what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 394 RSS Feed

Files Date: 2018-08-01 to 2018-08-31

Android OS WiFi Broadcast Sensitive Data Exposure
Posted Aug 30, 2018
Authored by Yakov Shafranovich, Vilius Kraujutis | Site wwws.nightwatchcybersecurity.com

System broadcasts by Android OS expose information about the user's device to all applications running on the device. This includes the WiFi network name, BSSID, local IP addresses, DNS server information and the MAC address. Some of this information (MAC address) is no longer available via APIs on Android 6 and higher, and extra permissions are normally required to access the rest of this information. However, by listening to these broadcasts, any application on the device can capture this information thus bypassing any permission checks and existing mitigations.

tags | exploit, local, info disclosure
advisories | CVE-2018-9489
SHA-256 | 523ebc0e6847c2ff3858fa671185f0aded4e77fd712ecd694c1d059ae8df9760
Linux/MIPS64 execve(/bin/sh) Shellcode
Posted Aug 30, 2018
Authored by Antonio

48 bytes small Linux/MIPS64 execve(/bin/sh) shellcode.

tags | shellcode
systems | linux
SHA-256 | 56464e7a0776d9be456888e80242557c4985e57311bdb17c4b598c46c3171748
Eaton Xpert Meter 13.4.0.10 SSH Private Key Disclosure
Posted Aug 30, 2018
Authored by BrianWGray

Eaton Xpert Meter version 13.4.0.10 suffers from an SSH private key disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 9202527e403cd306b11b2ac0811f1dc28ab8b48ecd31c595d94593d5a1c8db5b
Micro Focus Security Bulletin MFSBGN03820 1
Posted Aug 30, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03820 1 - A potential vulnerability has been identified in Micro Focus Autopass License Server (APLS) available as part of Micro Focus Hybrid Cloud Management (HCM) containerized suites. The vulnerability could be exploited to Remote Code Execution. Revision 1 of this advisory.

tags | advisory, remote, code execution
advisories | CVE-2018-6499
SHA-256 | 2d61619a06d676e06eb6194e9e310405d9af8f5af14deeeb16794a2c247e7989
Micro Focus Security Bulletin MFSBGN03818 1
Posted Aug 30, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03818 1 - A potential vulnerability has been identified in Micro FocusContainer Deployment Foundation (CDF) available as part of Micro Focus Operations Bridge containerized suite. The vulnerabilities could be exploited to Remote Code Execution. Revision 1 of this advisory.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2018-6498
SHA-256 | 434ce79168901c4de4e54a19861be652cfb8972f7a11603853db68e982fe5c63
Micro Focus Security Bulletin MFSBGN03815 1
Posted Aug 30, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03815 1 - A potential vulnerabilities has been identified in Micro Focus Autopass License Server (APLS) and Container Deployment Foundation (CDF) available as part of Micro Focus Data Center Automation Containerized (DCA) suite. The vulnerabilities could be exploited to remote code execution. Revision 1 of this advisory.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2018-6498, CVE-2018-6499
SHA-256 | 92cc347b87900ab47e8d5d81001d8c92997d43e647ae08e4f7333be8488113dd
Micro Focus Security Bulletin MFSBGN03814 1
Posted Aug 30, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03814 1 - A potential vulnerabilities has been identified in Micro Focus Autopass License Server (APLS) and Container Deployment Foundation (CDF) available as part of Micro Focus Service Management Automation (SMA) containerized suites. The vulnerabilities could be exploited to Remote Code Execution. Revision 1 of this advisory.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2018-6498, CVE-2018-6499
SHA-256 | 66bdf24a6c3b8403b98e4f0e593e4e03ee3a86ded9ccc38f3fdaa47ff8bbd894
Micro Focus Security Bulletin MFSBGN03817 1
Posted Aug 30, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03817 1 - A potential vulnerability has been identified in Micro Focus Autopass License Server (APLS) available as part of Micro Focus Operations Bridge containerized suite. The vulnerabilities could be exploited to Remote Code Execution. Revision 1 of this advisory.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2018-6499
SHA-256 | 7f1aa2c2fe10375f9faaed80c930f6ff9cdac79689336fb113ef1592ca2b5365
Micro Focus Security Bulletin MFSBGN03813 1
Posted Aug 30, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03813 1 - A potential vulnerabilities has been identified in Micro Focus Autopass License Server (APLS) and Container Deployment Foundation (CDF) available as part of Micro Focus Network Operations Management (NOM) Suite CDF. The vulnerabilities could be exploited to Remote Code Execution. Revision 1 of this advisory.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2017-5647, CVE-2018-6498
SHA-256 | e0f22b9b84fc8081355ec2a3d521b33a94614093adcf2b9bd77407a8160b1634
Ubuntu Security Notice USN-3758-2
Posted Aug 30, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3758-2 - USN-3758-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 12.04 ESM. Tobias Stoeckmann discovered that libx11 incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7942, CVE-2016-7943, CVE-2018-14600
SHA-256 | b1d6792129f791160d4e56eab3a21ec99a7b958cec1b84aae3d82f43a420a4d0
Ubuntu Security Notice USN-3758-1
Posted Aug 30, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3758-1 - Tobias Stoeckmann discovered that libx11 incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information Tobias Stoeckmann discovered that libx11 incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information. It was discovered that libx11 incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-7942, CVE-2016-7943, CVE-2018-14600
SHA-256 | bd78445efe37ef2e6022b7e5233dcf492032651e8430f3d4a36415c1e023882c
Red Hat Security Advisory 2018-2602-01
Posted Aug 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2602-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include memory vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-3620, CVE-2018-3646
SHA-256 | f6b54b09c6a2d9f3064c6d9bccdcf343bb3d049d98acdfd1f89cf311ab6000f2
Cisco AnyConnect Secure Mobility Client 4.6.01099 Denial Of Service
Posted Aug 30, 2018
Authored by Luis Martinez

Cisco AnyConnect Secure Mobility Client version 4.6.01099 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | cisco
SHA-256 | c6e0c15d91b91207790a50bd4ffc241b9d7758952646e0f4bb8076175cafe939
Drive Power Manager 1.10 Denial Of Service
Posted Aug 30, 2018
Authored by Gionathan Reale

Drive Power Manager version 1.10 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 3df23975ba0689b6da9947d27de0b824350ced6c6cb57ef0b55c35d494e5195b
Signal Resource Exhaustion
Posted Aug 30, 2018
Authored by Nick M McKenna

Signal on iOS (createGenericPreview) fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed resulting in a forced restart of the device.

tags | advisory, denial of service
systems | ios
SHA-256 | 4ce0fd326dc93a64974504c4ab0ac1e15d0fa7780f726f470d93cae7645a7678
HD Tune Pro 5.70 Denial Of Service
Posted Aug 30, 2018
Authored by Gionathan Reale

HD Tune Pro version 5.70 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 578549ca9a80f6e1c767fb3aa608e678031207153ea6fb4d907b168213f947c8
Hack In The Box Dubai 2018 Call For Papers
Posted Aug 29, 2018
Site cfp.hackinthebox.org

The call for papers for the upcoming Hack in The Box Security Conference 2018 in Dubai is now open.

tags | paper, conference
SHA-256 | 87eb79eeed2134c3b12da6e709cd0ab600a1fb775a4d9d7a002313149b8ae23e
Micro Focus Security Bulletin MFSBGN03812 1
Posted Aug 29, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03812 1 - A potential security vulnerability has been identified in Micro Focus Application Performance Management. The vulnerability could be remotely exploited to remote cross-site tracing and Remote Disclosure of Information. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2004-2320, CVE-2007-3008
SHA-256 | 036ae2ebc4885aadfd00524527301c924ad6d398156ccf5f97b9ecd58df42728
Red Hat Security Advisory 2018-2598-01
Posted Aug 29, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2598-01 - OpenDaylight is a modular open platform for customizing and automating networks of any size and scale. The OpenDaylight Project arose out of the SDN movement, with a clear focus on network programmability. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-10237
SHA-256 | 52b6589c17a7e7105836c225c8116a4c762b274e3e99d888b8f0fa31bcb41619
Red Hat Security Advisory 2018-2603-01
Posted Aug 29, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2603-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include memory vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-3620, CVE-2018-3646
SHA-256 | 3d81e96dde42a990c58ceedf86f6ffc84242f9f9b4c00806585ade31a234b825
Red Hat Security Advisory 2018-2585-01
Posted Aug 29, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2585-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include code execution and information leakage vulnerabilities.

tags | advisory, remote, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-10855, CVE-2018-10874, CVE-2018-10875
SHA-256 | c2f7fbc80a1e3aef3f121319c8acd42c0aa36597f4908da7a0a51c7f2be8bcdd
Ubuntu Security Notice USN-3757-1
Posted Aug 29, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3757-1 - Hosein Askari discovered that poppler incorrectly handled certain PDF files. An attacker could possible use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-13988
SHA-256 | b86c980fc102c2b2063bceaad5f2650f8a38ec10c0c75e56c27c61a827da3c32
Debian Security Advisory 4281-1
Posted Aug 29, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4281-1 - Several issues were discovered in the Tomcat servlet and JSP engine. They could lead to unauthorized access to protected resources, denial-of-service, or information leak.

tags | advisory
systems | linux, debian
advisories | CVE-2018-1304, CVE-2018-1305, CVE-2018-1336, CVE-2018-8034, CVE-2018-8037
SHA-256 | 604c5094b1c4bc66945081a57708d07c2e803518e043a3487002861f782bc32c
Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted Aug 29, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to mitigate security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2018-3546, CVE-2018-3615, CVE-2018-3620
SHA-256 | ea856943ce3323e90a62f9f0444ae61a7c2cd21247544d82273f957d98b39be2
Intel Management Engine JTAG Buffer Overflow
Posted Aug 29, 2018
Authored by Dmitry Sklyarov, Maxim Goryachy, Mark Ermolov | Site ptsecurity.com

Proof of concept exploit that demonstrates a buffer overflow vulnerability in the Intel Management Engine as described in INTEL-SA-00086.

tags | exploit, overflow, proof of concept
SHA-256 | c02278512d883fa36838e5c564099cc4c6de0ef89e106b3e633e796c817b0fda
Page 1 of 16
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close