exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-05-24

CA Risk / Strong Authentication Privilege Escalation
Posted May 24, 2019
Authored by Kevin Kotas, Rohit Yadav | Site www3.ca.com

The Support team for CA Technologies, A Broadcom Company, is alerting customers to multiple potential risks with CA Risk Authentication and CA Strong Authentication. Multiple vulnerabilities exist that can allow a remote attacker to gain additional access in certain configurations or possibly gain sensitive information. CA published solutions to address the vulnerabilities and recommends that all affected customers implement these solutions immediately. The first vulnerability occurs due to insufficient verification of custom privileges. A malicious actor, who has access to an account with customized and limited privileges may, in some cases, access resources and act outside of assigned privileges. This exposure does not affect installations where accounts do not have custom privileges. The second vulnerability may enable a malicious actor to conduct UI redress attacks to gain sensitive information in some cases. Affected includes CA Risk Authentication versions 9.0, 8.x, and 3.1 as well as CA Strong Authentication versions 9.0, 8.x, and 7.1.

tags | advisory, remote, vulnerability
advisories | CVE-2019-7393, CVE-2019-7394
MD5 | dc72c5d18d2de0cb1c02108de4b57bb5
Debian Security Advisory 4451-1
Posted May 24, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4451-1 - Thunderbird vulnerabilities may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 59a609958def5924c2510dc7835f61d8
Debian Security Advisory 4450-1
Posted May 24, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4450-1 - A vulnerability was found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point).

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2019-11555
MD5 | 051eea8b1d736e59dcbab7e558126721
Cyberoam Transparent Authentication Suite 2.1.2.5 NetBIOS Name / FQDN DoS
Posted May 24, 2019
Authored by Victor Mondragon

Cyberoam Transparent Authentication Suite version 2.1.2.5 Fully Qualified Domain Name and NetBIOS Name proof of concept denial of service exploits.

tags | exploit, denial of service, proof of concept
MD5 | 406e1b9e3e42f78695b5d0d18723294e
Oracle Application Testing Suite WebLogic Server Administration Console War Deployment
Posted May 24, 2019
Authored by mr_me, sinn3r | Site metasploit.com

This Metasploit module abuses a feature in WebLogic Server's Administration Console to install a malicious Java application in order to gain remote code execution. Authentication is required, however by default, Oracle ships with a "oats" account that you could log in with, which grants you administrator access.

tags | exploit, java, remote, code execution
advisories | CVE-2007-2699
MD5 | 9a7a35420a7e1068748a47c0e1281e01
Cyberoam SSLVPN Client 1.3.1.30 Connect To Server / HTTP Proxy Denial Of Service
Posted May 24, 2019
Authored by Victor Mondragon

Cyberoam SSLVPN Client version 1.3.1.30 Connect To Server and HTTP Proxy proof of concept denial of service exploits.

tags | exploit, web, denial of service, proof of concept
MD5 | 58792727a37ee5f583bba7e302d5a4ac
CMS Made Simple 2.2.10 Cross Site Scripting
Posted May 24, 2019
Authored by Manuel Garcia Cardenas

CMS Made Simple version 2.2.10 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-11226
MD5 | 67544830735cd3b80f4bcc531cb9688c
Debian Security Advisory 4452-1
Posted May 24, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4452-1 - Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code.

tags | advisory, java, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2019-12086
MD5 | 78383c177773161d5c52cb51063d681c
Microsoft Internet Explorer Windows 10 1809 17763.316 Memory Corruption
Posted May 24, 2019
Authored by Simon Zuckerbraun

Microsoft Internet Explorer Windows 10 1809 17763.316 scripting engine memory corruption exploit.

tags | exploit
systems | windows
advisories | CVE-2019-0752
MD5 | c9397c14195bc3f85cf0bc8c751e4a75
Web Application Firewall Bypass Methods
Posted May 24, 2019
Authored by Samet ARATOGLU

Whitepaper called Web Application Firewall Bypass Methods. Written In Turkish.

tags | paper, web, bypass
MD5 | 3d35d818f88542e7fe364c214be492bb
Cyberoam General Authentication Client 2.1.2.7 Server Address Denial Of Service
Posted May 24, 2019
Authored by Victor Mondragon

Cyberoam General Authentication Client version 2.1.2.7 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 25fb3135d2b03bfe127615a267f294be
Fast AVI MPEG Joiner 1.2.0812 License Name Denial Of Service
Posted May 24, 2019
Authored by Achilles

Fast AVI MPEG Joiner version 1.2.0812 License Name proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
MD5 | 2faf3b46f2c524d909685620bc2709e4
Ubuntu Security Notice USN-3957-2
Posted May 24, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3957-2 - USN-3957-1 fixed multiple vulnerabilities in MySQL. This update addresses some of them in MariaDB 5.5. Ubuntu 14.04 LTS has been updated to MariaDB 5.5.64. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-2614
MD5 | 17da07aaa56c5758fca25b67cfad8dee
Microsoft Windows Installer Race Condition
Posted May 24, 2019
Authored by SandboxEscaper

Microsoft Windows installer suffers from a race condition that can allow for privilege escalation.

tags | exploit
systems | windows
MD5 | 9a503f8035f1c995cef77978e81633e9
Penetration Testing Steps And Tools
Posted May 24, 2019
Authored by Yusa BAS

Whitepaper called Penetration Testing Steps and Tools. Written In Turkish.

tags | paper
MD5 | 4d97bb9bf96b21e872162c6c1a230690
Pidgin 2.13.0 Denial Of Service
Posted May 24, 2019
Authored by Alejandra Sanchez

Pidgin version 2.13.0 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 28207d4cc0edd814d45b493ac9e546cd
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    6 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close