exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2019-03-11

Gentoo Linux Security Advisory 201903-08
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-8 - A vulnerability in GNU Wget which could allow an attacker to obtain sensitive information. Versions less than 1.20.1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2018-20483
SHA-256 | 2434dc89023ff5753338fc86dae08c750f387f9dbe89122525463662e1fdfc53
Microsoft Windows .Reg File / Dialog Box Message Spoofing
Posted Mar 11, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The Windows registry editor allows specially crafted .reg filenames to spoof the default registry dialog warning box presented to an end user. This can potentially trick unsavvy users into choosing the wrong selection shown on the dialog box. Furthermore, we can deny the registry editor its ability to show the default secondary status dialog box (Win 10), thereby hiding the fact that our attack was successful.

tags | exploit, spoof, registry
systems | windows
SHA-256 | 3540f096cd299680245203510c761b4c9ab487884731e55a66d94f65a26f3c66
Gentoo Linux Security Advisory 201903-07
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-7 - Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. Versions less than 239-r4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-16864, CVE-2018-16865, CVE-2018-16866, CVE-2019-6454
SHA-256 | 2460a4ff120455c4fb22e6a4569df946a8636e43beb21599764d129ef5f68aad
Ubuntu Security Notice USN-3905-1
Posted Mar 11, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3905-1 - It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-9200
SHA-256 | 44a531f028a9524b27f93dd0faf1433cb745a17006c1f50eb9ba2a10e5078afb
NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution
Posted Mar 11, 2019
Authored by LiquidWorm | Site zeroscience.mk

BEopt suffers from a DLL Hijacking issue. The vulnerability is caused due to the application loading libraries (sdl2.dll and libegl.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening a related application file .BEopt located on a remote WebDAV or SMB share. Version 2.8.0 is affected.

tags | exploit, remote, arbitrary
SHA-256 | 9b25608e33db31ec854a322eef7e473af8343e6f2015169f26412c7df6c6542f
WordPress WP Fastest Cache 0.8.9.0 Arbitrary File Deletion
Posted Mar 11, 2019
Authored by Sebastian Neef

WordPress WP Fastest Cache plugin versions 0.8.9.0 and below suffer from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
advisories | CVE-2019-6726
SHA-256 | 7dfc32d6c97f213e4afb3d338d1b15a271899fa857fcbb3a1e5f94bcac77d94e
CoreFTP Server FTP / SFTP Server 2 Build 674 MDTM Directory Traversal
Posted Mar 11, 2019
Authored by Kevin Randall

CoreFTP Server FTP and SFTP Server version 2 build 674 suffer from a directory traversal vulnerability. By utilizing a directory traversal along with the FTP MDTM command, an attacker can browse outside the root directory to determine if a file exists based on return file size along with the date the file was last modified by using a ..\..\ technique.

tags | exploit, root
advisories | CVE-2019-9649
SHA-256 | 3fc201ddb80ecf5d371328f76f120d416014c22afdf01a082fc0fd2b76a60e8a
Debian Security Advisory 4404-1
Posted Mar 11, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4404-1 - Clement Lecigne discovered a use-after-free issue in chromium's file reader implementation. A maliciously crafted file could be used to remotely execute arbitrary code because of this problem.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2019-5786
SHA-256 | 8f90590a0d9134bb918684d8b431f13960f3247bb429356abdc11b14c5ef01a5
Gentoo Linux Security Advisory 201903-06
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-6 - Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.4 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-20174, CVE-2018-20175, CVE-2018-20176, CVE-2018-20177, CVE-2018-20178, CVE-2018-20179, CVE-2018-20180, CVE-2018-20181, CVE-2018-20182, CVE-2018-8791, CVE-2018-8792, CVE-2018-8793, CVE-2018-8794, CVE-2018-8795, CVE-2018-8796, CVE-2018-8797, CVE-2018-8798, CVE-2018-8799, CVE-2018-8800
SHA-256 | b0e8dfb9476ce98c512bb27463d0e487c90ff77466d477affe451f150277b11e
Gentoo Linux Security Advisory 201903-05
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-5 - A vulnerability in Tar could led to a Denial of Service condition. Versions less than 1.30-r1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2018-20482
SHA-256 | 13c5f7e57c5de3c581572b44785ed1addaa4de9fcc7744b3622491bb61d0105f
Gentoo Linux Security Advisory 201903-04
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-4 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 60.5.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-12405, CVE-2018-18356, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494, CVE-2018-18498, CVE-2018-18500, CVE-2018-18501, CVE-2018-18505, CVE-2019-5785
SHA-256 | 20f08612c8ca6c7100b86c7d867c5217f53e3e3a0d615961b7cc0eca15beac39
Gentoo Linux Security Advisory 201903-03
Posted Mar 11, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201903-3 - Multiple vulnerabilities have been found in cURL, the worst of which could result in a Denial of Service condition. Versions less than 7.64.0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2019-3822, CVE-2019-3823
SHA-256 | 7b295ee612fd47e8561e865b6ce95775caadd490653734d95071b885946efb5a
Debian Security Advisory 4405-1
Posted Mar 11, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4405-1 - Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, that could be leveraged to cause a denial of service or possibly remote code execution.

tags | advisory, remote, denial of service, vulnerability, code execution
systems | linux, debian
advisories | CVE-2017-17480, CVE-2018-14423, CVE-2018-18088, CVE-2018-5785, CVE-2018-6616
SHA-256 | b4ff8b87f7a102402e670b25da69228b796091715314398d858d9267d0f176b0
Liferay CE Portal Groovy-Console Remote Command Execution
Posted Mar 11, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module uses the Liferay CE Portal Groovy script console to execute OS commands. The Groovy script can execute commands on the system via a [command].execute() call. Valid credentials for an application administrator user account are required. This module has been tested successfully with Liferay CE Portal Tomcat 7.1.2 ga3 on Debian 4.9.18-1kali1 system.

tags | exploit
systems | linux, debian
SHA-256 | 3f493346c1e9eb0567ff5a73ec406ade5fe2deff6c0f318670247793c4d63a4d
Linux Kernel 4.4 (Ubuntu 16.04) snd_timer_user_ccallback() Kernel Pointer Leak
Posted Mar 11, 2019
Authored by Wally0813

Linux Kernel version 4.4 (Ubuntu 16.04) suffers from a snd_timer_user_ccallback() kernel pointer leak vulnerability.

tags | exploit, kernel
systems | linux, ubuntu
advisories | CVE-2016-4578
SHA-256 | c02d5c6107b8268f368eaa7acad7eef444f4482a3ced9cf9216e83faa22ec1b9
PRTG Network Monitor 18.2.38 Remote Code Execution
Posted Mar 11, 2019
Authored by M4LV0

PRTG Network Monitor version 18.2.38 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-9276
SHA-256 | caa8e8d6c84347a1761464ae9cd384e08ce642f7747909ce0a123c579c8d1899
CoreFTP Server FTP / SFTP Server 2 Build 674 SIZE Directory Traversal
Posted Mar 11, 2019
Authored by Kevin Randall

CoreFTP Server FTP and SFTP Server version 2 build 674 suffer from a directory traversal vulnerability. By utilizing a directory traversal along with the FTP SIZE command, an attacker can browse outside the root directory to determine if a file exists based on return file size by using a ..\..\ technique.

tags | exploit, root, file inclusion
advisories | CVE-2019-9648
SHA-256 | 37bbdbe7891d4945d5ffae270f56ee38468766fc65923b032489c8574e7b1953
NetSetMan 4.7.1 Buffer Overflow
Posted Mar 11, 2019
Authored by Devin Casadey

NetSetMan version 4.7.1 SEH unicode local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 3660935cf2b6877fca40211b0c89b9a02354cd4987269316f6ffba305d44566c
Red Hat Security Advisory 2019-0481-01
Posted Mar 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0481-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 72.0.3626.121. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-5786
SHA-256 | 3945ba5b4ef3b8be100a9c3e58657eb27ff509e67c2daf8e5c77aa7cae009bcb
OpenKM Document Management Remote Command Execution
Posted Mar 11, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module allows the execution of remote commands on the server by creating a malicious JSP file. Module has been tested successfully with OpenKM DM between 6.3.2 and 6.3.7 on Debian 4.9.18-1kali1 system. There is also the possibility of working in lower versions.

tags | exploit, remote
systems | linux, debian
SHA-256 | b484ce434849b0e636117356302856ef9777c0efd7a2a6dcd294dce74e53a4aa
OpenCart Price Comparison Store 3.x Open Redirection
Posted Mar 11, 2019
Authored by KingSkrupellos

OpenCart Price Comparison Store module version 3.x suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 0bd6d414d3abd4c0aed888a1c2a9d768afc6e326d7d854e6484927f0c3f33170
Vanilla Forums 2.x Open Redirection
Posted Mar 11, 2019
Authored by KingSkrupellos

Vanilla Forums version 2.x suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 10f2633a6ffdfca5da928ebbf478694c825fb61a4f480bd3745bb1d49b7d6825
DotNetNuke SaveAsPDF 1.0 Arbitrary File Download
Posted Mar 11, 2019
Authored by KingSkrupellos

DotNetNuke SaveAsPDF module version 1.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
SHA-256 | 15af5e545f6db820e456fdadbd6efe9682cffaede9aa8deff0ba5513efdae663
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close