exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

Files Date: 2019-04-24

Chrome NewFixedDoubleArray Integer Overflow
Posted Apr 24, 2019
Authored by Google Security Research, Glazvunov

Chrome suffers from an integer overflow vulnerability in NewFixedDoubleArray.

tags | exploit, overflow
MD5 | b26427448c9bb392f1787ea07e216e0a
Red Hat Security Advisory 2019-0877-01
Posted Apr 24, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0877-01 - Red Hat OpenShift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Thorntail 2.4.0 serves as a replacement for RHOAR Thorntail 2.2.0, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include code execution, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-1000180, CVE-2018-1067, CVE-2018-10862, CVE-2018-10894, CVE-2018-10912, CVE-2018-1114, CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362
MD5 | 2146a915fad9f5dc826a08a4e01ddd87
Ubuntu Security Notice USN-3954-1
Posted Apr 24, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3954-1 - It was discovered that FreeRADIUS incorrectly handled certain inputs. An attacker could possibly use this issue to bypass authentication.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-11234
MD5 | 1c16841f6c4856bff5463dcb3f305899
Linux/x86 Rabbit Shellcode Crypter
Posted Apr 24, 2019
Authored by Petr Javorik

200 bytes small Linux/x86 rabbit shellcode crypter.

tags | x86, shellcode
systems | linux
MD5 | 35dcc4387006d2416fa6774debd2a9a3
RARLAB WinRAR ACE Format Input Validation Remote Code Execution
Posted Apr 24, 2019
Authored by Imran Dawoodjee, Nadav Grossman | Site metasploit.com

In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path. This module will attempt to extract a payload to the startup folder of the current user. It is limited such that we can only go back one folder. Therefore, for this exploit to work properly, the user must extract the supplied RAR file from one folder within the user profile folder (e.g. Desktop or Downloads). User restart is required to gain a shell.

tags | exploit, shell
advisories | CVE-2018-20250
MD5 | e92db51f5e14f0fddb4670c8372f4da6
VirtualBox COM RPC Interface Code Injection / Privilege Escalation
Posted Apr 24, 2019
Authored by James Forshaw, Google Security Research

The hardened VirtualBox process on a Windows host does not secure its COM interface leading to arbitrary code injection and elevation of privilege.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2017-10204
MD5 | d89a703071dfda548e916560bbdf3ffe
Confluence Server / Data Center Path Traversal
Posted Apr 24, 2019
Authored by Atlassian

Confluence Server and Confluence Data Center suffer from a path traversal vulnerability in the downloadallattachments resource. Versions affected include 6.6.0 up to 6.6.13, 6.7.0 up to 6.12.4, 6.13.0 up to 6.13.4, 6.14.0 up to 6.14.3, and 6.15.0 up to 6.15.2.

tags | advisory, file inclusion
advisories | CVE-2019-3398
MD5 | ecb6b12f605a3e2392294e768ae4f8be
Ubuntu Security Notice USN-3936-2
Posted Apr 24, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3936-2 - USN-3936-1 fixed a vulnerability in AdvanceCOMP. This update provides the corresponding update for Ubuntu 19.04. It was discovered that AdvanceCOMP incorrectly handled certain PNG files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-9210
MD5 | e81b6adc98d79569f699eba1d080e44a
Red Hat Security Advisory 2019-0868-01
Posted Apr 24, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0868-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.7 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-3868
MD5 | b7ddd3fef1fdce7763035c437d673524
Sony Smart TV Information Disclosure / File Read
Posted Apr 24, 2019
Authored by xen1thLabs

Sony Smart TVs suffer from information disclosure and arbitrary file read vulnerabilities.

tags | exploit, arbitrary, vulnerability, info disclosure
advisories | CVE-2019-10886, CVE-2019-11336
MD5 | 3b42bd8fb1eb2d499baf7ea58fa34007
TestSSL 2.9.5-8
Posted Apr 24, 2019
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains bug fixes.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 893aaf6c6d1d30693ff9388a2331f394
Page 1 of 1

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    13 Files
  • 30
    Oct 30th
    8 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By