exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-10-10

OpenSCAP Libraries 1.3.0
Posted Oct 10, 2018
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Added Microsoft Windows CPEs. oscap-ssh can supply SSH options into an environment variable. Verbose mode is a global option in all modules. Various other updates.
tags | protocol, library
systems | unix
SHA-256 | b5afe81eb97b7ad0d469eb79d4c67be6a0d49a49fcd468a813044564e9e61f88
XMeye P2P Cloud Remote Code Execution / Integrity Issues
Posted Oct 10, 2018
Authored by Stefan Viehboeck | Site sec-consult.com

XMeye P2P Cloud used with Xiongmai IP Cameras, NVRs and DVRs suffer from predictable Cloud IDs, default admin password, and various other issues that can result in remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2018-17915, CVE-2018-17917, CVE-2018-17919
SHA-256 | 91c7dfdf6aeb957aa46e50283fc95205a17b991e8e99993f7b09e7fd6a521bdb
jQuery-File-Upload 9.22.0 Arbitrary File Upload
Posted Oct 10, 2018
Authored by Larry W. Cashdollar

jQuery-File-Upload versions 9.22.0 and below suffer from an unauthenticated arbitrary file upload vulnerability that allows for remote command execution.

tags | exploit, remote, arbitrary, file upload
SHA-256 | 9b9e155688817d68e773b78e64aa874b246af6c757592c38ac8faeace00f863c
Ubuntu Security Notice USN-3787-1
Posted Oct 10, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3787-1 - It was discovered that Tomcat incorrectly handled returning redirects to a directory. A remote attacker could possibly use this issue with a specially crafted URL to redirect to arbitrary URIs.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-11784
SHA-256 | 45be2d5a126cec79d3d3bfd4b9ca81d251cefa375c31302c5472f2304c932cba
Ubuntu Security Notice USN-3781-2
Posted Oct 10, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3781-2 - USN-3781-1 fixed vulnerabilities in WebKitGTK+. The updated package was missing some header files, preventing certain applications from building. This update fixes the problem. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, arbitrary, javascript, vulnerability, code execution, xss
systems | linux, ubuntu
SHA-256 | 2b00f712e0276977a856acf715b8a2c3ec35dcfa43d7209bc7def4294c7d955a
Red Hat Security Advisory 2018-2902-01
Posted Oct 10, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2902-01 - .NET Core is a managed software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address several security vulnerabilities are now available. The updated versions are .NET Core 1.1.1 and 1.0.13. These versions correspond to the October 2018 security release by .NET Core upstream projects. Issues addressed include an information leakage vulnerability.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2018-8292
SHA-256 | 340cc14988a0eb7e4c0ff80ec415d0603518d27ac97d50efb79928018ac10edd
Mikrotik RouterOS Remote Root
Posted Oct 10, 2018
Authored by Jacob Baines

Mikrotik RouterOS versions 6.x suffer from a remote root code execution vulnerability.

tags | exploit, remote, root, code execution
advisories | CVE-2018-14847
SHA-256 | 3f8c52b062ca67ece824e00c875d47df8ead0831abf8803a9a4a87310336aa60
Delta Electronics Delta Industrial Automation COMMGR 1.08 Buffer Overflow
Posted Oct 10, 2018
Authored by t4rkd3vilz

Delta Electronics Delta Industrial Automation COMMGR versions 1.08 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2018-10594
SHA-256 | 21735127472d0f336789c979a9109de253aab1f1853d7a1f0e0ccc5036d23af0
VMware Security Advisory 2018-0025
Posted Oct 10, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0025 - VMware ESXi, Workstation, and Fusion workarounds address a denial-of-service vulnerability.

tags | advisory
advisories | CVE-2018-6977
SHA-256 | 170ccb20869d99e8a32ef8b0b7c44a0aec599b17afce56a2e985c666dca076a4
Red Hat Security Advisory 2018-2892-01
Posted Oct 10, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2892-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. The glusterfs packages have been upgraded to upstream version 3.12.2, which provides a number of bug fixes over the previous version. Issues addressed include a deserialization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10911
SHA-256 | c74a6ba2d605744c4a758a3aa05578ffb837837c83e15f3771cb4831872b1908
Ektron CMS 9.20 SP2 Improper Access Restrictions
Posted Oct 10, 2018
Authored by Alt3kx

Ektron CMS version 9.20 SP2 suffers from an improper access restriction vulnerability.

tags | exploit
advisories | CVE-2018-12596
SHA-256 | fd1f946762d555d6b36ddb6d80407a3437fbb0467bbad67303c164182e27d9fb
Wikidforum 2.20 SQL Injection
Posted Oct 10, 2018
Authored by Ihsan Sencan

Wikidforum version 2.20 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dcb75325ddd42b71802df4f523edd1fcd902226093356ce633a732f40cd339bf
FileZilla 3.33 Buffer Overflow
Posted Oct 10, 2018
Authored by Kagan Capar

FileZilla version 3.33 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 2ed2bdf8b9a0fc35523cab82487fa2c70c2d1658b7a287a0d3e306989bb53b0d
TestSSL 3.0rc2
Posted Oct 10, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Partly addresses TCP fragmentation. Added name check for XMPP servers. Added support for STARTTLS LMTP. TLS 1.3 and OpenSSL 1.1.1 fixes.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 9c78313a1926e455e5a89e22c093d3d0d6165d5c03e766c754ec141f3c00580f
LOKIDN - Lapse Of Keyboard At Internationalized Domain Name
Posted Oct 10, 2018
Authored by Ozkan Mustafa Akkus

Whitepaper called LOKIDN - Lapse of Keyboard at Internationalized Domain Name.

tags | paper
SHA-256 | 9350c60f34392d28e37a855ba1a59aaeace47cc0db7171332b2ab4d53f6edadd
Client Side Injection On Web Applications
Posted Oct 10, 2018
Authored by Milad Khoshdel

Whitepaper called Client Side Injection on Web Applications.

tags | paper, web
SHA-256 | 05b69e6f5fef3bde99785bc70b216354a124bbcbf8099e03d89577ab3fc8a5da
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close