what you don't know can hurt you
Showing 1 - 22 of 22 RSS Feed

Files Date: 2018-12-19

Bro Network Security Monitor 2.6.1
Posted Dec 19, 2018
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Introduced --enable-static-broker configuration option. Update submodules Broker v1.1.2 and SQLite 3.26.0.
tags | tool, intrusion detection
systems | unix
MD5 | 36e2decedf77c20f09a3e11d59fdc2b2
Erlang Port Mapper Daemon Cookie Remote Code Execution
Posted Dec 19, 2018
Authored by Daniel Mende, wetw0rk | Site metasploit.com

The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie, remote code execution is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location.

tags | exploit, remote, code execution
MD5 | ea980adef717ce0ec6960332056abbb6
VBScript MSXML Policy Bypass
Posted Dec 19, 2018
Authored by Ivan Fratric, Google Security Research

Starting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted Sites Zone by default. However, the VBScript execution policy does not appear to cover VBScript code in MSXML xsl files which can still execute VBScript, even when loaded from the Internet Zone.

tags | exploit
systems | windows
advisories | CVE-2018-8619
MD5 | ce43b2ebae9f07a7d017a64ce3308636
VBScript VbsErase Reference Leak
Posted Dec 19, 2018
Authored by Ivan Fratric, Google Security Research

There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions with the latest patches applied.

tags | exploit
systems | windows
advisories | CVE-2018-8625
MD5 | 7a89325a4a9a9ce9b151cea5f6c4b348
Red Hat Security Advisory 2018-3854-01
Posted Dec 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3854-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-12327
MD5 | b2f856e34366cabe69e4a0386ef0f418
Red Hat Security Advisory 2018-3853-01
Posted Dec 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3853-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-12327
MD5 | 00170d48cd3b41bc9014faed4c824124
Rukovoditel Project Management CRM 2.3.1 Remote Code Execution
Posted Dec 19, 2018
Authored by Ozkan Mustafa Akkus | Site metasploit.com

Rukovoditel Project Management CRM version 2.3.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-20166
MD5 | bb4b1c852f4c2f4e19fe1e4a27ed7cb5
LanSpy 2.0.1.159 Local Buffer Overflow
Posted Dec 19, 2018
Authored by Juan Prescotto

LanSpy version 2.0.1.159 local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | f57831e625297bc1bd79f1570f67f976
PDF Explorer 1.5.66.2 SEH Buffer Overflow
Posted Dec 19, 2018
Authored by Achilles

PDF Explorer version 1.5.66.2 SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | 9b60c8ceaa8f6e517befa40a26f7ee67
IBM Operational Decision Manager 8.x XML Injection
Posted Dec 19, 2018
Authored by Mohamed M.Fouad

IBM Operational Decision Manager version 8.x suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2018-1821
MD5 | 1eef96af4928a2b0193e7f78a602066b
Yeswiki Cercopitheque SQL Injection
Posted Dec 19, 2018
Authored by Mickael Brouty

Yeswiki Cercopitheque suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-13045
MD5 | 82633b773fa2b08020edf9b69daf8363
Integria IMS 5.0.83 Cross Site Scripting
Posted Dec 19, 2018
Authored by Javier Olmedo

Integria IMS version 5.0.83 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19828
MD5 | aef2ed9863bf3c485893f68b56670969
Integria IMS 5.0.83 Cross Site Request Forgery
Posted Dec 19, 2018
Authored by Javier Olmedo

Integria IMS version 5.0.83 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-19829
MD5 | cf0e4354014d9f34be3dd051ce3eaaf5
PassFab RAR 9.3.4 SEH Buffer Overflow
Posted Dec 19, 2018
Authored by Achilles

PassFab RAR version 9.3.2 SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | ee87eae666d38dc3258ef3934645c890
Linux/x64 Disable ASLR Security Shellcode
Posted Dec 19, 2018
Authored by Kagan Capar

93 bytes small Linux/x64 disable ASLR Security shellcode.

tags | shellcode
systems | linux
MD5 | 11fc5e33653b258e60c96b8a189aedb8
Linux Kernel 4.4 rtnetlink Stack Memory Disclosure
Posted Dec 19, 2018
Authored by Jinbum Park, Kangjie Lu

Linux kernel version 4.4 rtnetlink stack memory disclosure exploit.

tags | exploit, kernel, info disclosure
systems | linux
advisories | CVE-2016-4486
MD5 | e3d5334afb0ed83e5e518e3fbe9fd294
Stegano 0.9.0
Posted Dec 19, 2018
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Added the possibility to shift the encoded bits when using the lsbset module.
tags | tool, encryption, steganography, python
systems | unix
MD5 | eb5d031d189778f14ad030751cf2b5ab
Capstone 4.0
Posted Dec 19, 2018
Authored by Nguyen Anh Quynh | Site capstone-engine.org

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Changes: Release 4.0 is a stable release version, with important fixes in the core and several bindings against version 3.0.5.
tags | tool
systems | unix
MD5 | 9b84acb86212cefeb1163f4e4668fc95
Hotel Booking Script 3.4 Cross Site Request Forgery
Posted Dec 19, 2018
Authored by Sainadh Jamalpur

Hotel Booking Script version 3.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 8425e4f971e9d347d3ab67726702fd84
VMware Security Advisory 2018-0031
Posted Dec 19, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0031 - vRealize Operations updates address a local privilege escalation vulnerability.

tags | advisory, local
advisories | CVE-2018-6978
MD5 | 9394c105969df49cc87514df90900e5d
Red Hat Security Advisory 2018-3852-01
Posted Dec 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3852-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP25. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2018-13785, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3214
MD5 | 03a0375dc79e857dab6612033adde31e
Bolt CMS Cross Site Scripting
Posted Dec 19, 2018
Authored by Raif Berkay Dincel

Bolt CMS versions prior to 3.6.2 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19933
MD5 | a700284260ebebb5e62bed22f685d761
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    32 Files
  • 20
    Feb 20th
    7 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close