Twenty Year Anniversary
Showing 1 - 19 of 19 RSS Feed

Files Date: 2018-08-28

Faraday 3.0.1
Posted Aug 28, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Updated code to use Flask 1.0. Added threadfix integration (corp only). Fixed create_service fplugin. Executive report bug fixed on tags. Persistence server bug fixed on impact and ease of resolution. Various other updates and improvements.
tags | tool, rootkit
systems | unix
MD5 | 9b87ff400a365997e33259495ae6c199
Red Hat Security Advisory 2018-2572-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2572-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 6.4 will be retired as of February 28, 2019, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.4 AMC after February 28, 2019.

tags | advisory
systems | linux, redhat
MD5 | e04aaf249c5879fc3dd2c2c508c7edb3
Ubuntu Security Notice USN-3756-1
Posted Aug 28, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3756-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-3639, CVE-2018-3640, CVE-2018-3646
MD5 | 0beb2e2ffd5d058e98df53cffa756afb
Ubuntu Security Notice USN-3755-1
Posted Aug 28, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3755-1 - It was discovered that GD incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. It was discovered that GD incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-1000222, CVE-2018-5711
MD5 | 56d9031d70fa876968c2b397983064af
Red Hat Security Advisory 2018-2570-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2570-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-5740
MD5 | 51538ebca6acb42b0c4dd23594565fde
WhatsApp 2.18.61 Memory Corruption
Posted Aug 28, 2018
Authored by Juan Sacco

WhatsApp version 2.18.61 suffers from a memory corruption vulnerability.

tags | exploit, denial of service
MD5 | 4e0f56a67db6bc6666fda14e307078c1
Cisco Network Assistant 6.3.3 Denial Of Service
Posted Aug 28, 2018
Authored by Luis Martinez

Cisco Network Assistant version 6.3.3 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | cisco
MD5 | 375bcf577cae1bcc14c321a3df4e319b
Instagram App 41.1788.50991.0 Denial Of Service
Posted Aug 28, 2018
Authored by Ali Alipour

Instagram App version 41.1788.50991.0 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | d250cf3b65102adc33e62130fafa81c9
SIPP 3.3 Stack-Based Overflow
Posted Aug 28, 2018
Authored by Juan Sacco

SIPP version 3.3 is prone to a local unauthenticated stack-based overflow vulnerability.

tags | exploit, overflow, local
MD5 | 5459f811bc8d030cf2944fee6f093f97
Red Hat Security Advisory 2018-2569-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2569-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP30. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-12539, CVE-2018-1517, CVE-2018-1656, CVE-2018-2940, CVE-2018-2952, CVE-2018-2973
MD5 | fd6cee4c2296b72a893680a2a7742731
Microsoft Windows ALPC Local Privilege Escalation
Posted Aug 28, 2018
Authored by SandboxEscaper

Microsoft Windows Advanced Local Procedure Call (ALPC) local privilege escalation exploit.

tags | exploit, local
systems | windows
MD5 | dd5537a9a63d2a59cbd7132605107e01
Electron WebPreferences Remote Code Execution
Posted Aug 28, 2018
Authored by Matt Austin

Electron WebPreferences suffers from a remote code execution vulnerability. Versions affected include 3.0.0-beta.6, 2.0.7, 1.8.7, and 1.7.15.

tags | exploit, remote, code execution
advisories | CVE-2018-15685
MD5 | b97fd525f5d8575e62b770c0373ee541
Wayland wl_connection_demarshal() Out-Of-Bounds Memory Access
Posted Aug 28, 2018
Authored by Jann Horn, Google Security Research

Wayland suffers from an out-of-bounds memory access vulnerability in wl_connection_demarshal() on 32-bit systems.

tags | exploit
MD5 | d6df3a560088b2c39f11b2f8dc3a2c2d
Microsoft Windows JScript RegExp.lastIndex Use-After-Free
Posted Aug 28, 2018
Authored by Ivan Fratric, Google Security Research

There is a use-after-free vulnerability in jscript.dll related to how the lastIndex property of a RegExp object is handled. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network. The vulnerability has been reproduced on multiple Windows versions with the most recent patches applied.

tags | exploit, local
systems | windows
advisories | CVE-2018-8353
MD5 | b2cf3dec9e5bd796bccbeb593fafdabd
Red Hat Security Advisory 2018-2571-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2571-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-5740
MD5 | ac2c868d9370e0325dea88a496720f41
R 3.4.4 Bufer Overflow
Posted Aug 28, 2018
Authored by ZwX

R version 3.4.4 SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | 1db1952acecc95124cd66f842bf3baa1
Red Hat Security Advisory 2018-2568-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2568-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2016-0705, CVE-2017-3732, CVE-2017-3736, CVE-2018-12539, CVE-2018-1517, CVE-2018-1656, CVE-2018-2940, CVE-2018-2952, CVE-2018-2973
MD5 | 3a1822031b490afb1e845767588d47ee
CMS ISWEB 3.5.3 Cross Site Scripting
Posted Aug 28, 2018
Authored by Thiago Sena, Rafael Fontes Souza

CMS ISWEB version 3.5.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-15562
MD5 | b146bc506b19d35f6ffdf73dbaf37bb2
D-Link DIR-601 2.02NA Privilege Escalation
Posted Aug 28, 2018
Authored by Kevin Randall

D-Link DIR-601 version 2.02NA suffers from a privilege escalation vulnerability.

tags | advisory
advisories | CVE-2018-12710
MD5 | 6545ca3812cbc05eaebd389ef87a4378
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    14 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close