exploit the possibilities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2019-01-22

LeHACK 2019 Call For Papers
Posted Jan 22, 2019
Authored by Le HACK Conference | Site submit.lehack.org

LeHACK 2019 is a yearly rendezvous where hackers and aficionados are meeting around with both technical and non-technical talks and workshops about hacking. It is a great place to discover, to learn, to teach and be taught in the magical city of Paris. LeHACK 2019 will be held in La Cite des Sciences, Paris (France) on the 6th and 7th of July 2019.

tags | paper, conference
MD5 | fccf9e109abe82f3169baa51170c3a61
Red Hat Security Advisory 2019-0137-01
Posted Jan 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0137-01 - This enhancement adds the new Red Hat JBoss Enterprise Application Platform 7.2.0 packages to Red Hat Enterprise Linux 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1, and includes bug fixes and enhancements. Issues addressed include a broken CVE fix.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-2582
MD5 | 46f2369c58d8c475071df24fa0b1f02f
Red Hat Security Advisory 2019-0136-01
Posted Jan 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0136-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.2 on Red Hat Enterprise Linux 6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References. Issues addressed include a SAML issue.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2017-2582
MD5 | 6123eb0ecb847598dbf3001e59236474
Red Hat Security Advisory 2019-0139-01
Posted Jan 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0139-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1, and includes bug fixes and enhancements. Issues addressed include a SAML issue.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2017-2582
MD5 | 8229a591c95e33342894b50574ec02b2
PLC Wireless Router GPN2.4P21-C-CN Cross Site Request Forgery
Posted Jan 22, 2019
Authored by Kumar Saurav

PLC Wireless Router GPN2.4P21-C-CN suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-6282
MD5 | 4f82e62283c463bbbe52c4b0bde9a1f0
PLC Wireless Router GPN2.4P21-C-CN Incorrect Access Control
Posted Jan 22, 2019
Authored by Kumar Saurav

PLC Wireless Router GPN2.4P21-C-CN suffers from an incorrect access control vulnerability.

tags | exploit
advisories | CVE-2019-6279
MD5 | d1e36a6a57aac457f4be05fcef438b15
Exploitation Framework For STMicroelectronics DVB Chipsets
Posted Jan 22, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This detailed research paper discusses a multitude of security issues with STMicroelectronics DVB chipsets including, but not limited to credential leakage, buffer overflow, and data leaks.

tags | exploit, overflow
MD5 | 5e5650c12c6dc1fae75bda7ade29648c
ManageEngine OpManager 12.3 Privilege Escalation
Posted Jan 22, 2019
Authored by Humberto Cabrera | Site zeroscience.mk

ManageEngine OpManager version 12.3 suffers from a weak permissions issue in which an attacker can replace the service binary with a binary of his choice. This service runs as Localsystem thus allowing for a privilege escalation vector.

tags | exploit
MD5 | eee20374da2b5419d53f9eda05f63110
Ubuntu Security Notice USN-3865-1
Posted Jan 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3865-1 - It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-20481
MD5 | 11870c9e0823b8fcedf5dcbe3a08b035
Flawfinder 2.0.8
Posted Jan 22, 2019
Authored by David A. Wheeler | Site sourceforge.net

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.

Changes: A number of bugs were addressed as well as some small improvements. Documentation has been tweaked.
tags | tool
systems | unix
MD5 | c0b40f0fe23d8afe7095a76ef63f34b1
Faraday 3.5.0
Posted Jan 22, 2019
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Redesign of new/edit vulnerability forms. Added new custom fields feature to vulnerabilities. Added ./manage.py migrate to perform alembic migrations. Various other additions and updates.
tags | tool, rootkit
systems | unix
MD5 | ea2cbd29f1049afdba6f888da085e7e4
Red Hat Security Advisory 2019-0131-01
Posted Jan 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0131-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 5 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include open redirection and host name verification vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2018-11784, CVE-2018-8034
MD5 | 301796aa4e5ce279fcd0d9e8b3338554
Microsoft Windows VCF Arbitrary Code Execution
Posted Jan 22, 2019
Authored by Eduardo Braun Prado

Microsoft Windows VCF or Contact file URL manipulation arbitrary code execution proof of concept exploit. Tested on Windows 7 SP1, 8.1, 10 v.1809 with full patches up to January 2019. Both x86 and x64 architectures were tested.

tags | exploit, arbitrary, x86, code execution, proof of concept
systems | windows, 7
MD5 | 094fed868f7fb979125879d67bb9e5a4
Red Hat Security Advisory 2019-0130-01
Posted Jan 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0130-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 6 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include open redirection and host name verification.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2018-11784, CVE-2018-8034
MD5 | 26f23a70de08077776bcc6019a8cadc7
Ubuntu Security Notice USN-3863-2
Posted Jan 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3863-2 - USN-3863-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 12.04 ESM. Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-3462
MD5 | 148456025eaff2857e04b5ea2cad7488
Ubuntu Security Notice USN-3863-1
Posted Jan 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3863-1 - Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-3462
MD5 | c091166137076874ab2028b730474948
Debian Security Advisory 4371-1
Posted Jan 22, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4371-1 - Max Justicz discovered a vulnerability in APT, the high level package manager. The code handling HTTP redirects in the HTTP transport method doesn't properly sanitize fields transmitted over the wire. This vulnerability could be used by an attacker located as a man-in-the-middle between APT and a mirror to inject malicious content in the HTTP connection. This content could then be recognized as a valid package by APT and used later for code execution with root privileges on the target machine.

tags | advisory, web, root, code execution
systems | linux, debian
advisories | CVE-2019-3462
MD5 | c5a0f7a4a284d75b6ffdc060eeb25a43
Red Hat Security Advisory 2019-0109-01
Posted Jan 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0109-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow, perl
systems | linux, redhat
advisories | CVE-2018-18311
MD5 | ff8eb4ffb67c3ff1cd697a620421315f
Ubuntu Security Notice USN-3864-1
Posted Jan 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3864-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10963, CVE-2018-18661
MD5 | a90cb1bdc719fb0d13cc25d006f35308
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close