exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-03-18

Ubuntu Security Notice USN-3906-2
Posted Mar 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3906-2 - USN-3906-1 and USN-3864-1 fixed several vulnerabilities in LibTIFF. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-10779, CVE-2018-17101
MD5 | d6332636e5ade7508bf28fbcac3c59cc
Red Hat Security Advisory 2019-0597-01
Posted Mar 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0597-01 - The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. An issue with extra ssh keys being added has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-0816
MD5 | da441056e75d3ece906330c44e187ade
exacqVision 9.8 Unquoted Service Path Privilege Escalation
Posted Mar 18, 2019
Authored by LiquidWorm | Site zeroscience.mk

exacqVision version 9.8 suffers from an unquoted search path issue impacting the services exacqVisionServer, dvrdhcpserver and mdnsresponder for Windows deployed as part of exacqVision software application. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.

tags | exploit, arbitrary, local, root
systems | windows
MD5 | 98a9960106f1cef1cf55ce4666251455
Microsoft Windows Binary Planting
Posted Mar 18, 2019
Authored by Frederic Bourla

This is a short write-up on binary planting along with a few old-school 0-days which may still be helpful for pentesters willing to escalate privileges on Windows.

tags | paper
systems | windows
MD5 | 2610f1f8b017ac3a538d7e379b554592
Debian Security Advisory 4408-1
Posted Mar 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4408-1 - Multiple security issues were discovered in liveMedia, a set of C++ libraries for multimedia streaming which could result in the execution of arbitrary code or denial of service when parsing a malformed RTSP stream.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-6256, CVE-2019-7314, CVE-2019-9215
MD5 | 425b2b589d0ad63f13c2c1d76cedbb9e
Red Hat Security Advisory 2019-0593-01
Posted Mar 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0593-01 - The OpenStack Load Balancing service provides a Load Balancing-as-a-Service version 2 implementation for Red Hat OpenStack platform director based installations. This update fixes an issue where private keys were written to world-readable log files.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-16856
MD5 | a237bb27c8dae27ed78040888e43e186
Ubuntu Security Notice USN-3911-1
Posted Mar 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3911-1 - It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-8904
MD5 | a42b0939b032f1ef360d067831515fc8
Red Hat Security Advisory 2019-0580-01
Posted Mar 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0580-01 - OpenStack Telemetry collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents for data collection. This data is stored in a database and presented via the REST API. This update addresses an sensitive data leak.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3830
MD5 | 7e644b75b096d36c05109ff05d32869c
Red Hat Security Advisory 2019-0590-01
Posted Mar 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0590-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-16876
MD5 | 9ced9e836d867662811d99f22eea78e8
libseccomp Incorrect Compilation Of Arithmetic Comparisons
Posted Mar 18, 2019
Authored by Jann Horn, Google Security Research

libseccomp suffers from an issue where there are incorrect compilations of arithmetic comparisons.

tags | exploit
MD5 | 527bc24d7a88f082d48938d2aa6fb5c0
Gitea 1.7.3 HTML Injection
Posted Mar 18, 2019
Authored by Anti Rais

Gitea versions 1.7.0 through 1.7.3 suffer from a stored html injection vulnerability.

tags | exploit
MD5 | fef0bde612a1a8aa1deaaf4794d240fa
TheCarProject 2 SQL Injection
Posted Mar 18, 2019
Authored by Mehmet Emiroglu

TheCarProject version 2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4798d80d4bad5e0537cc5cd98a477adf
WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 Denial Of Service
Posted Mar 18, 2019
Authored by Achilles

WinAVI iPod/3GP/MP4/PSP Converter version 4.4.2 suffers from a local denial of service vulnerability.

tags | exploit, denial of service, local
MD5 | 6aa97f12923552790249925f4a0695af
WinMPG Video Convert 9.3.5 Denial Of Service
Posted Mar 18, 2019
Authored by Achilles

WinMPG Video Convert versions 9.3.5 and below suffer from a local denial of service vulnerability.

tags | exploit, denial of service, local
MD5 | 72f20c22098c1a53d29670207f4b4ca1
WordPress FormCraft 2.0 CSRF / Shell Upload
Posted Mar 18, 2019
Authored by KingSkrupellos

WordPress version 5.0.4 with FormCraft plugin version 2.0 suffers from a cross site request forgery vulnerability that can be leveraged to perform a shell upload.

tags | exploit, shell, csrf
MD5 | 34bba172e28c83ea38f0a59db712f769
Page 1 of 1
Back1Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    16 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close