exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2018-08-28

Faraday 3.0.1
Posted Aug 28, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Updated code to use Flask 1.0. Added threadfix integration (corp only). Fixed create_service fplugin. Executive report bug fixed on tags. Persistence server bug fixed on impact and ease of resolution. Various other updates and improvements.
tags | tool, rootkit
systems | unix
SHA-256 | 94e3405d2449394f4449f18b02472b43cafab01511a07812319b780545eec75d
Red Hat Security Advisory 2018-2572-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2572-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 6.4 will be retired as of February 28, 2019, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.4 AMC after February 28, 2019.

tags | advisory
systems | linux, redhat
SHA-256 | fdb6aa505d93686809c13d198cc2a804535e5e6ed5300c098904ef0da7b63fc3
Ubuntu Security Notice USN-3756-1
Posted Aug 28, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3756-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-3639, CVE-2018-3640, CVE-2018-3646
SHA-256 | 4d3e0fef07b4fa6cea9ef708a373c5f9e59546b79c7bad817f04b77621877e2f
Ubuntu Security Notice USN-3755-1
Posted Aug 28, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3755-1 - It was discovered that GD incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. It was discovered that GD incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-1000222, CVE-2018-5711
SHA-256 | af3eebe3f93ef0e1276ae9901097f86493484a7d3ac0d9d48410d132b8ffdf80
Red Hat Security Advisory 2018-2570-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2570-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-5740
SHA-256 | 253120ac3d5a1cc582da6df87b389508821eea55556219f9c098c1d3ff8f6e7c
WhatsApp 2.18.61 Memory Corruption
Posted Aug 28, 2018
Authored by Juan Sacco

WhatsApp version 2.18.61 suffers from a memory corruption vulnerability.

tags | exploit, denial of service
SHA-256 | 05f98770c14444ad83cddd23fdf265911dab07c1540b1184699a7badf9180432
Cisco Network Assistant 6.3.3 Denial Of Service
Posted Aug 28, 2018
Authored by Luis Martinez

Cisco Network Assistant version 6.3.3 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | cisco
SHA-256 | 06bfdd27cdd81a700680df765616c42350869863b9bd88df5cddfb49c7dd691a
Instagram App 41.1788.50991.0 Denial Of Service
Posted Aug 28, 2018
Authored by Ali Alipour

Instagram App version 41.1788.50991.0 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 19773d693baf656adb5bb92660a0ea4e3c6a258c1d0293bcdfdf65cff8a63442
SIPP 3.3 Stack-Based Overflow
Posted Aug 28, 2018
Authored by Juan Sacco

SIPP version 3.3 is prone to a local unauthenticated stack-based overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | f9a8a2ae3dd3fabf0391c08cc0e25a4650275a9a381a853ab709bfb0a1911291
Red Hat Security Advisory 2018-2569-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2569-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP30. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-12539, CVE-2018-1517, CVE-2018-1656, CVE-2018-2940, CVE-2018-2952, CVE-2018-2973
SHA-256 | 2b9eb923576c2783e71bbd165d8b900ace1dbb212be4907b730fb79db1aec912
Microsoft Windows ALPC Local Privilege Escalation
Posted Aug 28, 2018
Authored by SandboxEscaper

Microsoft Windows Advanced Local Procedure Call (ALPC) local privilege escalation exploit.

tags | exploit, local
systems | windows
SHA-256 | 72b0e5a43d223478f7a486b1ed1b7acbdfb0c2859f77ebe2af32a9a113ac1f44
Electron WebPreferences Remote Code Execution
Posted Aug 28, 2018
Authored by Matt Austin

Electron WebPreferences suffers from a remote code execution vulnerability. Versions affected include 3.0.0-beta.6, 2.0.7, 1.8.7, and 1.7.15.

tags | exploit, remote, code execution
advisories | CVE-2018-15685
SHA-256 | a641a73a84beacc9765a0594fd07c7aaa5f21b5c075d2b74e7da2f66ed14e583
Wayland wl_connection_demarshal() Out-Of-Bounds Memory Access
Posted Aug 28, 2018
Authored by Jann Horn, Google Security Research

Wayland suffers from an out-of-bounds memory access vulnerability in wl_connection_demarshal() on 32-bit systems.

tags | exploit
SHA-256 | a5b496aada6d3dd3afac34e9833a4bacdfe530c465d39fb4a1e110a1857e5b94
Microsoft Windows JScript RegExp.lastIndex Use-After-Free
Posted Aug 28, 2018
Authored by Ivan Fratric, Google Security Research

There is a use-after-free vulnerability in jscript.dll related to how the lastIndex property of a RegExp object is handled. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network. The vulnerability has been reproduced on multiple Windows versions with the most recent patches applied.

tags | exploit, local
systems | windows
advisories | CVE-2018-8353
SHA-256 | f62d6b1e08f80d9d1673d2fc9b2eeec824adb1729417fe99c60cc9f5f1203e01
Red Hat Security Advisory 2018-2571-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2571-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-5740
SHA-256 | 9c97fcca37429d76dd4735b04e9372618efe6fbbfc5cda020a00a45723751015
R 3.4.4 Bufer Overflow
Posted Aug 28, 2018
Authored by ZwX

R version 3.4.4 SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 67629e9cd8ab228fb6f2ea58dbcaff86b941af50ae1631468726595ee2201ce4
Red Hat Security Advisory 2018-2568-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2568-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2016-0705, CVE-2017-3732, CVE-2017-3736, CVE-2018-12539, CVE-2018-1517, CVE-2018-1656, CVE-2018-2940, CVE-2018-2952, CVE-2018-2973
SHA-256 | 81773aa1b0c169ccfc2ecf36d8c9f4c0317742188a742e2b2301bcb4c9f0dc85
CMS ISWEB 3.5.3 Cross Site Scripting
Posted Aug 28, 2018
Authored by Thiago Sena, Rafael Fontes Souza

CMS ISWEB version 3.5.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-15562
SHA-256 | 59d969b81475e2afd4ba7e12456e0534092ed5598a12475ccdf7e2ce8a53e996
D-Link DIR-601 2.02NA Privilege Escalation
Posted Aug 28, 2018
Authored by Kevin Randall

D-Link DIR-601 version 2.02NA suffers from a privilege escalation vulnerability.

tags | advisory
advisories | CVE-2018-12710
SHA-256 | 33474835141701c30736e8087db9ef916d7adae2878081c9250a53fa48299500
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close