Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-07-17

Binance 1.5.0 Insecure File Permission
Posted Jul 17, 2018
Authored by ZwX | Site vulnerability-lab.com

Binance version 1.5.0 suffers from an insecure file permission vulnerability.

tags | exploit
MD5 | 23ab79875476d303569e9a725683a7de
HomeMatic Zentrale CCU2 Unauthenticated Remote Code Execution
Posted Jul 17, 2018
Authored by Kacper Szurek

HomeMatic Zentrale CCU2 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | ccea6d6c54fb9e1b819b5ac388864b05
Ubuntu Security Notice USN-3717-2
Posted Jul 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3717-2 - USN-3717-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PolicyKit incorrectly handled certain duplicate action IDs. A local attacker could use this issue to cause PolicyKit to crash, resulting in a denial of service, or possibly escalate privileges. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2015-3255, CVE-2018-1116
MD5 | 78d3067a269ada3defc617dd1a89a37b
Red Hat Security Advisory 2018-2216-01
Posted Jul 17, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2216-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | d56d27208391fc4c05e5ab7c21479c7e
Debian Security Advisory 4247-1
Posted Jul 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4247-1 - A timing attack was discovered in the function for CSRF token validation of the "Ruby rack protection" framework.

tags | advisory, ruby
systems | linux, debian
advisories | CVE-2018-1000119
MD5 | 39d070355f9db731ccc28b7ee0afba09
Gentoo Linux Security Advisory 201807-01
Posted Jul 17, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201807-1 - A vulnerability in tqdm could allow remote attackers to execute arbitrary code. Versions less than 4.23.3 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2016-10075
MD5 | 3c4d0d556f0b04c287bd19337fec4c3e
Slackware Security Advisory - mutt Updates
Posted Jul 17, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mutt packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 324a6a1461c79e0dc68798e5dff7cf97
Debian Security Advisory 4249-1
Posted Jul 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4249-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-10001, CVE-2018-12458, CVE-2018-13300, CVE-2018-13302, CVE-2018-6392, CVE-2018-6621, CVE-2018-7557
MD5 | a46178e2755015b15bfc5ed2e1214de0
Debian Security Advisory 4248-1
Posted Jul 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4248-1 - Multiple vulnerabilities have been discovered in various parsers of Blender, a 3D modeller/ renderer. Malformed .blend model files and malformed multimedia files (AVI, BMP, HDR, CIN, IRIS, PNG, TIFF) may result in the execution of arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-12081, CVE-2017-12082, CVE-2017-12086, CVE-2017-12099, CVE-2017-12100, CVE-2017-12101, CVE-2017-12102, CVE-2017-12103, CVE-2017-12104, CVE-2017-12105, CVE-2017-2899, CVE-2017-2900, CVE-2017-2901, CVE-2017-2902, CVE-2017-2903, CVE-2017-2904, CVE-2017-2905, CVE-2017-2906, CVE-2017-2907, CVE-2017-2908, CVE-2017-2918
MD5 | 849f86c5001735c91bee785334de49e7
Doorkeeper 4.3.2 / 5.0.0.rc1 Token Revocation
Posted Jul 17, 2018
Authored by Justin Bull, Roberto Ostinelli

Doorkeeper versions 4.2.0 through 4.3.2 and 5.0.0.rc1 suffer from a token revocation vulnerability.

tags | advisory
advisories | CVE-2018-1000211
MD5 | 4c001ecfde62cec59cb1065c6cc8e656
TP-Link Archer C2 Router 3.0 Remote Code Execution
Posted Jul 17, 2018
Authored by Ismail Tasdelen

TP-Link Archer C2 router version 3.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 1302020fff90f9bf889d5052ca5179b1
QNAP Q'Center change_passwd Command Execution
Posted Jul 17, 2018
Authored by Ivan Huertas, Brendan Coles | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the change_passwd API method within the web interface of QNAP Q'Center virtual appliance versions prior to 1.7.1083. The vulnerability allows the 'admin' privileged user account to execute arbitrary commands as the 'admin' operating system user. Valid credentials for the 'admin' user account are required, however, this module also exploits a separate password disclosure issue which allows any authenticated user to view the password set for the 'admin' user during first install. This Metasploit module has been tested successfully on QNAP Q'Center appliance version 1.6.1075.

tags | exploit, web, arbitrary
advisories | CVE-2018-0706, CVE-2018-0707
MD5 | 53cb0615ae05a91ee87abd7989407825
Nanopool Claymore Dual Miner APIs Remote Code Execution
Posted Jul 17, 2018
Authored by reversebrain at snado, phra at snado | Site metasploit.com

This Metasploit module takes advantage of miner remote manager APIs to exploit an remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-1000049
MD5 | 087e63649653e40f11058ac152fe30af
TOR Virtual Network Tunneling Tool 0.3.3.9
Posted Jul 17, 2018
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.3.9 moves to a new bridge authority, meaning people running bridge relays should upgrade.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 16b24bda0772dc3d5c4c05254ec4bce7
GNU Transport Layer Security Library 3.5.19
Posted Jul 17, 2018
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: Various updates.
tags | protocol, library
MD5 | 1002f4099ce11d785e9811099aaa59a6
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    14 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close