what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-03-18

Ubuntu Security Notice USN-3906-2
Posted Mar 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3906-2 - USN-3906-1 and USN-3864-1 fixed several vulnerabilities in LibTIFF. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-10779, CVE-2018-17101
SHA-256 | 7ddec11ab6449a1a2d7431b7963ef951dea0238b9574957b3cd9a4d98bfeb956
Red Hat Security Advisory 2019-0597-01
Posted Mar 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0597-01 - The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. An issue with extra ssh keys being added has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-0816
SHA-256 | 758d404a2e4ff416730200eefbbc3f12f060721049d92d2fa27227fe15f52b81
exacqVision 9.8 Unquoted Service Path Privilege Escalation
Posted Mar 18, 2019
Authored by LiquidWorm | Site zeroscience.mk

exacqVision version 9.8 suffers from an unquoted search path issue impacting the services exacqVisionServer, dvrdhcpserver and mdnsresponder for Windows deployed as part of exacqVision software application. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.

tags | exploit, arbitrary, local, root
systems | windows
SHA-256 | 90fe60960c62610bc8f59ff9c98b09fff0ca457f52c59094a1c6dbea2a406159
Microsoft Windows Binary Planting
Posted Mar 18, 2019
Authored by Frederic Bourla

This is a short write-up on binary planting along with a few old-school 0-days which may still be helpful for pentesters willing to escalate privileges on Windows.

tags | paper
systems | windows
SHA-256 | bad382035c6cc3d06a9a292da8b5ee06b5df8bb89476e892ad959c45c53b1410
Debian Security Advisory 4408-1
Posted Mar 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4408-1 - Multiple security issues were discovered in liveMedia, a set of C++ libraries for multimedia streaming which could result in the execution of arbitrary code or denial of service when parsing a malformed RTSP stream.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-6256, CVE-2019-7314, CVE-2019-9215
SHA-256 | 2e4ca357472c5a306f5831960e41f57eaa118209475d160d1380da9fe1a5a28a
Red Hat Security Advisory 2019-0593-01
Posted Mar 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0593-01 - The OpenStack Load Balancing service provides a Load Balancing-as-a-Service version 2 implementation for Red Hat OpenStack platform director based installations. This update fixes an issue where private keys were written to world-readable log files.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-16856
SHA-256 | 71e70c3c6222ce513e075bc9fee98e201d4d7d5e030dc937d7a89c2b2fc5ec11
Ubuntu Security Notice USN-3911-1
Posted Mar 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3911-1 - It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-8904
SHA-256 | fef808f3be82996b09455ddaa9c310cc847d78b2422cbd3aee423e2912f71a01
Red Hat Security Advisory 2019-0580-01
Posted Mar 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0580-01 - OpenStack Telemetry collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents for data collection. This data is stored in a database and presented via the REST API. This update addresses an sensitive data leak.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3830
SHA-256 | f0e0d56ab4b93438be5236b200671bcf92acdcdc8a04e9e3792d36487185d779
Red Hat Security Advisory 2019-0590-01
Posted Mar 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0590-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
SHA-256 | 025cf7a60e096cc067f210e970eee35ca056285eec6245ec0dcaf1ce2244aef5
libseccomp Incorrect Compilation Of Arithmetic Comparisons
Posted Mar 18, 2019
Authored by Jann Horn, Google Security Research

libseccomp suffers from an issue where there are incorrect compilations of arithmetic comparisons.

tags | exploit
SHA-256 | dddc73c41f25c68017fa3018c96fe964b4326e43e6cabe8e18b658d2b9935a72
Gitea 1.7.3 HTML Injection
Posted Mar 18, 2019
Authored by Anti Rais

Gitea versions 1.7.0 through 1.7.3 suffer from a stored html injection vulnerability.

tags | exploit
SHA-256 | 253ed51f7af489f1307804b4289f3d88966fed3070de63f9f7e892dd2a22ed63
TheCarProject 2 SQL Injection
Posted Mar 18, 2019
Authored by Mehmet Emiroglu

TheCarProject version 2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 137a2c3dbf630de74cbfde1c84bd23e35a6010ddb016985199679d8d58bcc715
WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 Denial Of Service
Posted Mar 18, 2019
Authored by Achilles

WinAVI iPod/3GP/MP4/PSP Converter version 4.4.2 suffers from a local denial of service vulnerability.

tags | exploit, denial of service, local
SHA-256 | 77155e77429bcb5b77a27c89b876b2ed472cd37f1adf4f527d589e6763b7bb93
WinMPG Video Convert 9.3.5 Denial Of Service
Posted Mar 18, 2019
Authored by Achilles

WinMPG Video Convert versions 9.3.5 and below suffer from a local denial of service vulnerability.

tags | exploit, denial of service, local
SHA-256 | 84572c55050623ee7f0d842c9ccb7dfe0ef3758bd700e81568a99fb1419d0c63
WordPress FormCraft 2.0 CSRF / Shell Upload
Posted Mar 18, 2019
Authored by KingSkrupellos

WordPress version 5.0.4 with FormCraft plugin version 2.0 suffers from a cross site request forgery vulnerability that can be leveraged to perform a shell upload.

tags | exploit, shell, csrf
SHA-256 | 20fa2c83b5c931b82468320628286a4017adfdc722d3d66e7a4045518f19f4d8
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close