what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-04-25

systemd DynamicUser SetUID Binary Creation
Posted Apr 25, 2019
Authored by Jann Horn, Google Security Research

This bug report describes a bug in systemd that allows a service with DynamicUser in collaboration with another service or user to create a setuid binary that can be used to access its UID beyond the lifetime of the service. This bug probably has relatively low severity, given that there are not many services yet that use DynamicUser, and the requirement of collaboration with another process limits the circumstances in which it would be useful to an attacker further; but in a system that makes heavy use of DynamicUser, it would probably have impact.

tags | exploit
advisories | CVE-2019-3844
SHA-256 | 064bbdd76f48df03346ba02e71f7b8230c92792ac615692d64f9d04ec97b425c
Lavavo CD Ripper 4.20 Buffer Overflow
Posted Apr 25, 2019
Authored by Achilles

Lavavo CD Ripper version 4.20 license activation name SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 3983b9f05d055c78f6849eb93d3fb1883efee5a082c670dbddbea041819ff59e
osTicket 1.11 Cross Site Scripting / Local File Inclusion
Posted Apr 25, 2019
Authored by Ozkan Mustafa Akkus

osTicket version 1.11 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | a3a0c940e3990234b185e1da84523131a41176574735f7fdcd88b7bd105ca85a
Ubuntu Security Notice USN-3956-1
Posted Apr 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3956-1 - It was discovered that Bind incorrectly handled limiting the number of simultaneous TCP clients. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service, tcp
systems | linux, ubuntu
advisories | CVE-2018-5743
SHA-256 | 3d24ed0e149890bba90071f8a75a8241b8ac0de8924929c8af98c07861a6b0c0
Ubuntu Security Notice USN-3955-1
Posted Apr 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3955-1 - It was discovered that tcpflow incorrectly handled certain malformed network packets. A remote attacker could send these packets to a target system, causing tcpflow to crash or possibly disclose sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2018-14938
SHA-256 | 6cf5a53ec29be9040d1801329f4f20f949f71d9d030b7c6df3a273f9ac45bd7c
Ubuntu Security Notice USN-3922-3
Posted Apr 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3922-3 - USN-3922-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-9022, CVE-2019-9640, CVE-2019-9675
SHA-256 | 803a4bbada6ca25b99730a60e87bb2e4bd4ffb9f3b9c099cee7b2e025aff543b
Red Hat Security Advisory 2019-0886-01
Posted Apr 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0886-01 - Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7. This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 6 and 7.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-0223
SHA-256 | 51ee6ce89ffa1483a5ec9d03a365dbe195147c06ea7b02816c74f69960f40146
Gentoo Linux Security Advisory 201904-25
Posted Apr 25, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-25 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 3.1.0-r4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-20815, CVE-2019-9824
SHA-256 | b8ef2d5b31853634154b8d8df5f413eb259a7fcf09e7c186b608a5ad6e3aad61
Gentoo Linux Security Advisory 201904-24
Posted Apr 25, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-24 - Multiple vulnerabilities have been found in Ming, the worst of which could result in a Denial of Service condition. Versions less than 0.20181112 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2017-11728, CVE-2017-11729, CVE-2017-11730, CVE-2017-11731, CVE-2017-11732, CVE-2017-11733, CVE-2017-11734, CVE-2017-9988, CVE-2017-9989, CVE-2018-5251, CVE-2018-5294, CVE-2018-6315, CVE-2018-6358, CVE-2018-6359
SHA-256 | 89fc4c461140c0c378a047021c889a873387afdd57d749af13dc04ddb3fedb14
JioFi 4G M2S 1.0.2 Denial Of Service
Posted Apr 25, 2019
Authored by Vikas Chaudhary

JioFi 4G M2S version 1.0.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2019-7439
SHA-256 | bfb318c7283d8c93cf9ad2a4ebed7e3340ee93cda24996f05d110932ada60d32
JioFi 4G M2S 1.0.2 Cross Site Scripting
Posted Apr 25, 2019
Authored by Vikas Chaudhary

JioFi 4G M2S version 1.0.2 suffers from cross site scripting and html injection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-7438
SHA-256 | a76563a625e94df0efd3181bfd88a48c5d42ad331df04f77b53be95efc39a591
Backup Key Recovery 2.2.4 Denial Of Service
Posted Apr 25, 2019
Authored by Victor Mondragon

Backup Key Recovery version 2.2.4 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | fda5aaec9e849b7ef551fa6227f43b87a963b19943f7a75d681f96e9b8db2be9
HeidiSQL Portable 10.1.0.5464 Denial Of Service
Posted Apr 25, 2019
Authored by Victor Mondragon

HeidiSQL Portable version 10.1.0.5464 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | fde7b9d442a468d221f6586a17c488a893198703baa9d9cfc49c3e636abd98f0
AnMing MP3 CD Burner 2.0 Denial Of Service
Posted Apr 25, 2019
Authored by Achilles

AnMing MP3 CD Burner version 2.0 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 78466ee8b720a5ba53c6f0f8d1341df659ae685fbd0dc8043428a21c726da7c8
TestSSL 3.0rc5
Posted Apr 25, 2019
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This is the fifth release candidate of testssl.sh 3.0 to reflect changes. All distributors and others who use it also for production-like environment are encouraged to switch to this branch as 2.9.5 will not be supported anymore once 3.0 has been released.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 6118f08b88c0075f39820296f0d76889165dd67e64dbfdfd1104d6d122a938c9
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close