exploit the possibilities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2019-03-12

Debian Security Advisory 4406-1
Posted Mar 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4406-1 - Francis McBratney discovered that the Windows Azure Linux Agent created swap files with world-readable permissions, resulting in information disclosure.

tags | advisory, info disclosure
systems | linux, windows, debian
advisories | CVE-2019-0804
MD5 | 17e85027c8b215cf2925edc737d2cdc5
Ubuntu Security Notice USN-3908-1
Posted Mar 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3908-1 - Jann Horn discovered a race condition in the fork system call in the Linux kernel. A local attacker could use this to gain access to services that cache authorizations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-6133
MD5 | 03182f2331e6a955ceec56252c40c57c
Ubuntu Security Notice USN-3902-2
Posted Mar 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3902-2 - USN-3902-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the PHP XML-RPC module incorrectly handled decoding XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, php
systems | linux, ubuntu
advisories | CVE-2019-9020, CVE-2019-9021, CVE-2019-9023, CVE-2019-9024
MD5 | 65357e37cae18068e3e84434235d1e1f
Ubuntu Security Notice USN-3907-1
Posted Mar 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3907-1 - It was discovered that WALinuxAgent created swap files with incorrect permissions. A local attacker could possibly use this issue to obtain sensitive information from the swap file.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-0804
MD5 | d596f7c7e083bed1bc94c58895bd3bf3
Debian Security Advisory 4407-1
Posted Mar 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4407-1 - Ross Geerlings discovered that the XMLTooling library didn't correctly handle exceptions on malformed XML declarations, which could result in denial of service against the application using XMLTooling.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2019-9628
MD5 | 38497d06e1832a59bcf2e4c1990dab40
Red Hat Security Advisory 2019-0487-01
Posted Mar 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0487-01 - Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-20699
MD5 | 059e2aa5e00b4673a731a802c4fda05d
Red Hat Security Advisory 2019-0525-01
Posted Mar 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0525-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-10876, CVE-2018-11412
MD5 | c5c28e3e943f5a3b2a47cbf254f7bacf
elFinder PHP Connector exiftran Command Injection
Posted Mar 12, 2019
Authored by Brendan Coles, Thomas Chauchefoin, q3rv0 | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in elFinder versions prior to 2.1.48. The PHP connector component allows unauthenticated users to upload files and perform file modification operations, such as resizing and rotation of an image. The file name of uploaded files is not validated, allowing shell metacharacters. When performing image operations on JPEG files, the filename is passed to the exiftran utility without appropriate sanitization, causing shell commands in the file name to be executed, resulting in remote command injection as the web server user. The PHP connector is not enabled by default. The system must have exiftran installed and in the PATH. This module has been tested successfully on elFinder versions 2.1.47, 2.1.20, and 2.1.16 on Ubuntu.

tags | exploit, remote, web, shell, php
systems | linux, ubuntu
MD5 | 3664569f65ef2128717bd5e02f29d7b4
Ubuntu Security Notice USN-3906-1
Posted Mar 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3906-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10779, CVE-2019-6128
MD5 | 56e847616d505958b3eb0f59eaea2e67
robinbhandari FTP Remote Denial Of Service
Posted Mar 12, 2019
Authored by x90c

robinbhandari FTP suffers from a denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2019-9668
MD5 | 36e625ec902f1e4fc7ac8cf059b020d4
PilusCart 1.4.1 Cross Site Request Forgery
Posted Mar 12, 2019
Authored by Gionathan Reale

PilusCart version 1.4.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 1b98dbf7e9e9f9756a04f2daf691eb70
Core FTP 2.0 Build 653 PBSZ Denial Of Service
Posted Mar 12, 2019
Authored by Hodorsec

Core FTP version 2.0 build 653 suffers from a PBSZ command denial of service vulnerability.

tags | exploit, denial of service
MD5 | 1c1de1481d4cb8235b7bfeb45179b294
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close