what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2018-12-19

Bro Network Security Monitor 2.6.1
Posted Dec 19, 2018
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Introduced --enable-static-broker configuration option. Update submodules Broker v1.1.2 and SQLite 3.26.0.
tags | tool, intrusion detection
systems | unix
SHA-256 | d9718b83fdae0c76eea5254a4b9470304c4d1d3778687de9a4fe0b5dffea521b
Erlang Port Mapper Daemon Cookie Remote Code Execution
Posted Dec 19, 2018
Authored by Daniel Mende, wetw0rk | Site metasploit.com

The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie, remote code execution is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location.

tags | exploit, remote, code execution
SHA-256 | 8fd12f434db46fa81ba8c0025bc071fdc803952e508bc82dad352cbf0212aadb
VBScript MSXML Policy Bypass
Posted Dec 19, 2018
Authored by Ivan Fratric, Google Security Research

Starting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted Sites Zone by default. However, the VBScript execution policy does not appear to cover VBScript code in MSXML xsl files which can still execute VBScript, even when loaded from the Internet Zone.

tags | exploit
systems | windows
advisories | CVE-2018-8619
SHA-256 | b0f1afdfeed7b58164b0ac07caec27811ba02f778e45365490b8d741eb009e35
VBScript VbsErase Reference Leak
Posted Dec 19, 2018
Authored by Ivan Fratric, Google Security Research

There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions with the latest patches applied.

tags | exploit
systems | windows
advisories | CVE-2018-8625
SHA-256 | bbed7824f89e9377c1a62b7a38d9841ad9be96f597755fed927b3e56bee44b2c
Red Hat Security Advisory 2018-3854-01
Posted Dec 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3854-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-12327
SHA-256 | ecccca8405ce1ae112c4c9ef8699c52acaa7349eacd9444e706b1cc606052122
Red Hat Security Advisory 2018-3853-01
Posted Dec 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3853-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-12327
SHA-256 | 7d67828682276999308ce93378cd3811edc0d9b3565bdbef85add8ef9bf3f2bf
Rukovoditel Project Management CRM 2.3.1 Remote Code Execution
Posted Dec 19, 2018
Authored by Ozkan Mustafa Akkus | Site metasploit.com

Rukovoditel Project Management CRM version 2.3.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-20166
SHA-256 | 8a584cc6a1816c6b3a4fe23a1902ad4a7e8c221665ed7dd33f64ab8c95dde6b6
LanSpy 2.0.1.159 Local Buffer Overflow
Posted Dec 19, 2018
Authored by Juan Prescotto

LanSpy version 2.0.1.159 local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 3309894f13d2961ceb6dbe7be8467f2f9baa186fa92a1c081db4417f663dd7a9
PDF Explorer 1.5.66.2 SEH Buffer Overflow
Posted Dec 19, 2018
Authored by Achilles

PDF Explorer version 1.5.66.2 SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | f48e127b00a83012716677d4a1c5c49bb04840262f6489f05e55581876ba6547
IBM Operational Decision Manager 8.x XML Injection
Posted Dec 19, 2018
Authored by Mohamed M.Fouad

IBM Operational Decision Manager version 8.x suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2018-1821
SHA-256 | 18845ad07f984f9c6c27bb827621215c2f4825597c89ff7c09d4a0f5a8cf3466
Yeswiki Cercopitheque SQL Injection
Posted Dec 19, 2018
Authored by Mickael Brouty

Yeswiki Cercopitheque suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-13045
SHA-256 | 2191ee618f205f47d949b3798efa5fd260cfb4e592d66b79ca96cc83ced25bff
Integria IMS 5.0.83 Cross Site Scripting
Posted Dec 19, 2018
Authored by Javier Olmedo

Integria IMS version 5.0.83 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19828
SHA-256 | f5770dc8399dab6df8212ba01ad2c7655b3fbc8bf3d3f91de4d8036c00042f20
Integria IMS 5.0.83 Cross Site Request Forgery
Posted Dec 19, 2018
Authored by Javier Olmedo

Integria IMS version 5.0.83 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-19829
SHA-256 | 494dc73a5483a3b5258fb7d29a5efa5434ad403784af2cd871269d10874dfd8e
PassFab RAR 9.3.4 SEH Buffer Overflow
Posted Dec 19, 2018
Authored by Achilles

PassFab RAR version 9.3.2 SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 0604bdbbf645670711942446f2f53027b3d6fa359107f498e6d85edbb203fe9d
Linux/x64 Disable ASLR Security Shellcode
Posted Dec 19, 2018
Authored by Kagan Capar

93 bytes small Linux/x64 disable ASLR Security shellcode.

tags | shellcode
systems | linux
SHA-256 | bfba9bba35bda0b1441d416d81269e233df34a339d9d54d7b408201cb68de428
Linux Kernel 4.4 rtnetlink Stack Memory Disclosure
Posted Dec 19, 2018
Authored by Jinbum Park, Kangjie Lu

Linux kernel version 4.4 rtnetlink stack memory disclosure exploit.

tags | exploit, kernel, info disclosure
systems | linux
advisories | CVE-2016-4486
SHA-256 | 40764dc8fda6722111b000f9b935f1aa492b399d8ebb435a9ac60ad02ac3fbbc
Stegano 0.9.0
Posted Dec 19, 2018
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Added the possibility to shift the encoded bits when using the lsbset module.
tags | tool, encryption, steganography, python
systems | unix
SHA-256 | c23b61f48ebed1afc2c8e7b7ff7258ba4d71afa2e2d246d757fa1ad8754e5e79
Capstone 4.0
Posted Dec 19, 2018
Authored by Nguyen Anh Quynh | Site capstone-engine.org

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Changes: Release 4.0 is a stable release version, with important fixes in the core and several bindings against version 3.0.5.
tags | tool
systems | unix
SHA-256 | 26c6461618670d59215635602ef5fb6f90bf6724006983af88e4983d6af1e67a
Hotel Booking Script 3.4 Cross Site Request Forgery
Posted Dec 19, 2018
Authored by Sainadh Jamalpur

Hotel Booking Script version 3.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | b0b33614e3e299d840feadff31f0d475ed57f5729df9e5d4eeba3073ff28f8cf
VMware Security Advisory 2018-0031
Posted Dec 19, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0031 - vRealize Operations updates address a local privilege escalation vulnerability.

tags | advisory, local
advisories | CVE-2018-6978
SHA-256 | f41524536e72c476e12712b7fba94223e3194bcd61922bab81d01d639ea618bc
Red Hat Security Advisory 2018-3852-01
Posted Dec 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3852-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP25. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2018-13785, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3214
SHA-256 | 9d4f7bc666bf94a492aff063465bfd97a5d1aa5e574805c94c9ec1e09d2be252
Bolt CMS Cross Site Scripting
Posted Dec 19, 2018
Authored by Raif Berkay Dincel

Bolt CMS versions prior to 3.6.2 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19933
SHA-256 | facbd08aebdfb510077a57849161e0b3da809998e62d8c36f7fc0b7b5bf4ae81
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close