69b01971052d
Raptor WAF 0.5
Posted Jun 26, 2018
Authored by coolervoid

Raptor is a web application firewall written in C that uses DFA to block SQL injection, cross site scripting, and path traversals.

Changes: Added support for PCRE.
tags | tool, web, firewall, xss, sql injection
systems | unix
MD5 | b8560e628943e1101493cc13381335c3
Red Hat Security Advisory 2018-2037-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2037-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Issues addressed include a problem where containers run as non-root users do not drop capabilities.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2018-10856
MD5 | b1bb3b2cd5ec1058b29768f09ba69af0
Red Hat Security Advisory 2018-2038-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2038-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include an information exposure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1059
MD5 | 1d0802ebcd553bc567f19b9401fa6732
Red Hat Security Advisory 2018-2022-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2022-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-10855
MD5 | 933af30ec35fe9bc049d8875961f297e
Red Hat Security Advisory 2018-2001-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2001-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | bc5821b53940d1b888279b61e71fd864
Red Hat Security Advisory 2018-1997-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1997-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | 942c63fb7d4c891e93e28bb498675417
Red Hat Security Advisory 2018-1965-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1965-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2017-11600, CVE-2018-3639
MD5 | 0a627951dd2983c6a29d8a8db3e5f8b3
Red Hat Security Advisory 2018-2003-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2003-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2017-11600, CVE-2018-3639
MD5 | 7b7f1730f4d54dc80e02eec13b3a435a
Red Hat Security Advisory 2018-1979-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1979-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include a mishandled ACL configuration.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1080
MD5 | ceb64e477b66c1394ada2e9899d137b4
Red Hat Security Advisory 2018-2020-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2020-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files. Issues addressed include a file disclosure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-9159
MD5 | 9794723e53380628d9ffcebdd154186a
Red Hat Security Advisory 2018-2006-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2006-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | c578e698209ff3566ea12a777fb847dc
Red Hat Security Advisory 2018-1967-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1967-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | 8f2def7ba1f6ffde4374f8670824a267
Quest KACE Systems Management Command Injection
Posted Jun 26, 2018
Authored by Brendan Coles, Leandro Barragan, Guido Leo | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Quest KACE Systems Management Appliance version 8.0.318 (and possibly prior). The download_agent_installer.php file allows unauthenticated users to execute arbitrary commands as the web server user www. A valid Organization ID is required. The default value is 1. A valid Windows agent version number must also be provided. If file sharing is enabled, the agent versions are available within the \\kace.local\client\agent_provisioning\windows_platform Samba share. Additionally, various agent versions are listed on the KACE website. This Metasploit module has been tested successfully on Quest KACE Systems Management Appliance K1000 version 8.0 (Build 8.0.318).

tags | exploit, web, arbitrary, local, php
systems | windows
advisories | CVE-2018-11138
MD5 | 48ba6b06f4b01737a61a9c63d90ba594
Lynis Auditing Tool 2.6.5
Posted Jun 26, 2018
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Improved tests.
tags | tool, scanner
systems | unix
MD5 | cf77bb3afb5d3b1492b6b57f711855bc
Ubuntu Security Notice USN-3692-1
Posted Jun 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3692-1 - Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Guido Vranken discovered that OpenSSL incorrectly handled very large prime values during a key agreement. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-0495, CVE-2018-0732, CVE-2018-0737
MD5 | 56cd52a341cc1f84b0df7977939c8ef3
HP Enterprise VAN SDN Controller 2.7.18.0503 Remote Root
Posted Jun 26, 2018
Authored by Matthew Bergin | Site korelogic.com

HP Enterprise VAN SDN Controller version 2.7.18.0503 suffers from an unauthenticated remote root vulnerability. A hard-coded service token can be used to bypass authentication. Built-in functionality can be exploited to deploy and execute a malicious deb file containing a backdoor. A weak sudoers configuration can then be abused to escalate privileges to root. A second issue can be used to deny use of the appliance by continually rebooting it.

tags | exploit, remote, root
MD5 | bf9904ea89edad3e901e6b2663316e90
Polaris Office 2017 8.1 Remote Code Execution
Posted Jun 26, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Polaris Office 2017 version 8.1 allows attackers to execute arbitrary code via a trojan horse "puiframeworkproresenu.dll" file in the current working directory, due to a search order flaw vulnerability.

tags | exploit, arbitrary, trojan
advisories | CVE-2018-12589
MD5 | cb627d3986c07f094a3e4282ca8924de
Slackware Security Advisory - mozilla-firefox Updates
Posted Jun 26, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | ce8245c3b4d1ce00d3f9e9465cd5a1ca
Ubuntu Security Notice USN-3692-2
Posted Jun 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3692-2 - USN-3692-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-0737, CVE-2018-0495, CVE-2018-0732, CVE-2018-0737
MD5 | 9be3e658c83ed593e3a872b40b7f8a54
Liferay Portal Server-Side Request Forgery
Posted Jun 26, 2018
Authored by Mehmet Ince

Liferay Portal versions prior to 7.0.4 suffer from a server-side request forgery vulnerability.

tags | exploit
MD5 | dd6d01a7688e9d716b44c10e42ef9b87
PoDoFo 0.9.5 Buffer Overflow
Posted Jun 26, 2018
Authored by r4xis

PoDoFo version 0.9.5 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2018-8002
MD5 | 8bfed571dcda975b809de00adc2768e4
Microsoft Internet Explorer HTML Help Control 4.74 Bypass
Posted Jun 26, 2018
Authored by Eduardo Braun Prado

Microsoft Internet Explorer HTML Help Control version 4.74 local zone bypass exploit. Proof of concept code for an ancient vulnerability.

tags | exploit, local, proof of concept, bypass
advisories | CVE-2004-1043
MD5 | 31b8cba305e7c04047d7eace49fd4d94
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    18 Files
  • 15
    Aug 15th
    38 Files
  • 16
    Aug 16th
    16 Files
  • 17
    Aug 17th
    22 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close