exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-05-08

Ubuntu Security Notice USN-3971-1
Posted May 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3971-1 - Zack Flack discovered that Monit incorrectly handled certain input. A remote authenticated user could exploit this to conduct cross-site scripting attacks. Zack Flack discovered a buffer overread when Monit decoded certain crafted URLs. An attacker could exploit this to leak potentially sensitive information.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2019-11454, CVE-2019-11455
MD5 | 25bc6068240a7a33fc720eea12719aac
Linux/x86 execve /bin/sh Shellcode
Posted May 8, 2019
Authored by Rajvardhan

20 bytes small Linux/x86 execve /bin/sh shellcode.

tags | x86, shellcode
systems | linux
MD5 | 9f821fa395a37bf2d7f2fd8fd818780b
Lotus Domino 8.5.3 EXAMINE Stack Buffer Overflow
Posted May 8, 2019
Authored by Charles Truscott

Lotus Domino version 8.5.3 EXAMINE stack buffer overflow exploit with DEP and ASLR bypass. This is a working version of the NSA's EMPHASISMINE exploit.

tags | exploit, overflow
advisories | CVE-2017-1274
MD5 | c0e453d5b26fe384cfc86e013540b035
Chrome 72.0.3626.119 FileReader Use-After-Free
Posted May 8, 2019
Authored by Clement LECIGNE, timwr, Istvan Kurucsai | Site metasploit.com

This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling ArrayBuffer reference can be used to access the sprayed objects, allowing arbitrary memory access from Javascript. This is used to write and execute shellcode in a WebAssembly object. The shellcode is executed within the Chrome sandbox, so you must explicitly disable the sandbox for the payload to be successful.

tags | exploit, arbitrary, x86, javascript, shellcode
systems | windows, 7
advisories | CVE-2019-5786
MD5 | 1845174659a656cb293c5dd2f17fe75c
D-Link DWL-2600AP Upgrade Firmware Command Injection
Posted May 8, 2019
Authored by Raki Ben Hamouda

D-Link DWL-2600AP suffers from an authentication OS command injection vulnerability via the upgrade firmware functionality.

tags | exploit
MD5 | 71af962aec1ca96662e5b78ad03b1d51
D-Link DWL-2600AP Save Configuration Command Injection
Posted May 8, 2019
Authored by Raki Ben Hamouda

D-Link DWL-2600AP suffers from an authentication OS command injection vulnerability via the save configuration functionality.

tags | exploit
MD5 | 2cb59e36f03de039d08749b7bea1b0ca
Red Hat Security Advisory 2019-1116-01
Posted May 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1116-01 - OVMF is an EDK II based project to enable UEFI support for Virtual Machines. The ovmf package contains a sample 64-bit UEFI firmware for QEMU and KVM, including the edk2 package. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-12180
MD5 | f1f16ef3f53f8f6e9c9887570eb1aa1e
Ubuntu Security Notice USN-3970-1
Posted May 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3970-1 - It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-3839
MD5 | 6e7c6d9ad147ce1293a687014f0450e9
Red Hat Security Advisory 2019-1046-01
Posted May 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1046-01 - The rhvm-setup-plugins package adds functionality exclusive only to Red Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase and other support material. Issues addressed relate to a speculative execution vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | 3498eb7128aac8bbc985020e39425329
Red Hat Security Advisory 2019-1107-01
Posted May 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1107-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Issues addressed include a deserialization vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14642, CVE-2018-14720, CVE-2018-14721, CVE-2019-3805, CVE-2019-3894
MD5 | 0cad5b955a0804067038f2d43725e6e9
Red Hat Security Advisory 2019-1108-01
Posted May 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1108-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Issues addressed include a deserialization vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14642, CVE-2018-14720, CVE-2018-14721, CVE-2019-3805, CVE-2019-3894
MD5 | c9d1b20bbec084f8d2e8b14195e31b31
Red Hat Security Advisory 2019-1106-01
Posted May 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1106-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Issues addressed include a deserialization vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14642, CVE-2018-14720, CVE-2018-14721, CVE-2019-3805, CVE-2019-3894
MD5 | 51fe82576e8da3c1c7d6b883259621c1
Debian Security Advisory 4438-1
Posted May 8, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4438-1 - Denis Andzakovic discovered two vulnerabilities in atftp, the advanced TFTP server which could result in denial of service by sending malformed packets.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2019-11365, CVE-2019-11366
MD5 | 9c579192f5347d328ccaff71a93b02ff
Extreme Sistemas CMS SQL Injection
Posted May 8, 2019
Authored by Felipe Andrian Peixoto

Extreme Sistemas CMS versions as of 2019/05/08 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a8507e89ac978c3224782a54ae5f92bd
WordPress Diarise 1.5.9 Local File Disclosure
Posted May 8, 2019
Authored by Felipe Andrian Peixoto

WordPress Diarise theme version 1.5.9 suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | 8abfa8df1669856199033c08fe7bdb07
MiniFtp parseconf_load_setting Buffer Overflow
Posted May 8, 2019
Authored by strider

MiniFtp suffers from a parseconf_load_setting buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 23fc717ab46700e4ed934a8528b888a6
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    12 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    16 Files
  • 22
    May 22nd
    3 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close