what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

Files Date: 2019-04-30

Yum Package Manager Persistence
Posted Apr 30, 2019
Authored by Aaron Ringo | Site metasploit.com

This Metasploit module will run a payload when the package manager is used. No handler is run automatically so you must configure an appropriate exploit/multi/handler to connect. Module modifies a yum plugin to launch a binary of choice. grep -F 'enabled=1' /etc/yum/pluginconf.d/ will show what plugins are currently enabled on the system.

tags | exploit
SHA-256 | 9ad4ebf5274d32a4ec5669f7650369e77279b0e58aed7f270adb6811aa5ef260
Suricata IDPE 4.1.4
Posted Apr 30, 2019
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Ten bug fixes relating to overflows, panics, and more.
tags | tool, intrusion detection
systems | unix
SHA-256 | 2da50d91f92adf8b1af930f388361f76424420b88f553f610e2780e4240f2009
ifchk 1.1.1
Posted Apr 30, 2019
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Fixed a bug whereby a printf(3) format specifier did not have a corresponding argument (ifchk.c:521).
tags | tool
systems | unix
SHA-256 | d47ce9415527099c24ec20155c09bc95f6b268293fd545bd5c6eb0d8a30e975a
Red Hat Security Advisory 2019-0910-01
Posted Apr 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0910-01 - This release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse 7.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a deserialization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-0112, CVE-2017-7525, CVE-2017-7657
SHA-256 | 05dca764a934db5626dabfbc55d7cc06a8facaf44f0a09956efa3c45a18c1a26
Spring Cloud Config 2.1.x Path Traversal
Posted Apr 30, 2019
Authored by Dhiraj Mishra | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability which exists in Spring Cloud Config versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6. Spring Cloud Config listens by default on port 8888.

tags | exploit, file inclusion
advisories | CVE-2019-3799
SHA-256 | 39f19c1a165c51512a1ca99f92c17456b0d2f8470dbf6c008d92f912f1f1c01c
Apache Archiva 2.2.3 File Write / Delete
Posted Apr 30, 2019
Authored by Martin S

Apache Archiva versions 2.0.0 through 2.2.3 suffer from arbitrary file write and delete vulnerabilities.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2019-0214
SHA-256 | b8dcaeba46cd142605678810a1d0b6c2dc035a30e2018fe9649c17695c0a0b12
HumHub 1.3.12 Cross Site Scripting
Posted Apr 30, 2019
Authored by Kagan Eglence

HumHub version 1.3.12 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-11564
SHA-256 | 833a078f74bc411708c3495ba863cad28419973cc7f3626a83783ba163375047
Intelbras IWR 3000N 1.5.0 Cross Site Request Forgery
Posted Apr 30, 2019
Authored by Social Engineering Neo

Intelbras IWR 3000N version 1.5.0 proof of concept cross site request forgery exploit.

tags | exploit, proof of concept, csrf
advisories | CVE-2019-11416
SHA-256 | cf7ff25f03a131cf316c68a456b3d754f7ace15951e5f16103e4b453f998461b
Apache Archiva 2.2.3 Cross Site Scripting
Posted Apr 30, 2019
Authored by Martin S

Apache Archiva versions 2.0.0 through 2.2.3 suffer from a persistent cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2019-0213
SHA-256 | dcd6152ced13abecbc177d100e88e12766627dc4e3c81c5b7a982d5a7b43b20d
Intelbras IWR 3000N Denial Of Service
Posted Apr 30, 2019
Authored by Social Engineering Neo

Intelbras IWR 3000N proof of concept denial of service exploit that triggers a remote reboot.

tags | exploit, remote, denial of service, proof of concept
advisories | CVE-2019-11415
SHA-256 | 99dce382b8fdd144eab93a9768bfc2d33e27b1f398b46695f88cc3404f997809
Ubuntu Security Notice USN-3960-1
Posted Apr 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3960-1 - It was discovered that WavPack incorrectly handled certain DFF files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-11498
SHA-256 | e5c36b8236e5dcac5f3e631829a426222f458001fa01af8cacd7e1b7017756d3
Domoticz 4.10577 Unauthenticated Remote Command Execution
Posted Apr 30, 2019
Authored by Fabio Carretto

Domoticz versions 4.10577 and below suffer from an unauthenticated remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2019-10664, CVE-2019-10678
SHA-256 | 9179905040e0065103a3e0fea2732062a8d71d1efcdc16a1187881a7648b8496
Veeam ONE Reporter 9.5.0.3201 Cross Site Scripting
Posted Apr 30, 2019
Authored by Seyed Sadegh Khatami

Veeam ONE Reporter version 9.5.0.3201 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f0325caeea7dbc072644dabcd22ddf217b800b7ca72a2a213022df33830844cd
Veeam ONE Reporter 9.5.0.3201 Cross Site Request Forgery
Posted Apr 30, 2019
Authored by Seyed Sadegh Khatami

Veeam ONE Reporter version 9.5.0.3201 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2019-11569
SHA-256 | 7935f970ef5b73c6b987406afcc2e78937136d079446ccf0a9a736f8bc769a00
Netgear DGN2200 / DGND3700 Admin Password Disclosure
Posted Apr 30, 2019
Authored by Social Engineering Neo

Netgear DGN2200 and DGND3700 proof of concept administrative password disclosure exploit.

tags | exploit, proof of concept, info disclosure
advisories | CVE-2016-5649
SHA-256 | 1ebbdd1c92e2e6c2d3be1f0ae4caf46fd96ca67370be6b729b67f566fd178d82
Freefloat FTP Server 1.0 STOR Buffer Overflow
Posted Apr 30, 2019
Authored by Kevin Randall

Freefloat FTP Server version 1.0 suffers from a STOR remote buffer overflow vulnerability.

tags | exploit, remote, overflow
SHA-256 | 5ace81317af651efd44942f8b4bda80940a213f47e4a743b250a8d4ae5cfb76f
Freefloat FTP Server 1.0 SIZE Buffer Overflow
Posted Apr 30, 2019
Authored by Kevin Randall

Freefloat FTP Server version 1.0 suffers from a SIZE remote buffer overflow vulnerability.

tags | exploit, remote, overflow
SHA-256 | 583fd9120564a7a4274686a33c4957d70e7f4225537eb7b6cd60ae7f8a6491b4
Jumping Firewall With Tunneling Techniques
Posted Apr 30, 2019
Authored by Muhammet Ates

This is a whitepaper that discusses bypassing a firewall using tunneling techniques. Written in Turkish.

tags | paper
SHA-256 | c7b022d8f98bd3ad2bc62318bb20cac8cf163c3c7c88fb40ba138d97d7c4b302
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close