exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2018-09-11

OpenSSL Toolkit 1.1.1
Posted Sep 11, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added a new ClientHello callback. Added SM2 base algorithm support. Various other updates.
tags | tool, encryption, protocol
systems | unix
SHA-256 | 2836875a0f89c03d0fdf483941512613a50cfb421d6fd94b9f41d7279d586a3d
Kernel Live Patch Security Notice LSN-0043-1
Posted Sep 11, 2018
Authored by Benjamin M. Romer

Piotr Gabriel Kosinski and Daniel Shapira discovered a stack-based buffer overflow in the CDROM driver implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Jann Horn discovered that the ext4 filesystem implementation in the Linux kernel did not properly keep xattr information consistent in some situations. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues have also been addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux
advisories | CVE-2018-11412, CVE-2018-11506, CVE-2018-12233, CVE-2018-13405, CVE-2018-13406
SHA-256 | 0b4cb189d586aa4429e71fb9b98e664320f3da97740056519640d0e0b2c10d5f
Debian Security Advisory 4290-1
Posted Sep 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4290-1 - Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or the execution of arbitrary code if a specially crafted file is opened.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-14346, CVE-2018-14347, CVE-2018-16430
SHA-256 | 22f2b4197f107ee0924e3d5f0ca28d3ef60181f207deefbe95c481d80c8c2480
Red Hat Security Advisory 2018-2669-01
Posted Sep 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2669-01 - Red Hat Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. This release of Red Hat Fuse 7.1 serves as a replacement for Red Hat Fuse 7.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, path sanitization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2014-0114, CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340, CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346, CVE-2016-1000352, CVE-2016-5397, CVE-2017-14063, CVE-2018-1000129, CVE-2018-1000130, CVE-2018-1000180, CVE-2018-1114, CVE-2018-1271, CVE-2018-1272, CVE-2018-1338, CVE-2018-1339, CVE-2018-8036, CVE-2018-8088
SHA-256 | 7b3635d1483cb247ae4e0a03ee8632f66f34f0c49a1302091a6f17cc60f5582a
Ubuntu Security Notice USN-3763-1
Posted Sep 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3763-1 - Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, tcp
systems | linux, ubuntu
advisories | CVE-2018-5390
SHA-256 | af757be9a3cb9a2115bc8f7d6b07accaaaeb4cad1048d30ea6367f5f8e5b41a8
Ubuntu Security Notice USN-3762-2
Posted Sep 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3762-2 - USN-3762-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13695, CVE-2018-1118
SHA-256 | 6e79c399550da9e5f2d65235c96cd25197d47c0c2c5fc42a6e85ba9fbffca2ba
Ubuntu Security Notice USN-3762-1
Posted Sep 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3762-1 - It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information. Seunghun Han discovered an information leak in the ACPI handling code in the Linux kernel when handling early termination of ACPI table loading. A local attacker could use this to expose sensitive informal. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-13695, CVE-2018-1118
SHA-256 | e9c161e0f73509d01d47ed89b3f97e88172195fd7fd7ba9faed0403af86c007e
Tor Browser 7.x NoScript Bypass
Posted Sep 11, 2018
Authored by x0rz

Tor Browser version 7.x suffers from a NoScript bypass vulnerability.

tags | exploit, bypass
SHA-256 | c7cbc690e6ce441b67740959e46cc076f076bba52d5261676360c965fb4bc986
SynaMan 40 Build 1488 SMTP Credential Disclosure
Posted Sep 11, 2018
Authored by bzyo

SynaMan version 4.0 build 1488 suffers from an SMTP credential disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2018-10814
SHA-256 | 49eeb10e413f5dc28d5286dd6254ab00d1a91a02b238bb5911ca61c5255e9cfd
TOR Virtual Network Tunneling Tool 0.3.4.8
Posted Sep 11, 2018
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: The Tor 0.3.4 series includes improvements for running Tor in low-power and embedded environments, which should help performance in general.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 826a4cb2c099a29c7cf91516ffffcfcb5aace7533b8853a8c8bddcfe2bfb1023
Android Privilege Escalation
Posted Sep 11, 2018
Authored by Jann Horn, Google Security Research

Android suffers from a privilege escalation vulnerability in zygote that can be leveraged by CVE-2018-9445.

tags | exploit
advisories | CVE-2018-9445, CVE-2018-9488
SHA-256 | 07e2c94cf5dbc0bdc093f47b38ee2d8af3fbfc550336946724f110edbbd2295f
Red Hat Security Advisory 2018-2666-01
Posted Sep 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2666-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 69.0.3497.81. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-16065, CVE-2018-16066, CVE-2018-16067, CVE-2018-16068, CVE-2018-16069, CVE-2018-16070, CVE-2018-16071, CVE-2018-16073, CVE-2018-16074, CVE-2018-16075, CVE-2018-16076, CVE-2018-16077, CVE-2018-16078, CVE-2018-16079, CVE-2018-16080, CVE-2018-16081, CVE-2018-16082, CVE-2018-16083, CVE-2018-16084, CVE-2018-16085, CVE-2018-16086, CVE-2018-16087, CVE-2018-16088
SHA-256 | 715c4bf8fad5d331fd2f662402160ba5024ee90eade1e6a71edc4c46d5f3c21a
Red Hat Security Advisory 2018-2664-01
Posted Sep 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2664-01 - Red Hat JBoss Enterprise Application Platform 5.2 is a platform for Java applications based on jbossas. This asynchronous patch is a security update for RichFaces and Apache CXF packages in Red Hat JBoss Enterprise Application Platform 5.2. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2018-12533
SHA-256 | 79ab86859884f6b160f333016f09490207a742effd0c508ef3b11a88508c751d
Red Hat Security Advisory 2018-2663-01
Posted Sep 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2663-01 - Red Hat JBoss Enterprise Application Platform 5.2 is a platform for Java applications based on jbossas. This asynchronous patch is a security update for RichFaces and Apache CXF packages in Red Hat JBoss Enterprise Application Platform 5.2. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2018-12533
SHA-256 | 7f5583169a95da4dd622a3a069e255ee7ffb4856e1940e9bde03305afa2369db
Easy File Sharing Web Server 6.9 Buffer Overflow
Posted Sep 11, 2018
Authored by Hodorsec

Easy File Sharing Web Server version 6.9 POST msg.ghp UserID remote buffer overflow SEH exploit with DEP bypass and ROP.

tags | exploit, remote, web, overflow
SHA-256 | 5052bd3ade9eabb5408d9af16042f88ccdd5c0093460e58e70f4514aa17d56cc
Tor Browser 7.0.8 Information Disclosure
Posted Sep 11, 2018
Authored by Filippo Cavallarin

This write up holds the details for the Tor Browser information disclosure vulnerability as discussed in CVE-2017-16541. Version 7.0.8 is affected.

tags | exploit, info disclosure
advisories | CVE-2017-16541
SHA-256 | 4ed16754b37c2476bf294cfab2a1eb58af360139efcb739037c86ca15edba311
Linux Insufficient Shootdown For Paging-Structure Caches
Posted Sep 11, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from an insufficient shootdown for paging-structure caches.

tags | exploit
systems | linux
SHA-256 | 32e5a4bd6f757fe452ac7e750d0af567a328b2a378460854b5ae256e468c4523
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close