exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-12-18

Microsoft Windows jscript!JsArrayFunctionHeapSort Out-Of-Bounds Write
Posted Dec 18, 2018
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds write vulnerability in jscript.dll in the JsArrayFunctionHeapSort function. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network.

tags | exploit, local
advisories | CVE-2018-8631
SHA-256 | 44579881567c53e64a8aab7be8ad5b9de9c62e57487408187bfa4fe7b1adbd56
SDL Web Content Manager 8.5.0 XML Injection
Posted Dec 18, 2018
Authored by Ahmed Elhady Mohamed

SDL Web Content Manager version 8.5.0 suffers from an XML external entity injection vulnerability.

tags | exploit, web
advisories | CVE-2018-19371
SHA-256 | 2fda5ec43bfad50bcce9b38c70c67bc1f66aa66e741a3d57bde74a938d39f699
AnyBurn 4.3 Buffer Overflow / Denial Of Service
Posted Dec 18, 2018
Authored by Achilles

AnyBurn version 4.3 suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
SHA-256 | 329a83a9154f224e471a4f8a318eb233589b7bf71a625b507a8c8bce7ddd5300
Exel Password Recovery 8.2.0.0 Buffer Overflow / Denial Of Service
Posted Dec 18, 2018
Authored by Achilles

Exel Password Recovery version 8.2.0.0 suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
SHA-256 | 240883100f4e3a59a37f80a2b08d5dac6ffa6ea25b4e98c59c68659d0bb4c1c2
MegaPing Buffer Overflow / Denial Of Service
Posted Dec 18, 2018
Authored by Achilles

MegaPing suffers from buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
SHA-256 | 3771733e71abf4ccf921f7daf633291ab543c4b422c126faf6a88047b7d4e228
Nsauditor 3.0.28.0 Buffer Overflow
Posted Dec 18, 2018
Authored by Achilles

Nsauditor version 3.0.28.0 local SEH buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 8152f4393c9789912076e0de5b3d1c29df24163e03c2f7836e9b77b148b57c08
GRR 3.2.4.5
Posted Dec 18, 2018
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: This release is the last GRR release to work on a legacy AFF4-based datastore. Next generation datastore will also work on top of MySQL but will have a completely different schema, meaning that you will lose historical data with the next GRR upgrade. Tons of small (and not-so-small) bug fixes and code health improvements.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | 8e056afd847dd21c7f973764dd9065fee098707e13ea5afa65b4741683234e00
libexif 0.6.21 Denial Of Service
Posted Dec 18, 2018
Authored by Laurent Delosieres | Site secunia.com

Secunia Research has discovered a vulnerability in libexif, which can be exploited by malicious people to cause a DoS (Denial of Service). An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags can be exploited to exhaust available CPU resources. The vulnerability is confirmed in version 0.6.21. Other versions may also be affected.

tags | advisory, denial of service
advisories | CVE-2018-20030
SHA-256 | a3e0bd35e18db8d27c9c10475a90db33972c41764401685daf843f8770832532
LibRaw 0.19.0 Denial Of Service
Posted Dec 18, 2018
Authored by Laurent Delosieres | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). A type confusion error within the "unpacked_load_raw()" function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. An error within the "parse_rollei()" function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) can be exploited to exhaust available CPU resources. The vulnerabilities are confirmed in version 0.19.0 and reported in versions prior to 0.19.1.

tags | advisory, denial of service, vulnerability
advisories | CVE-2018-5817, CVE-2018-5818, CVE-2018-5819
SHA-256 | 3db5c91bb6c24888166cacb845b1ca20edac2ec4797287c3534c7c75400e4192
Red Hat Security Advisory 2018-3843-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3843-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-14646
SHA-256 | 24c105ddb0fdc5ca344569ee52fa527ba5e87cc14d0872695bdcd04d49254cdf
Red Hat Security Advisory 2018-3837-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3837-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
SHA-256 | 67b6c9709b4cc32ae29fa136f89639bdb330cd4a92370e48c6deb28ffbd5645d
Red Hat Security Advisory 2018-3838-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3838-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
SHA-256 | 216b698541f204cd77bbd73db491b87c343c3190e21eac68708424ddcd50df5f
Red Hat Security Advisory 2018-3835-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3835-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
SHA-256 | 2a94daecf51ca3dcddd8e0aedd95681c9f9b8f14a8ee04938db184638fb2648a
Red Hat Security Advisory 2018-3836-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3836-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
SHA-256 | 6088973fb3aff4c16c039efbc1c211150c71caee327c9cddb88887a4381c09f6
Red Hat Security Advisory 2018-3834-01
Posted Dec 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3834-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-15911, CVE-2018-16541, CVE-2018-16802, CVE-2018-17183, CVE-2018-17961, CVE-2018-18073, CVE-2018-18284, CVE-2018-19134, CVE-2018-19409
SHA-256 | f5f96e39e74386a862dbdf24dde2652838709fb7d29500c0d76bd6ebb2ae845e
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close