what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files Date: 2019-02-27

SHAREit For Android 4.0.38 Authentication Bypass / File Download
Posted Feb 27, 2019
Authored by Abdulrahman Nour | Site redforce.io

DUMPit is an exploit for the SHAREit mobile app abusing two recently discovered vulnerabilities affecting SHAREit Android application versions 4.0.38 and below. The first one allows an attacker to bypass SHAREit device authentication mechanism, and the other one enables the authenticated attacker to download arbitrary files from the user's device. Both vulnerabilities were reported to the vendor and patches have been released.

tags | exploit, arbitrary, vulnerability
MD5 | 3f976a2a05f5d62b9b09600fb47b3c43
Ubuntu Security Notice USN-3898-2
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3898-2 - USN-3898-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Hanno BAPck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18508
MD5 | 96d4a6ebad4a475d23f48aacf78cb18f
Slackware Security Advisory - openssl Updates
Posted Feb 27, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 14.2 to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-1559
MD5 | b461424a888f769f20904a5db217b6d8
Ubuntu Security Notice USN-3898-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3898-1 - Hanno BAPck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18508
MD5 | 1f538d3fc5907fe7db2f992a501e9f5a
Ubuntu Security Notice USN-3899-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3899-1 - Juraj Somorovsky, Robert Merget, and Nimrod Aviram discovered that certain applications incorrectly used OpenSSL and could be exposed to a padding oracle attack. A remote attacker could possibly use this issue to decrypt data.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-1559
MD5 | 649244f74bfef62f2e8d667bc9b80619
Chrome PaymentRequest Service Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from multiple use-after-free vulnerabilities in the PaymentRequest service.

tags | exploit, vulnerability
MD5 | 542901546f769fa6884fd395a1a3c73e
Zentyal Server Development Edition 6.0 Cross Site Scripting
Posted Feb 27, 2019
Authored by Ozer Goker

Zentyal Server Development Edition version 6.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 526a723508e759405a73527445e0c94a
Chrome FileWriterImpl Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in FileWriterImpl.

tags | exploit
MD5 | 5a9117a1704832a0984afed842bc55a6
Ubuntu Security Notice USN-3895-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3895-1 - It was discovered that LDB incorrectly handled certain search expressions. A remote attacker could possibly use this issue to cause the Samba LDAP process to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-3824
MD5 | 0fe2b12280334803d3598621a5f4f799
Chrome P2PSocketDispatcherHost Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in the RenderProcessHostImpl binding for P2PSocketDispatcherHost.

tags | exploit
MD5 | 48f1ffc95224a0488f9106479cff0242
tcpdump Out-Of-Bounds Read
Posted Feb 27, 2019
Authored by Google Security Research, mjurczyk

tcpdump was found to suffer from multiple out-of-bounds read vulnerabilities.

tags | exploit, vulnerability
MD5 | dcc3adb2ce29e405d96b9b12d4aa7a31
Chrome RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in RenderFrameHostImpl::CreateMediaStreamDispatcherHost.

tags | exploit
MD5 | 2f25c0e1945b900e5d6e3ae70304edfb
Ubuntu Security Notice USN-3896-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3896-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same origin protections, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-18356
MD5 | 6e08cc9799b6051189410337e2aa406f
Hydra Network Logon Cracker 8.9.1
Posted Feb 27, 2019
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Clarification for rdp error message. CIDR notation (hydra -l test -p test 192.168.0.0/24 ftp) was not detected, fixed.
tags | tool, web, imap
systems | cisco, unix
MD5 | 62f9cee963121b778562b6f319104c14
Ubuntu Security Notice USN-3897-1.t.xt
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3897-1 - A use-after-free was discovered in libical. If a user were tricked in to opening a specially crafted ICS calendar file, an attacker could potentially exploit this to cause a denial of service. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-5824, CVE-2018-18509
MD5 | 99633af618d616f368ddcfe60c6a90b1
Simple Online Hotel Reservation System Cross Site Request Forgery
Posted Feb 27, 2019
Authored by Mr Winst0n

Simple Online Hotel Reservation System suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 853c4a1becdebc1d661c91722c2f39a4
Joomla Alberghi 2.1.3 File Upload / SQL Injection
Posted Feb 27, 2019
Authored by KingSkrupellos

Joomla Alberghi component version 2.1.3 suffers from arbitrary file upload and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, file upload
MD5 | e9ac9d615c9d64ae523ed189c083e1c9
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    23 Files
  • 27
    Jan 27th
    24 Files
  • 28
    Jan 28th
    14 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close