what you don't know can hurt you
Showing 1 - 23 of 23 RSS Feed

Files Date: 2018-06-26

I2P 0.9.35
Posted Jun 26, 2018
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: This version includes SusiMail folders and SSL Wizard.
tags | tool
systems | unix
SHA-256 | 8bb88d3db355ebfa5be65d48089db60919875ac298b7217b7f8150048ea5079e
Raptor WAF 0.5
Posted Jun 26, 2018
Authored by coolervoid

Raptor is a web application firewall written in C that uses DFA to block SQL injection, cross site scripting, and path traversals.

Changes: Added support for PCRE.
tags | tool, web, firewall, xss, sql injection
systems | unix
SHA-256 | 447b1f123430d2d4378832b337fca556aa9a009f7c6863f5382f9844a50bcc42
Red Hat Security Advisory 2018-2037-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2037-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Issues addressed include a problem where containers run as non-root users do not drop capabilities.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2018-10856
SHA-256 | a89a5d6c2109afaef7fed67506acdaeb2dca4fcde68f4b07ca16aa378fdccc16
Red Hat Security Advisory 2018-2038-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2038-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include an information exposure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1059
SHA-256 | 193050d2859f9774b75b6e27f5e090fac7e5a7b653ab4db98c5b7f2a9c169da4
Red Hat Security Advisory 2018-2022-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2022-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-10855
SHA-256 | 4abef6eccdfd763ea52b27371cabd8e5dee046c31525082ebdb1d3fbfc26ab49
Red Hat Security Advisory 2018-2001-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2001-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | 428cfa13864ae570397f8f64c14e7424039079840c6f9a3bd7bc3ca839c68e4c
Red Hat Security Advisory 2018-1997-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1997-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | 6162841f8e56c68ab1cd4a6e5e2c440ec5e1f1a6e1a097e3a506319255f56ba4
Red Hat Security Advisory 2018-1965-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1965-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2017-11600, CVE-2018-3639
SHA-256 | 5625c726ca93dddc4f128e9505cbafd6e9a86b185e28f9e42a9db805ce8d6b15
Red Hat Security Advisory 2018-2003-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2003-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2017-11600, CVE-2018-3639
SHA-256 | 3df03071d93422612d584b49a3fca361b78a54a69d4c0611dccd3bc4ede47b6e
Red Hat Security Advisory 2018-1979-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1979-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include a mishandled ACL configuration.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1080
SHA-256 | 646ec53ff9052049e7f708ecd146f3966e311e18f1a173d05e21b532e225ec05
Red Hat Security Advisory 2018-2020-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2020-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files. Issues addressed include a file disclosure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-9159
SHA-256 | 134d8a5b2ddc7d417cababde0f0cac534b88c2372bb7e3c04258d447a81ea2bc
Red Hat Security Advisory 2018-2006-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2006-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | ca891c305b74f2203c8a71e33c2d143de883f420e647176863e7bde00ec4f911
Red Hat Security Advisory 2018-1967-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1967-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
SHA-256 | 1f84086fb9dc926e9c6cbd7c89e97e3af1970709e492833edac35dbf5eb38a12
Quest KACE Systems Management Command Injection
Posted Jun 26, 2018
Authored by Brendan Coles, Leandro Barragan, Guido Leo | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Quest KACE Systems Management Appliance version 8.0.318 (and possibly prior). The download_agent_installer.php file allows unauthenticated users to execute arbitrary commands as the web server user www. A valid Organization ID is required. The default value is 1. A valid Windows agent version number must also be provided. If file sharing is enabled, the agent versions are available within the \\kace.local\client\agent_provisioning\windows_platform Samba share. Additionally, various agent versions are listed on the KACE website. This Metasploit module has been tested successfully on Quest KACE Systems Management Appliance K1000 version 8.0 (Build 8.0.318).

tags | exploit, web, arbitrary, local, php
systems | windows
advisories | CVE-2018-11138
SHA-256 | 0dbef74980c65246fdf8019f7b0a27a24a0c3431c8e7e457609a060b5a8fdf8d
Lynis Auditing Tool 2.6.5
Posted Jun 26, 2018
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Improved tests.
tags | tool, scanner
systems | unix
SHA-256 | 9119ed3c11ecd8c470369c6242cc9620d6573fc301d66455a5689c613c31563d
Ubuntu Security Notice USN-3692-1
Posted Jun 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3692-1 - Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Guido Vranken discovered that OpenSSL incorrectly handled very large prime values during a key agreement. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-0495, CVE-2018-0732, CVE-2018-0737
SHA-256 | 64a55400d3928d560eed60fa189b3f16e104aacf734c115775b42e7ec6f162c5
HP Enterprise VAN SDN Controller 2.7.18.0503 Remote Root
Posted Jun 26, 2018
Authored by Matthew Bergin | Site korelogic.com

HP Enterprise VAN SDN Controller version 2.7.18.0503 suffers from an unauthenticated remote root vulnerability. A hard-coded service token can be used to bypass authentication. Built-in functionality can be exploited to deploy and execute a malicious deb file containing a backdoor. A weak sudoers configuration can then be abused to escalate privileges to root. A second issue can be used to deny use of the appliance by continually rebooting it.

tags | exploit, remote, root
SHA-256 | ca4e710786607c8db2b5551765fad05ea1626ff8a4bd00aa2997feded7590990
Polaris Office 2017 8.1 Remote Code Execution
Posted Jun 26, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Polaris Office 2017 version 8.1 allows attackers to execute arbitrary code via a trojan horse "puiframeworkproresenu.dll" file in the current working directory, due to a search order flaw vulnerability.

tags | exploit, arbitrary, trojan
advisories | CVE-2018-12589
SHA-256 | 988220d8a0264edc45ec0aa0ac0b56815a4ed2982e90beeed521161d2f094034
Slackware Security Advisory - mozilla-firefox Updates
Posted Jun 26, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 04707f60cb28318bfb4aea0286bc9cf7aec27ce846234a72d84ec3b06a64c963
Ubuntu Security Notice USN-3692-2
Posted Jun 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3692-2 - USN-3692-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-0737, CVE-2018-0495, CVE-2018-0732, CVE-2018-0737
SHA-256 | c9a4413cce1293192cef94ae1323f4ac3f80a693b84d4dd16582f330058c726d
Liferay Portal Server-Side Request Forgery
Posted Jun 26, 2018
Authored by Mehmet Ince

Liferay Portal versions prior to 7.0.4 suffer from a server-side request forgery vulnerability.

tags | exploit
SHA-256 | 9cd4a09a6913c2e09ea065cb580a2524d7a76aafcb6212597452862aa04d2d5b
PoDoFo 0.9.5 Buffer Overflow
Posted Jun 26, 2018
Authored by r4xis

PoDoFo version 0.9.5 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2018-8002
SHA-256 | d30e9bc2b87c725a0e7297e704ac0cfafb3e95d40de7cdeddb1838c6af802081
Microsoft Internet Explorer HTML Help Control 4.74 Bypass
Posted Jun 26, 2018
Authored by Eduardo Braun Prado

Microsoft Internet Explorer HTML Help Control version 4.74 local zone bypass exploit. Proof of concept code for an ancient vulnerability.

tags | exploit, local, proof of concept, bypass
advisories | CVE-2004-1043
SHA-256 | 7901eefcb2e2143481c3b0627e4f0d79c45b046af2b80d84196dc6c15a0701af
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close