what you don't know can hurt you
Showing 1 - 25 of 441 RSS Feed

Files Date: 2019-02-01 to 2019-02-28

SHAREit For Android 4.0.38 Authentication Bypass / File Download
Posted Feb 27, 2019
Authored by Abdulrahman Nour | Site redforce.io

DUMPit is an exploit for the SHAREit mobile app abusing two recently discovered vulnerabilities affecting SHAREit Android application versions 4.0.38 and below. The first one allows an attacker to bypass SHAREit device authentication mechanism, and the other one enables the authenticated attacker to download arbitrary files from the user's device. Both vulnerabilities were reported to the vendor and patches have been released.

tags | exploit, arbitrary, vulnerability
MD5 | 3f976a2a05f5d62b9b09600fb47b3c43
Ubuntu Security Notice USN-3898-2
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3898-2 - USN-3898-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Hanno BAPck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18508
MD5 | 96d4a6ebad4a475d23f48aacf78cb18f
Slackware Security Advisory - openssl Updates
Posted Feb 27, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 14.2 to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-1559
MD5 | b461424a888f769f20904a5db217b6d8
Ubuntu Security Notice USN-3898-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3898-1 - Hanno BAPck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18508
MD5 | 1f538d3fc5907fe7db2f992a501e9f5a
Ubuntu Security Notice USN-3899-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3899-1 - Juraj Somorovsky, Robert Merget, and Nimrod Aviram discovered that certain applications incorrectly used OpenSSL and could be exposed to a padding oracle attack. A remote attacker could possibly use this issue to decrypt data.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-1559
MD5 | 649244f74bfef62f2e8d667bc9b80619
Chrome PaymentRequest Service Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from multiple use-after-free vulnerabilities in the PaymentRequest service.

tags | exploit, vulnerability
MD5 | 542901546f769fa6884fd395a1a3c73e
Zentyal Server Development Edition 6.0 Cross Site Scripting
Posted Feb 27, 2019
Authored by Ozer Goker

Zentyal Server Development Edition version 6.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 526a723508e759405a73527445e0c94a
Chrome FileWriterImpl Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in FileWriterImpl.

tags | exploit
MD5 | 5a9117a1704832a0984afed842bc55a6
Ubuntu Security Notice USN-3895-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3895-1 - It was discovered that LDB incorrectly handled certain search expressions. A remote attacker could possibly use this issue to cause the Samba LDAP process to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-3824
MD5 | 0fe2b12280334803d3598621a5f4f799
Chrome P2PSocketDispatcherHost Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in the RenderProcessHostImpl binding for P2PSocketDispatcherHost.

tags | exploit
MD5 | 48f1ffc95224a0488f9106479cff0242
tcpdump Out-Of-Bounds Read
Posted Feb 27, 2019
Authored by Google Security Research, mjurczyk

tcpdump was found to suffer from multiple out-of-bounds read vulnerabilities.

tags | exploit, vulnerability
MD5 | dcc3adb2ce29e405d96b9b12d4aa7a31
Chrome RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from a use-after-free vulnerability in RenderFrameHostImpl::CreateMediaStreamDispatcherHost.

tags | exploit
MD5 | 2f25c0e1945b900e5d6e3ae70304edfb
Ubuntu Security Notice USN-3896-1
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3896-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same origin protections, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-18356
MD5 | 6e08cc9799b6051189410337e2aa406f
Hydra Network Logon Cracker 8.9.1
Posted Feb 27, 2019
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Clarification for rdp error message. CIDR notation (hydra -l test -p test 192.168.0.0/24 ftp) was not detected, fixed.
tags | tool, web, imap
systems | cisco, unix
MD5 | 62f9cee963121b778562b6f319104c14
Ubuntu Security Notice USN-3897-1.t.xt
Posted Feb 27, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3897-1 - A use-after-free was discovered in libical. If a user were tricked in to opening a specially crafted ICS calendar file, an attacker could potentially exploit this to cause a denial of service. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-5824, CVE-2018-18509
MD5 | 99633af618d616f368ddcfe60c6a90b1
Simple Online Hotel Reservation System Cross Site Request Forgery
Posted Feb 27, 2019
Authored by Mr Winst0n

Simple Online Hotel Reservation System suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 853c4a1becdebc1d661c91722c2f39a4
Joomla Alberghi 2.1.3 File Upload / SQL Injection
Posted Feb 27, 2019
Authored by KingSkrupellos

Joomla Alberghi component version 2.1.3 suffers from arbitrary file upload and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, file upload
MD5 | e9ac9d615c9d64ae523ed189c083e1c9
Red Hat Security Advisory 2019-0415-01
Posted Feb 26, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0415-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a race condition vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-10902
MD5 | dda55fc70b7190e8e002b7407a6bbc52
Red Hat Security Advisory 2019-0420-01
Posted Feb 26, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0420-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include an auth hijacking vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-6133
MD5 | d1ed69010afc1e583b253160eaf3104b
DomainMOD 4.11.01 Custom Domain Cross Site Scripting
Posted Feb 26, 2019
Authored by Mohammed Abdul Raheem

DomainMOD version 4.11.01 suffers from a cross site scripting vulnerability in the custom domains fields page.

tags | exploit, xss
advisories | CVE-2018-19750
MD5 | 0d6c85151cfbb3363c9363961cfb570e
XOR Encoder / Decoder
Posted Feb 26, 2019
Authored by Daniele Votta

45 bytes small Linux/x86 XOR encoder and decoder shellcode tool.

tags | x86, shellcode
systems | linux
MD5 | bf065857f881c4717625814a847c64eb
vBulletin 4.2.0 ChangUonDyU Chatbox 3.6.0 Cross Site Scripting
Posted Feb 26, 2019
Authored by KingSkrupellos

vBulletin version 4.2.0 with ChangUonDyU Chatbox plugin version 3.6.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 8625fc8b7cf34354884954cb504c1c04
Ubuntu Security Notice USN-3894-1
Posted Feb 26, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3894-1 - It was discovered that GNOME Keyring incorrectly cleared out credentials supplied to the PAM module. A local attacker could possibly use this issue to discover login credentials.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-20781
MD5 | 7c4f101099858977401af137cb677b7e
Red Hat Security Advisory 2019-0408-01
Posted Feb 26, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0408-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a file descriptor handling issue in runc.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-5736
MD5 | 742a7a117f47a93894b289b6b191046f
SQLiteManager 1.2.0 / 1.2.4 SQL Injection
Posted Feb 26, 2019
Authored by Rafael Pedrero

SQLiteManager versions 1.2.0 and 1.2.4 suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-9083
MD5 | 74b761ee479763e5d08d216879f6dd77
Page 1 of 18
Back12345Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close