what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 45 RSS Feed

Files Date: 2018-11-15

Asterisk Project Security Advisory - AST-2018-010
Posted Nov 15, 2018
Authored by Jan Hoffmann | Site asterisk.org

Asterisk Project Security Advisory - There is a buffer overflow vulnerability in dns_srv and dns_naptr functions of Asterisk that allows an attacker to crash Asterisk via a specially crafted DNS SRV or NAPTR response. The attacker's request causes Asterisk to segfault and crash.

tags | advisory, overflow
advisories | CVE-2018-17281
SHA-256 | a56d17dfbfb2b6944825ab3cff3e105b1980de74f095cb346ae3206c73979820
PHP-Proxy 5.1.0 Local File Inclusion
Posted Nov 15, 2018
Authored by Ameer Pornillos

PHP-Proxy version 5.1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, php, file inclusion
advisories | CVE-2018-19246
SHA-256 | f0ca6a202ddae17ea444fc29f7b815c94b62a46e46f24bebfd908a606e8ffb31
Ubuntu Security Notice USN-3823-1
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3823-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646
SHA-256 | 31f8e6ed4e51034194ee99c3c3f4111fc4a66b43bb164b2be0acf59e4a893bb3
WordPress Ninja Forms 3.3.17 Cross Site Scripting
Posted Nov 15, 2018
Authored by MTK

WordPress Ninja Forms version 3.3.17 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19287
SHA-256 | 963b1ae48c444869a69d47c024decc1fdd5ed66b0d4e4abf605e48d411637012
WordPress Custom Frontend Login Registration Form 1.01 Cross Site Scripting
Posted Nov 15, 2018
Authored by Socket_0x03

WordPress Custom Frontend Login Registration Form plugin version 1.01 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 2f11147bfad36e5d36f6e32c8fdda833f458c752b0028154d051337b801da16d
PHP Mass Mail 1.0 Shell Upload
Posted Nov 15, 2018
Authored by Ihsan Sencan

PHP Mass Mail version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
SHA-256 | e3c4e7188b06f9a56c41a0be715cb793b8eb4f0847415459397ac142b833df82
Red Hat Security Advisory 2018-3618-01
Posted Nov 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3618-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 31.0.0.148. Issues addressed include an information leakage vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-15978
SHA-256 | d36e316a44fa5a6267ccf0029b1c696b1b8493f082483c7337d9fd14006b1bc0
Ubuntu Security Notice USN-3822-2
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3822-2 - USN-3822-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9588, CVE-2017-13168, CVE-2017-16649, CVE-2018-16658, CVE-2018-9363
SHA-256 | 12f251d1b02cc09b2a7869afca47e925382c2467ba8f6d0eadc536cd46f72f36
2-Plan Team 1.0.4 Shell Upload
Posted Nov 15, 2018
Authored by Ihsan Sencan

2-Plan Team version 1.0.4 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 442fb96dd10d19f767e144b83668e57b11f58fc9ca341b451618d9fc470da457
Simple E-Document 1.31 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

Simple E-Document version 1.31 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6efe357134c7d6b607240bdbab0ecbc630c4ab7ffa79c8428e6d32c02a237504
Ubuntu Security Notice USN-3822-1
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3822-1 - Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service. It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9588, CVE-2017-13168, CVE-2017-16649, CVE-2018-16658, CVE-2018-9363
SHA-256 | 9f6d94f1901e1160d9a212fff4c9f220ff1ecdd77f62d48385aa6a8148a71140
Ubuntu Security Notice USN-3821-2
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3821-2 - USN-3821-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-10880, CVE-2018-13053, CVE-2018-13096, CVE-2018-14609, CVE-2018-14617, CVE-2018-17972, CVE-2018-18021
SHA-256 | 2b45d9df391d578d2bf6120f0c3781be981c031e4fcd0cab749bd0c70ec71961
Kordil EDMS 2.2.60rc3 Shell Upload
Posted Nov 15, 2018
Authored by Ihsan Sencan

Kordil EDMS version 2.2.60rc3 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, sql injection
SHA-256 | f72a98f4c0e9518173ad08f8480a4f55ab7b65614d15d7095122b05a34900cc5
Meneame English Pligg 5.8 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

Meneame English Pligg version 5.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5d3ec51ad553ecccb8acc37b8f502d96f1b506ec81ff3ef06816d9d48915dda4
EverSync 0.5 Arbitrary File Download
Posted Nov 15, 2018
Authored by Ihsan Sencan

EverSync version 0.5 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
SHA-256 | 1f94245865e6a4887db7be439b0a6fcd7fe5e266951e6feb027af50cd4738fbd
Ubuntu Security Notice USN-3817-2
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3817-2 - USN-3817-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2018-1000030, CVE-2018-1000802, CVE-2018-1061, CVE-2018-14647
SHA-256 | cb1574e89bac72af854da99e6193cfbfb3f0473a690d83816718c2897ab1315e
Ubuntu Security Notice USN-3821-1
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3821-1 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-10880, CVE-2018-13053, CVE-2018-13096, CVE-2018-14609, CVE-2018-14617, CVE-2018-17972, CVE-2018-18021
SHA-256 | 254ad91732f674016cc8c241e3bd94844f31ec3b8f719729a95810b24cec4ab4
Ubuntu Security Notice USN-3820-3
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3820-3 - Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-13168, CVE-2018-15471, CVE-2018-16658, CVE-2018-9363
SHA-256 | 27691f5c9bbbf2b22481fdaf983d898f49b6c8efcbae90eb0dd1b8f97d0bd701
Galaxy Forces MMORPG 0.5.8 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

Galaxy Forces MMORPG version 0.5.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 542ca72a0728a1b6e9f669a66a27e9f07461cd5160ae21c4ae7af03da6ce89e4
Net-Billetterie 2.9 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

Net-Billetterie version 2.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | faccdf3ed437e1fbdc892c103a8341cdbe460ef09c4493184ad108a78644716e
BiP Messenger Denial Of Service
Posted Nov 15, 2018
Authored by KnocKout

BiP Messenger suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 89cae9b8bd0155540d7eb5b47a45252724678bdf6ca15e07da455bd741120544
Apkatshu 1.0
Posted Nov 15, 2018
Authored by Abdeljalil Nouiri

Apkatshu is a tool for for extracting urls, emails, ip addresses, and interesting data from APK files. The user can choose either JADX or APKTOOL for de-compilation.

tags | tool
systems | unix
SHA-256 | 0a16eb2df6020b32b626ac9e2fa4521f69687f1d9436abc2e30d5674e1abd5f4
Malicious Git HTTP Server
Posted Nov 15, 2018
Site metasploit.com

This Metasploit module exploits CVE-2018-17456, which affects Git versions 2.14.5, 2.15.3, 2.16.5, 2.17.2, 2.18.1, and 2.19.1 and lower. When a submodule url which starts with a dash e.g "-u./payload" is passed as an argument to git clone, the file "payload" inside the repository is executed. This Metasploit module creates a fake git repository which contains a submodule containing the vulnerability. The vulnerability is triggered when the submodules are initialized.

tags | exploit
advisories | CVE-2018-17456
SHA-256 | 5e9e44960e6f06d93f426ccf255b7325e10a8e4880af47ebb08bf7796333190e
Ubuntu Security Notice USN-3820-2
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3820-2 - USN-3820-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13168, CVE-2018-15471, CVE-2018-16658, CVE-2018-9363
SHA-256 | d909cd2e86e3dde5d46e66b9cb445a01b6dedcccaa02601d20cef8194c59b797
BitZoom 1.0 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

BitZoom version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ab872a1a59749c409496abc84e0ebdf7ceb655d34d139e1aa68ff1baa9f64d2f
Page 1 of 2
Back12Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close