exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2019-03-07

Ubuntu Security Notice USN-3904-1
Posted Mar 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3904-1 - It was discovered that the NVIDIA graphics drivers incorrectly handled the GPU performance counters. A local attacker could possibly use this issue to access the application data processed on the GPU.

tags | advisory, local
systems | linux, ubuntu
SHA-256 | 0a314e97dd0cdefd205a751678974b7d37fc096c5572956f57a5853e0f716107
Oracle Weblogic Server Deserialization Remote Command Execution
Posted Mar 7, 2019
Authored by Allyshka

Oracle Weblogic Server deserialization remote command execution exploit with patch bypass.

tags | exploit, remote
advisories | CVE-2018-2628, CVE-2018-3245
SHA-256 | 837c2f0617dd4b3f41f05a46a57a7e73ab7bc936ea31caa66a3b2934f79ee87c
Red Hat Security Advisory 2019-0474-01
Posted Mar 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0474-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP40. Issues addressed include a buffer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2018-11212, CVE-2018-12547, CVE-2019-2422
SHA-256 | 417ad4f26d32b710a797cd2b8db0b2aa4e96c1bed16a3f20e9589af55962fdf0
Kados R10 GreenBee SQL Injection
Posted Mar 7, 2019
Authored by Mehmet Emiroglu

Kados R10 GreenBee suffers from a remote SQL injection vulnerability in the menu_lev1 parameter.

tags | exploit, remote, sql injection
SHA-256 | 64bb389ef1691eace4236e3c9c3215017353375b48302fcc554ebc1bd48e8f77
OrientDB 3.0.17 GA Community Edition XSS / CSRF
Posted Mar 7, 2019
Authored by Ozer Goker

OrientDB version 3.0.17 GA Community Edition suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 8ba0d8eaf52b7cc302a0b7549e394c6c29eb8f95e19e2924a243a3e11a59712f
QNAP TS-431 QTS Remote Command Execution
Posted Mar 7, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module creates a virtual web server and uploads the php payload into it. Admin privileges cannot access any server files except File Station files. The user who is authorized to create Virtual Web Server can upload malicious php file by activating the server. Exploit creates a new directory into File Station to connect to the web server. However, only the "index.php" file is allowed to work in the virtual web server directory. No files can be executed except "index.php". Gives an access error. After the harmful "index.php" has been uploaded, the shell can be retrieved from the server. There is also the possibility of working in higher versions. Affects versions prior to 4.2.2.

tags | exploit, web, shell, php
SHA-256 | 712e61a13313ebb126b64c908b54585d5ae2d8054cbfe62c42977aa9f74c1068
Red Hat Security Advisory 2019-0473-01
Posted Mar 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0473-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP40. Issues addressed include a buffer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2018-11212, CVE-2018-12547, CVE-2019-2422
SHA-256 | a7d7aa7be4a337f46798a8f44a648d6aaf9a47adb077fe93c96c8e8058e0f22d
Anyburn 4.x x86 Buffer Overflow
Posted Mar 7, 2019
Authored by Hodorsec

Anyburn version 4.3 x86 "Copy disc to image file" buffer overflow SEH unicode exploit.

tags | exploit, overflow, x86
SHA-256 | 093efaf0e4484fa5ee3691f96a71fdfc76d836f48b33f9b0e592f75d34a8ad15
Sparkasse Cross Site Scripting
Posted Mar 7, 2019
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

The vulnerability laboratory core research team discovered multiple persistent cross site vulnerabilities in the Sparkasse online service web-application.

tags | exploit, web, vulnerability
SHA-256 | 42d53ff3e5deb653a5edb38b01a8cbe7d3ff0a34e775ab7bc920dfcbbfafaa0f
Insertion Encoder / Decoder Shellcode
Posted Mar 7, 2019
Authored by Daniele Votta

Linux/x86 insertion encoder and decoder shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 232a3ba577ebd0f1ab1c5e2f99d661e44cd0cb77813fb985d5c81b3e1fb9f5e4
Red Hat Security Advisory 2019-0472-01
Posted Mar 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0472-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP30. Issues addressed include a buffer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2018-11212, CVE-2018-12547, CVE-2018-12549, CVE-2019-2422, CVE-2019-2449
SHA-256 | b98fc9eeb8744a490698307eb453d22ee3c80604a36e2db66476daa04f2c46e6
phpBB 3.2.3 Remote Code Execution
Posted Mar 7, 2019
Authored by Allyshka

phpBB version 3.2.3 remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 0cb3b45f7b70123eef9c5329c77d3770187662efc48ff45321b363e06b6a7858
File Transfer Skills In The Red Team Post Penetration Test
Posted Mar 7, 2019
Authored by xax007

Whitepaper called File transfer skills in the red team post penetration test.

tags | paper
SHA-256 | d505ea952cbf8c03b697f70f16b5ed760eb06b330f80ee5d46f97011a37a446e
SPOILER: Speculative Load Hazards Boost Rowhammer And Cache Attacks
Posted Mar 7, 2019
Authored by Ahmad Moghimi, Moritz Krebbel, Saad Islam, Berk Sunar, Berk Gulmezoglu, Thomas Eisenbarth, Ida Bruhns

Whitepaper called SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks. This research was produced jointly between Worcester Polytechnic Institute and University of Lubeck. It has been noted that software mitigations tied to Spectre will not mitigate this newly identified issue.

tags | paper
SHA-256 | bb3f36a1e44797d8ca7fcd7fcc02a3b109128d567aee6326977365c8b87b06f4
FreeBSD Intel SYSRET Privilege Escalation
Posted Mar 7, 2019
Authored by Rafal Wojtczuk, Brendan Coles, John Baldwin, iZsh | Site metasploit.com

This Metasploit module exploits a vulnerability in the FreeBSD kernel, when running on 64-bit Intel processors. By design, 64-bit processors following the X86-64 specification will trigger a general protection fault (GPF) when executing a SYSRET instruction with a non-canonical address in the RCX register. However, Intel processors check for a non-canonical address prior to dropping privileges, causing a GPF in privileged mode. As a result, the current userland RSP stack pointer is restored and executed, resulting in privileged code execution.

tags | exploit, x86, kernel, code execution
systems | freebsd, bsd
advisories | CVE-2012-0217
SHA-256 | f1711c3320d7c4e9f80661d007057fb1b0b673f47fb51ec2968a821bc6aa8991
Android su Privilege Escalation
Posted Mar 7, 2019
Site metasploit.com

This Metasploit module uses the su binary present on rooted devices to run a payload as root. A rooted Android device will contain a su binary (often linked with an application) that allows the user to run commands as root. This module will use the su binary to execute a command stager as root. The command stager will write a payload binary to a temporary directory, make it executable, execute it in the background, and finally delete the executable. On most devices the su binary will pop-up a prompt on the device asking the user for permission.

tags | exploit, root
SHA-256 | 7e3a5d53d1bbc99e917882f257f635961ce55cef2fc5751b97c279d3aed1f213
Stegano 0.9.1
Posted Mar 7, 2019
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Updated Pillow dependency in order to fix a bug when opening some PNG files.
tags | tool, encryption, steganography, python
systems | unix
SHA-256 | 9fa2e8c51d173c74b0305f4f1e2a2d995755c22d2da0261c82f4f2a3f2185b6a
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close