exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2018-09-06

Ghostscript Failed Restore Command Execution
Posted Sep 6, 2018
Authored by Tavis Ormandy, wvu | Site metasploit.com

This Metasploit module exploits a -dSAFER bypass in Ghostscript to execute arbitrary commands by handling a failed restore (grestore) in PostScript to disable LockSafetyParams and avoid invalidaccess. This vulnerability is reachable via libraries such as ImageMagick, and this module provides the latest vector for Ghostscript.

tags | exploit, arbitrary
advisories | CVE-2018-16509
SHA-256 | 9a18d75e03ae94b3478787aa8898389327fe3597f03bcf6872c9a239283731ae
Ubuntu Security Notice USN-3760-1
Posted Sep 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3760-1 - It was discovered that transfig incorrectly handled certain FIG files. An attacker could possibly use this to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-16140
SHA-256 | 17d61e26c4746d407d65fe27eb577e00ab7563f719d42bd8efc126401b9904bb
DokuWiki 2018-04-22a Greebo Arbitrary Code Execution
Posted Sep 6, 2018
Authored by Jean-Benjamin Rousseau | Site sec-consult.com

DokuWiki version 2018-04-22a Greebo suffers from a CSV formula injection vulnerability that allows for arbitrary code execution.

tags | exploit, arbitrary, code execution
advisories | CVE-2018-15474
SHA-256 | 38a0d8c9e2bdcd800dc35d4dc193605ee19bb114a8e64314caf3b92b9531141a
IDOR On ProConf Peer-Review And Conference Management 6.0 File Disclosure
Posted Sep 6, 2018
Authored by S. M. Zia Ur Rashid

IDOR on ProConf Peer-Review and Conference Management versions 6.0 and below suffer from an insecure direct object reference vulnerability that allows for file disclosure.

tags | exploit, info disclosure
advisories | CVE-2018-16606
SHA-256 | cf0a798397e6134737fc62d6ddc8c42553a30335d607055c61361acb9eaaa401
Cisco Umbrella Roaming Client 2.0.168 Privilege Escalation
Posted Sep 6, 2018
Authored by ParagonSec

Cisco Umbrella Roaming Client version 2.0.168 suffers from a privilege escalation vulnerability.

tags | exploit
systems | cisco
advisories | CVE-2018-0437, CVE-2018-0438
SHA-256 | 854cf7db0661e303d1f8f5b7c306d195ce2e38588bfe4d01a79185f9c9bd01a8
KONE KGC 4.6.4 DoS / Code Execution / LFI / Bypass
Posted Sep 6, 2018
Authored by Sebastian Neuner

KONE KGC versions 4.6.4 and below suffer from unauthenticated remote code execution, denial of service, local file inclusion, and missing FTP access control vulnerabilities.

tags | exploit, remote, denial of service, local, vulnerability, code execution, file inclusion
advisories | CVE-2018-15483, CVE-2018-15484, CVE-2018-15485, CVE-2018-15486
SHA-256 | 24a911638d8739b82ef739ff95871523a6aba5b8a61b2ae7d362519d4d6d759d
Slackware Security Advisory - Slackware 14.2 mozilla-thunderbird Updates
Posted Sep 6, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 0bde2d781a178c6362761a8be95bfb3ce4ff4263e4f481f42b4c1eef1ffc4194
Slackware Security Advisory - mozilla-firefox Updates
Posted Sep 6, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 28bd391a40713f1f274464b23e879a04c943294e8a0c4a3bbe24c3859b4bf2e3
Slackware Security Advisory - curl Updates
Posted Sep 6, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-14618
SHA-256 | 14096838d0d04a2c7293306d0348996f3bc0573fc8dac84c87bec5efcb0a8b1b
Slackware Security Advisory - ghostscript Updates
Posted Sep 6, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ghostscript packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 0ee3d64e3cd11cefb550aa4b74364a979ca8f647d10d1019f752f52fc9478e97
Debian Security Advisory 4286-1
Posted Sep 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4286-1 - Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2018-14618
SHA-256 | bbcf61aaad1ed97d1ae1784f4ceeac29a2930166d62674c6c527d9a84a30d1db
Debian Security Advisory 4285-1
Posted Sep 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4285-1 - Michael Kaczmarczik discovered a vulnerability in the web interface template editing function of Sympa, a mailing list manager. Owner and listmasters could use this flaw to create or modify arbitrary files in the server with privileges of sympa user or owner view list config files even if edit_list.conf prohibits it.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2018-1000550
SHA-256 | 5c2ba7cbb9fcd992151e2ae9f06b6209136ab9b39e986818b4270b3422c42f07
D-Link Dir-600M N150 Cross Site Scripting
Posted Sep 6, 2018
Authored by PUNIT DARJI

D-Link Dir-600M N150 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 444f11430a660b04c77652051691fc159b0b02f27a439acb64ed151f8e15d1ec
WirelessHART Fieldgate SWG70 3.0 Directory Traversal
Posted Sep 6, 2018
Authored by Hamit CIBO

WirelessHART Fieldgate SWG70 version 3.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | ae75355a974429fe425cf67424fe3abf2e45a54ecb442e56aedba29a976a9490
Jorani Leave Management System 0.6.5 SQL Injection
Posted Sep 6, 2018
Authored by Javier Olmedo

Jorani Leave Management System version 0.6.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-15918
SHA-256 | 47974d826b3ed08e2eaa6f2150d34c2ce21e673acda68c54fdc0ca5aa529ae0e
Jorani Leave Management System 0.6.5 Cross Site Scripting
Posted Sep 6, 2018
Authored by Javier Olmedo

Jorani Leave Management System version 0.6.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-15917
SHA-256 | 54e2aa00b5032b1aa0b8e795ccc7a6b48a9688e73edfa20ec16db0b59cdd6d4b
Apache Roller 5.0.3 XML Injection / File Disclosure
Posted Sep 6, 2018
Authored by Marko Jokic

Apache Roller version 5.0.3 suffers from an XML external entity injection vulnerability that allows for file disclosure.

tags | exploit
advisories | CVE-2014-0030
SHA-256 | be3369e92980b9a1ab61fa5a01afb6bc1276b06e7260e77f2a410fcd621f3d41
NetworkManager Daemon Command Execution
Posted Sep 6, 2018
Authored by Sameer Goyal, Felix Wilhelm

This is a small tutorial write up that provides a DynoRoot exploit proof of concept.

tags | exploit, proof of concept
advisories | CVE-2018-1111
SHA-256 | 05bd61cb8ce0024fe6348ca11ae1d9aa32b087a7faf6df353ddc2aface0c11eb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close