exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-05-01

SQLMAP - Automatic SQL Injection Tool 1.3.5
Posted May 1, 2019
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: More drei updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 74831f827a84cea61a2a91abcb935f07
Ruby On Rails DoubleTap Development Mode secret_key_base Remote Code Execution
Posted May 1, 2019
Authored by sinn3r, mpgn, ooooooo_q | Site metasploit.com

This Metasploit module exploits a vulnerability in Ruby on Rails. In development mode, a Rails application would use its name as the secret_key_base, and can be easily extracted by visiting an invalid resource for a path. As a result, this allows a remote user to create and deliver a signed serialized payload, load it by the application, and gain remote code execution.

tags | exploit, remote, code execution, ruby
advisories | CVE-2019-5420
MD5 | af50d1f86ede2ddcb95a3900ee62a058
Ubuntu Security Notice USN-3962-1
Posted May 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3962-1 - It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-7317
MD5 | f4ed0cb626722f39697532c827906c34
Winamp 5.12 Playlist (.pls) Buffer Overflow
Posted May 1, 2019
Authored by Daniele Votta

Winamp version 5.12 playlist (.pls) buffer overflow exploit with ASLR + EGGHUNT + REV_SHELL. Written in Python.

tags | exploit, overflow, python
MD5 | b4f68883190d67e734981e318f21c348
Johnny You Are Fired
Posted May 1, 2019
Authored by Juraj Somorovsky, Jorg Schwenk, Sebastian Schinzel, Damian Poddebniak, Hanno Bock, Jens Muller, Marcus Brinkmann

This archive contains proof of concepts and a whitepaper that describes multiple email client implementations where popular clients for email are vulnerable to signature spoofing attacks.

tags | exploit, paper, spoof, proof of concept
advisories | CVE-2017-17848, CVE-2018-12019, CVE-2018-12020, CVE-2018-12356, CVE-2018-12556, CVE-2018-15586, CVE-2018-15587, CVE-2018-15588, CVE-2018-18509, CVE-2019-8338
MD5 | d247e4ccd9f597d40309c5f5e797a348
Red Hat Security Advisory 2019-0935-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0935-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include an incorrect validation of port settings.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10876, CVE-2019-9735
MD5 | c5651c0df9d69453e31420b87bafcbd8
Ubuntu Security Notice USN-3961-1
Posted May 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3961-1 - It was discovered that the Dovecot Submission login service incorrectly handled certain operations. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-11494
MD5 | 7383cd3cc90d5fe74db56ff1543d23d0
Red Hat Security Advisory 2019-0919-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0919-01 - OpenStack Telemetry collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents for data collection. This data is stored in a database and presented via the REST API. Issues include a sensitive data disclosure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3830
MD5 | f3a36ab164638f737c0005f2f32c77d9
CentOS Web Panel Domain Field Cross Site Scripting
Posted May 1, 2019
Authored by DKM

CentOS Web Panel versions 0.9.8.793 (Free), 0.9.8.753 (Pro), and 0.9.8.807 (Pro) suffer from a domain field (Add DNS Zone) cross site scripting vulnerability.

tags | exploit, web, xss
systems | linux, centos
advisories | CVE-2019-11429
MD5 | be5c79be3a331f5a1d0193ab501c129f
phpBB 3.2.5 Denial Of Service
Posted May 1, 2019
Authored by Colin Snover

phpBB versions 3.2.5 and below suffer from a native full text denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2019-9826
MD5 | c5811b9abc0a93f3730a4f0ec740ca6c
OpenSkos Simple Knowledge Organization System 2.0 File Disclosure
Posted May 1, 2019
Authored by KingSkrupellos

OpenSkos Simple Knowledge Organization System version 2.0 suffers from a database configuration file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 52772e6113f454175b227690bf6e9b77
Red Hat Security Advisory 2019-0916-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0916-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include an invalid port setting validation.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9735
MD5 | e7a6bc482b4be832168ad48f3ace886b
Sentrifugo Human Resource Management System 3.2 File Disclosure
Posted May 1, 2019
Authored by KingSkrupellos

Sentrifugo Human Resource Management System version 3.2 suffers from a database configuration file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 0a345463685c9efdf1b45a291f01772d
MailCarrier 2.51 HELP Remote Buffer Overflow
Posted May 1, 2019
Authored by Vinaykumar Yennam, Dheepshika Raghunathan

MailCarrier version 2.51 HELP remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | 0379cc827183c591a378940d279e9584
Red Hat Security Advisory 2019-0917-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0917-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fibre Channel, iSCSI, and NFS mounts attached to Compute nodes. Issues addressed include a data retention issue post deletion.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2017-15139
MD5 | 5142f017c19ecf1c4c99522e0bc2030c
Red Hat Security Advisory 2019-0911-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0911-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-19039
MD5 | 444899664506442d78eac488fe8d1d45
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    6 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close