exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2019-03-06

Ubuntu Security Notice USN-3903-2
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3903-2 - USN-3903-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service or possibly execute arbitrary code in the host kernel. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-16880, CVE-2018-18397, CVE-2019-6133
SHA-256 | afcaa009d7d28d01ca610ca75faf61e90bc402ea1bad246d79cf7dca496c6849
ClearOS 7 Community Edition Cross Site Scripting
Posted Mar 6, 2019
Authored by Ozer Goker

ClearOS 7 Community Edition suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4838f676acff00168df9e27d725f70e8f6ae331dc06f1947191b7ffaa265d364
Red Hat Security Advisory 2019-0469-01
Posted Mar 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0469-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP30. Issues addressed include a buffer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2018-11212, CVE-2018-12547, CVE-2018-12549, CVE-2019-2422, CVE-2019-2449
SHA-256 | 64af816d77124b298b0d692d8c3c095a93d88c68b278f91178e57f66fa0ff99b
Ubuntu Security Notice USN-3903-1
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3903-1 - Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service or possibly execute arbitrary code in the host kernel. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-16880, CVE-2018-18397, CVE-2019-6133
SHA-256 | 73c11215ef38f1741368473e63e13f27c7a6aeadf7ef9a8536e6a489ec56ddf7
Ubuntu Security Notice USN-3902-1
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3902-1 - It was discovered that the PHP XML-RPC module incorrectly handled decoding XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. It was discovered that the PHP PHAR module incorrectly handled certain filenames. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. It was discovered that PHP incorrectly parsed certain DNS responses. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, php
systems | linux, ubuntu
advisories | CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024
SHA-256 | c8e41445031ceeae1b65118e4b06e45ae66592a97f879619103917d898a7d5f1
Imperva SecureSphere 13.x PWS Command Injection
Posted Mar 6, 2019
Authored by rsp3ar | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Imperva SecureSphere version 13.x. The vulnerability exists in the PWS service, where Python CGIs did not properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to command injection. Agent registration credential is required to exploit SecureSphere in gateway mode. This module was successfully tested on Imperva SecureSphere 13.0/13.1/13.2 in pre-ftl mode and unsealed gateway mode.

tags | exploit, cgi, python
SHA-256 | bdfbc634ef200611fefa72897a8585b4730eee313338e28e3fd534dd61610207
Drupal RESTful Web Services unserialize() Remote Code Execution
Posted Mar 6, 2019
Authored by wvu, Charles FOL, Jasper Mattsson, Rotem Reiss | Site metasploit.com

This Metasploit module exploits a PHP unserialize() vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also vulnerable (albeit cached). Cached nodes can be exploited only once.

tags | exploit, web, php
advisories | CVE-2019-6340
SHA-256 | f0577a61447bee5c1e01e80e2168cbe148e2d1b04abd7c1f41da56482db6d02b
Linux Virtual Address 0 Mappable Via Privilege write()
Posted Mar 6, 2019
Authored by Jann Horn, Google Security Research

It was discovered that virtual address 0 is mappable via privileged write() to /proc/*/mem on Linux.

tags | exploit
systems | linux
advisories | CVE-2019-9213
SHA-256 | 304236f8a1050e3e16648cbdbb32b50ffb3020bab9e3c600151f688ea0e19fe3
Android getpidcon() ACL Bypass
Posted Mar 6, 2019
Authored by Jann Horn, Google Security Research

getpidcon() usage in hardware binder servicemanager on Android permits ACL bypass.

tags | exploit
advisories | CVE-2019-2023
SHA-256 | 08f452e1fd544b7af038c758a58f8c160ba8c63c0faeb7a4ea44ade0b02d4a65
Android Binder Use-After-Free
Posted Mar 6, 2019
Authored by Jann Horn, Google Security Research

Android suffer from a binder use-after-free via a racy initialization of ->allow_user_free.

tags | exploit
advisories | CVE-2019-2025
SHA-256 | 6742e2b4193d7750763a8c792e031aa30b53a3561c2c1e363288b3e13e7e73af
Debian Security Advisory 4402-1
Posted Mar 6, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4402-1 - It was discovered that insufficient restrictions in the connection handling of Mumble, a low latency encrypted VoIP client, could result in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2018-20743
SHA-256 | 021179252625b20617a3d71dfaca76cc1c8101cad1b5aefd93ed86440c8db5ab
Ubuntu Security Notice USN-3901-2
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3901-2 - USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-18397, CVE-2018-19854, CVE-2019-6133
SHA-256 | c25a324edcfdb0698186cf0255921ec343ba3bedda004de93b2622c9d0166073
Ubuntu Security Notice USN-3901-1
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3901-1 - Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. It was discovered that the crypto subsystem of the Linux kernel leaked uninitialized memory to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, cryptography
systems | linux, ubuntu
advisories | CVE-2018-18397, CVE-2018-19854, CVE-2019-6133
SHA-256 | 2733d1718525888590b59662b23b1cc1de9b8d11aba8290d25b543ffd636e966
Red Hat Security Advisory 2019-0464-01
Posted Mar 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0464-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a memory disclosure vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2422
SHA-256 | e817747e77fe27a2008eb384956dfae9c6dcf54625301a44a57f267e5ff792ba
Red Hat Security Advisory 2019-0462-01
Posted Mar 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0462-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a memory disclosure vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2422
SHA-256 | 82056679aea75272222d233f1b51d8aca6a0c88f60f89f174aabb311689c4e27
RealTerm Serial Terminal 2.0.0.70 Echo Port Buffer Overflow
Posted Mar 6, 2019
Authored by Matteo Malvica, Hodorsec, Alejandra Sanchez

RealTerm Serial Terminal version 2.0.0.70 suffers from an echo port buffer overflow vulnerability. Modifications to the original proof of concept include the fact that it uses a larger payload size for shellcode due to different jump offsets and filters the bad character 0x3a as this is the character for port which causes an error ":".

tags | exploit, overflow, shellcode, proof of concept
SHA-256 | 7d6aa76dc1238452c1e6142d776b2b51e99c79aa8cf79ef87b7b1cde732ae71f
OpenSSL Security Advisory 20190306
Posted Mar 6, 2019
Site openssl.org

OpenSSL Security Advisory 20190306 - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored.

tags | advisory
advisories | CVE-2019-1543
SHA-256 | 7046cae0aeb64cfd0da455e63cd4180d7948515db33226ee44c4348b59dbc7dd
Scapy Packet Manipulation Tool 2.4.3rc1
Posted Mar 6, 2019
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Release candidate 1 for 2.4.3. Various updates.
tags | tool, scanner, python
systems | unix
SHA-256 | 107dbad9debc4f7bf093537a7d44d34c89dda8f57483a0da86d143dac4fe6888
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close