what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

Files Date: 2018-11-16

Intel Rapid Storage Technology User Interface And Driver 15.9.0.1015 DLL Hijacking
Posted Nov 16, 2018
Authored by Stefan Kanthak

Intel Rapid Storage Technology User Interface and Driver version 15.9.0.1015 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 588da88e53e05773cd51de3eafe1fcb5
Budabot 4.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ryan Delaney

Budabot versions 0.6 through 4.0 suffer from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-19290
MD5 | 84ba35e2fe35edb9c0652c9736039b25
Easy Outlook Express Recovery 2.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ihsan Sencan

Easy Outlook Express Recovery version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | d2d30131fbbad9a751ea1250ea90b324
Ubuntu Security Notice USN-3824-1
Posted Nov 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3824-1 - It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibly use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. Artem Smotrakov discovered that the HTTP client redirection handler implementation in OpenJDK did not clear potentially sensitive information in HTTP headers when following redirections to different hosts. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, java, web
systems | linux, ubuntu
advisories | CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180
MD5 | b3273044cedac842c5d7a28d003ecd0e
Mumsoft Easy Software 2.0 Denial Of Service
Posted Nov 16, 2018
Authored by Ihsan Sencan

Mumsoft Easy Software version 2.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 729855523fec92176326b56ceafac944
DomainMOD 4.11.01 Cross Site Scripting
Posted Nov 16, 2018
Authored by Dawood Ansar

DomainMOD versions 4.09.03 through 4.11.01 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19136
MD5 | 1f70ddfa1f1105f5475de8a37ba17c86
Helpdezk 1.1.1 Shell Upload
Posted Nov 16, 2018
Authored by Ihsan Sencan

Helpdezk version 1.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | cbacc0533908cb511a19e2bd2c3b95b4
Warranty Tracking System 11.06.3 SQL Injection
Posted Nov 16, 2018
Authored by Ihsan Sencan

Warranty Tracking System version 11.06.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 38b937df50beb67adf464aa65f5d5b5c
Kernel Live Patch Security Notice LSN-0045-1
Posted Nov 16, 2018
Authored by Benjamin M. Romer

It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2017-13168, CVE-2018-10880, CVE-2018-16658, CVE-2018-9363
MD5 | 87ee31d5637610e40009faa55f769c6d
Everus.org 1.0.9 Second Factor Redirection
Posted Nov 16, 2018
Authored by Muhammad Shahbaz

The Everus.org Android application version 1.0.9 has a fundamental design flaw where the client can send a random phone number during the second factor flow with an arbitrary existing user id and the server send the attacker the one time password for the other user.

tags | exploit, arbitrary
MD5 | 81b34424d2fb4ef2f76dd3982050a8b1
Linux Broken UID/GID Mapping
Posted Nov 16, 2018
Authored by Jann Horn, Google Security Research

Linux has a broken uid/gid mapping for nested user namespaces with greater than 5 ranges.

tags | exploit
systems | linux
advisories | CVE-2018-18955
MD5 | 5a4e9282df80bcac13075f0181391a8b
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close