exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-12-18

Microsoft Windows jscript!JsArrayFunctionHeapSort Out-Of-Bounds Write
Posted Dec 18, 2018
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds write vulnerability in jscript.dll in the JsArrayFunctionHeapSort function. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network.

tags | exploit, local
advisories | CVE-2018-8631
MD5 | 82afb637d0f91a3f4210fbcfc5b8c0ea
SDL Web Content Manager 8.5.0 XML Injection
Posted Dec 18, 2018
Authored by Ahmed Elhady Mohamed

SDL Web Content Manager version 8.5.0 suffers from an XML external entity injection vulnerability.

tags | exploit, web
advisories | CVE-2018-19371
MD5 | 8c888db318e22cc6df0250cb0808f558
AnyBurn 4.3 Buffer Overflow / Denial Of Service
Posted Dec 18, 2018
Authored by Achilles

AnyBurn version 4.3 suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
MD5 | 11fe2d89ed7111e661c96efc9b77f9bf
Exel Password Recovery 8.2.0.0 Buffer Overflow / Denial Of Service
Posted Dec 18, 2018
Authored by Achilles

Exel Password Recovery version 8.2.0.0 suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
MD5 | fb1b20d2ea20a2a54e50398fca81a0f5
MegaPing Buffer Overflow / Denial Of Service
Posted Dec 18, 2018
Authored by Achilles

MegaPing suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
MD5 | 4f993ec68f3b92b3eb9facb5ae4b74d0
Nsauditor 3.0.28.0 Buffer Overflow
Posted Dec 18, 2018
Authored by Achilles

Nsauditor version 3.0.28.0 local SEH buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 4403f3b06be568cac89b7deeb70db266
GRR 3.2.4.5
Posted Dec 18, 2018
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: This release is the last GRR release to work on a legacy AFF4-based datastore. Next generation datastore will also work on top of MySQL but will have a completely different schema, meaning that you will lose historical data with the next GRR upgrade. Tons of small (and not-so-small) bug fixes and code health improvements.
tags | tool, remote, web, forensics
systems | unix
MD5 | 75619a460295d7f2c168d79170733881
libexif 0.6.21 Denial Of Service
Posted Dec 18, 2018
Authored by Laurent Delosieres | Site secunia.com

Secunia Research has discovered a vulnerability in libexif, which can be exploited by malicious people to cause a DoS (Denial of Service). An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags can be exploited to exhaust available CPU resources. The vulnerability is confirmed in version 0.6.21. Other versions may also be affected.

tags | advisory, denial of service
advisories | CVE-2018-20030
MD5 | 29c57c22c14c9c4f8e851faf5734e12a
LibRaw 0.19.0 Denial Of Service
Posted Dec 18, 2018
Authored by Laurent Delosieres | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). A type confusion error within the "unpacked_load_raw()" function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. An error within the "parse_rollei()" function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) can be exploited to exhaust available CPU resources. The vulnerabilities are confirmed in version 0.19.0 and reported in versions prior to 0.19.1.

tags | advisory, denial of service, vulnerability
advisories | CVE-2018-5817, CVE-2018-5818, CVE-2018-5819
MD5 | 0faf37732e8bde87297a574b68f0618f
Red Hat Security Advisory 2018-3843-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3843-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-14646
MD5 | be747182672ea287c81daf5428bf722b
Red Hat Security Advisory 2018-3837-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3837-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
MD5 | d86435ee537e8acc01b3e7365e5dc0cf
Red Hat Security Advisory 2018-3838-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3838-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
MD5 | 2389e9ffae0b436a8ea5353d47d21c7f
Red Hat Security Advisory 2018-3835-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3835-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
MD5 | 843c3fcab71a0f1c520833b04a9d0c16
Red Hat Security Advisory 2018-3836-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3836-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
MD5 | 73d7c1bb1b278cce1172b22d13d9bf34
Red Hat Security Advisory 2018-3834-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3834-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-15911, CVE-2018-16541, CVE-2018-16802, CVE-2018-17183, CVE-2018-17961, CVE-2018-18073, CVE-2018-18284, CVE-2018-19134, CVE-2018-19409
MD5 | 13ceec5f516340e8b6b6af0e46df4f75
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    3 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close