exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-05-24

CA Risk / Strong Authentication Privilege Escalation
Posted May 24, 2019
Authored by Kevin Kotas, Rohit Yadav | Site www3.ca.com

The Support team for CA Technologies, A Broadcom Company, is alerting customers to multiple potential risks with CA Risk Authentication and CA Strong Authentication. Multiple vulnerabilities exist that can allow a remote attacker to gain additional access in certain configurations or possibly gain sensitive information. CA published solutions to address the vulnerabilities and recommends that all affected customers implement these solutions immediately. The first vulnerability occurs due to insufficient verification of custom privileges. A malicious actor, who has access to an account with customized and limited privileges may, in some cases, access resources and act outside of assigned privileges. This exposure does not affect installations where accounts do not have custom privileges. The second vulnerability may enable a malicious actor to conduct UI redress attacks to gain sensitive information in some cases. Affected includes CA Risk Authentication versions 9.0, 8.x, and 3.1 as well as CA Strong Authentication versions 9.0, 8.x, and 7.1.

tags | advisory, remote, vulnerability
advisories | CVE-2019-7393, CVE-2019-7394
SHA-256 | ef42b4a17a8b60fc53d7e5c399e58653c06578f01ab6db7ea9f0569b72b8882d
Debian Security Advisory 4451-1
Posted May 24, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4451-1 - Thunderbird vulnerabilities may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | 7c0997408a516b38bd2ff33efdab9ee1a2b6e4d2bfe479bcfc717d4f571b3aa2
Debian Security Advisory 4450-1
Posted May 24, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4450-1 - A vulnerability was found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point).

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2019-11555
SHA-256 | b9708563769297f2f8615d14579d54d20eb6303fdc77c3ffcafdb8c17466dfb6
Cyberoam Transparent Authentication Suite 2.1.2.5 NetBIOS Name / FQDN DoS
Posted May 24, 2019
Authored by Victor Mondragon

Cyberoam Transparent Authentication Suite version 2.1.2.5 Fully Qualified Domain Name and NetBIOS Name proof of concept denial of service exploits.

tags | exploit, denial of service, proof of concept
SHA-256 | e85b1896f7ee0fbcaefed884392a6b1338e4242ffba88de09aef0f3dcadd07f2
Oracle Application Testing Suite WebLogic Server Administration Console War Deployment
Posted May 24, 2019
Authored by mr_me, sinn3r | Site metasploit.com

This Metasploit module abuses a feature in WebLogic Server's Administration Console to install a malicious Java application in order to gain remote code execution. Authentication is required, however by default, Oracle ships with a "oats" account that you could log in with, which grants you administrator access.

tags | exploit, java, remote, code execution
advisories | CVE-2007-2699
SHA-256 | d2ce49b369029d9ba6fa03bf3c938f41ab106d33a06609e2f00de1eb12b975c8
Cyberoam SSLVPN Client 1.3.1.30 Connect To Server / HTTP Proxy Denial Of Service
Posted May 24, 2019
Authored by Victor Mondragon

Cyberoam SSLVPN Client version 1.3.1.30 Connect To Server and HTTP Proxy proof of concept denial of service exploits.

tags | exploit, web, denial of service, proof of concept
SHA-256 | 10fbba0972f675beabed4bc6c7b9fa2fc4019879caef30f05995225cb5176369
CMS Made Simple 2.2.10 Cross Site Scripting
Posted May 24, 2019
Authored by Manuel Garcia Cardenas

CMS Made Simple version 2.2.10 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-11226
SHA-256 | ab2bb4ee4397e607d687ba9dbfeb8d2bbe0759bf552f9eef576d986e406dafb4
Debian Security Advisory 4452-1
Posted May 24, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4452-1 - Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code.

tags | advisory, java, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2019-12086
SHA-256 | 8095674dd1045dcb3b6e8830df6c5e14a3e757092613ec37d2e027cf70e3e072
Microsoft Internet Explorer Windows 10 1809 17763.316 Memory Corruption
Posted May 24, 2019
Authored by Simon Zuckerbraun

Microsoft Internet Explorer Windows 10 1809 17763.316 scripting engine memory corruption exploit.

tags | exploit
systems | windows
advisories | CVE-2019-0752
SHA-256 | 7d2015c3ac3c61fefec434f05b388f4ccd27c5327a0537ee0a13305ce2eda40c
Web Application Firewall Bypass Methods
Posted May 24, 2019
Authored by Samet ARATOGLU

Whitepaper called Web Application Firewall Bypass Methods. Written In Turkish.

tags | paper, web, bypass
SHA-256 | de3d6eb771b386a81807a989fe41fcd824480b3c78ac572e1d065e0f3b1e087a
Cyberoam General Authentication Client 2.1.2.7 Server Address Denial Of Service
Posted May 24, 2019
Authored by Victor Mondragon

Cyberoam General Authentication Client version 2.1.2.7 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 009f670f54b88215db3581aa256585fd014a51127143104c3fc870131e73e062
Fast AVI MPEG Joiner 1.2.0812 License Name Denial Of Service
Posted May 24, 2019
Authored by Achilles

Fast AVI MPEG Joiner version 1.2.0812 License Name proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 18f81e70c998f3fe8d097c86b9a0adbccbf4384e7908865dc2aa79a8822b2531
Ubuntu Security Notice USN-3957-2
Posted May 24, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3957-2 - USN-3957-1 fixed multiple vulnerabilities in MySQL. This update addresses some of them in MariaDB 5.5. Ubuntu 14.04 LTS has been updated to MariaDB 5.5.64. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-2614
SHA-256 | b0d0f2df5e341ab74394d08bdbd1096db37d3d0d16e4dbf587b5b663e8645b76
Microsoft Windows Installer Race Condition
Posted May 24, 2019
Authored by SandboxEscaper

Microsoft Windows installer suffers from a race condition that can allow for privilege escalation.

tags | exploit
systems | windows
SHA-256 | e5943fac225d4d55b0fa4d7a1e4b21e8a597a5aa436c053cea39b3a02de897f9
Penetration Testing Steps And Tools
Posted May 24, 2019
Authored by Yusa BAS

Whitepaper called Penetration Testing Steps and Tools. Written In Turkish.

tags | paper
SHA-256 | 789ecc5a958af9486d5d831fa003b63f12d584366542b0127215d7a135d6af23
Pidgin 2.13.0 Denial Of Service
Posted May 24, 2019
Authored by Alejandra Sanchez

Pidgin version 2.13.0 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | dbed3b7cdf9c51d8959568e09d67a7eb7e08fd52ceb6d262662bccfb08103b9a
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close