what you don't know can hurt you
Showing 1 - 22 of 22 RSS Feed

Files Date: 2018-12-19

Bro Network Security Monitor 2.6.1
Posted Dec 19, 2018
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Introduced --enable-static-broker configuration option. Update submodules Broker v1.1.2 and SQLite 3.26.0.
tags | tool, intrusion detection
systems | unix
MD5 | 36e2decedf77c20f09a3e11d59fdc2b2
Erlang Port Mapper Daemon Cookie Remote Code Execution
Posted Dec 19, 2018
Authored by Daniel Mende, wetw0rk | Site metasploit.com

The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie, remote code execution is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location.

tags | exploit, remote, code execution
MD5 | ea980adef717ce0ec6960332056abbb6
VBScript MSXML Policy Bypass
Posted Dec 19, 2018
Authored by Ivan Fratric, Google Security Research

Starting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted Sites Zone by default. However, the VBScript execution policy does not appear to cover VBScript code in MSXML xsl files which can still execute VBScript, even when loaded from the Internet Zone.

tags | exploit
systems | windows
advisories | CVE-2018-8619
MD5 | ce43b2ebae9f07a7d017a64ce3308636
VBScript VbsErase Reference Leak
Posted Dec 19, 2018
Authored by Ivan Fratric, Google Security Research

There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions with the latest patches applied.

tags | exploit
systems | windows
advisories | CVE-2018-8625
MD5 | 7a89325a4a9a9ce9b151cea5f6c4b348
Red Hat Security Advisory 2018-3854-01
Posted Dec 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3854-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-12327
MD5 | b2f856e34366cabe69e4a0386ef0f418
Red Hat Security Advisory 2018-3853-01
Posted Dec 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3853-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-12327
MD5 | 00170d48cd3b41bc9014faed4c824124
Rukovoditel Project Management CRM 2.3.1 Remote Code Execution
Posted Dec 19, 2018
Authored by Ozkan Mustafa Akkus | Site metasploit.com

Rukovoditel Project Management CRM version 2.3.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-20166
MD5 | bb4b1c852f4c2f4e19fe1e4a27ed7cb5
LanSpy 2.0.1.159 Local Buffer Overflow
Posted Dec 19, 2018
Authored by Juan Prescotto

LanSpy version 2.0.1.159 local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | f57831e625297bc1bd79f1570f67f976
PDF Explorer 1.5.66.2 SEH Buffer Overflow
Posted Dec 19, 2018
Authored by Achilles

PDF Explorer version 1.5.66.2 SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | 9b60c8ceaa8f6e517befa40a26f7ee67
IBM Operational Decision Manager 8.x XML Injection
Posted Dec 19, 2018
Authored by Mohamed M.Fouad

IBM Operational Decision Manager version 8.x suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2018-1821
MD5 | 1eef96af4928a2b0193e7f78a602066b
Yeswiki Cercopitheque SQL Injection
Posted Dec 19, 2018
Authored by Mickael Brouty

Yeswiki Cercopitheque suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-13045
MD5 | 82633b773fa2b08020edf9b69daf8363
Integria IMS 5.0.83 Cross Site Scripting
Posted Dec 19, 2018
Authored by Javier Olmedo

Integria IMS version 5.0.83 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19828
MD5 | aef2ed9863bf3c485893f68b56670969
Integria IMS 5.0.83 Cross Site Request Forgery
Posted Dec 19, 2018
Authored by Javier Olmedo

Integria IMS version 5.0.83 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-19829
MD5 | cf0e4354014d9f34be3dd051ce3eaaf5
PassFab RAR 9.3.4 SEH Buffer Overflow
Posted Dec 19, 2018
Authored by Achilles

PassFab RAR version 9.3.2 SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | ee87eae666d38dc3258ef3934645c890
Linux/x64 Disable ASLR Security Shellcode
Posted Dec 19, 2018
Authored by Kagan Capar

93 bytes small Linux/x64 disable ASLR Security shellcode.

tags | shellcode
systems | linux
MD5 | 11fc5e33653b258e60c96b8a189aedb8
Linux Kernel 4.4 rtnetlink Stack Memory Disclosure
Posted Dec 19, 2018
Authored by Jinbum Park, Kangjie Lu

Linux kernel version 4.4 rtnetlink stack memory disclosure exploit.

tags | exploit, kernel, info disclosure
systems | linux
advisories | CVE-2016-4486
MD5 | e3d5334afb0ed83e5e518e3fbe9fd294
Stegano 0.9.0
Posted Dec 19, 2018
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Added the possibility to shift the encoded bits when using the lsbset module.
tags | tool, encryption, steganography, python
systems | unix
MD5 | eb5d031d189778f14ad030751cf2b5ab
Capstone 4.0
Posted Dec 19, 2018
Authored by Nguyen Anh Quynh | Site capstone-engine.org

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Changes: Release 4.0 is a stable release version, with important fixes in the core and several bindings against version 3.0.5.
tags | tool
systems | unix
MD5 | 9b84acb86212cefeb1163f4e4668fc95
Hotel Booking Script 3.4 Cross Site Request Forgery
Posted Dec 19, 2018
Authored by Sainadh Jamalpur

Hotel Booking Script version 3.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 8425e4f971e9d347d3ab67726702fd84
VMware Security Advisory 2018-0031
Posted Dec 19, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0031 - vRealize Operations updates address a local privilege escalation vulnerability.

tags | advisory, local
advisories | CVE-2018-6978
MD5 | 9394c105969df49cc87514df90900e5d
Red Hat Security Advisory 2018-3852-01
Posted Dec 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3852-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP25. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2018-13785, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3214
MD5 | 03a0375dc79e857dab6612033adde31e
Bolt CMS Cross Site Scripting
Posted Dec 19, 2018
Authored by Raif Berkay Dincel

Bolt CMS versions prior to 3.6.2 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-19933
MD5 | a700284260ebebb5e62bed22f685d761
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close