exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-06-14

OpenSCAP Libraries 1.3.1
Posted Jun 14, 2019
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Many new features include support for SCAP 1.3 Source Datastreams. Additionally, there were many maintenance and bug fix additions in this release.
tags | protocol, library
systems | unix
SHA-256 | 1c5caa1bc8f10c470cf03bf6818986185f51513b9775f6363260cb6e79038c2f
Dell EMC Avamar ADMe Web UI 1.0.50 / 1.0.51 Local File Inclusion
Posted Jun 14, 2019
Authored by Dell Product Security Incident Response Team, Ken Pyle | Site dellemc.com

Dell EMC Avamar ADMe Web Interface is affected by a local file inclusion vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application. Versions 1.0.50 and 1.0.51 are affected.

tags | advisory, web, arbitrary, local, file inclusion
advisories | CVE-2019-3737
SHA-256 | 7acfa0ed5a7472704419b66813b778ef436398a2db8ae457ca89f746c7f72462
Java Card Proof Of Concepts
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations has discovered multiple security vulnerabilities in the reference implementation of Java Card technology from Oracle used in financial, government, transportation and telecommunication sectors among others. As for the impact, the vulnerabilities found make it possible to break memory safety of the underlying Java Card VM. As a result, full access to smartcard memory could be achieved, applet firewall could be broken or native code execution could be gained. This archive contains the proof of concept code that demonstrates these vulnerabilities which were originally made public in March of 2019.

tags | exploit, java, vulnerability, code execution, proof of concept
SHA-256 | 22ac20b59483601b9077fb4862bb70d8f034648a969c478415328a8d85326aca
Gemalto Java Card SE-2019-01 Issue 34
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the second of two extensive reports sent to Gemalto by Security Explorations to document vulnerabilities found in Java Card. Issue 34 is documented in this report.

tags | advisory, java, vulnerability
SHA-256 | 67d6d552ce4c167529c7cd84de0d0be125a4bdc6728dcd0cc31fb219c9d4011d
Gemalto Java Card SE-2019-01 Issues 19 And 33
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the first of two extensive reports sent to Gemalto by Security Explorations to document vulnerabilities found in Java Card. Issues 19 and 33 are in this report.

tags | advisory, java, vulnerability
SHA-256 | 32aca3def4a46b63b9c8e018bba1b57b074ab1a278951e26deaa861e0b140b14
Oracle Java Card SE-2019-01 Issues 26-32
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the third of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 26 through 32 are in this report.

tags | advisory, java, vulnerability
SHA-256 | 8d2b759c1b5a470b8d80314d6c5b026ab6eb6c87410e6af99040f73abe993b0f
Oracle Java Card SE-2019-01 Issues 20-25
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the second of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 20 through 25 are in this report.

tags | advisory, java, vulnerability
SHA-256 | 223a793bc15195c628f17c4fc553a3c603a66dd2a1b8dff8b24e298ddc831464
Oracle Java Card SE-2019-01 Issues 1-18
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the first of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 1 through 18 are in this report.

tags | advisory, java, vulnerability
SHA-256 | 6c524db6b0b45d01b1e715bfb97219d0ab2f4adb4b4e678d3b24918baa34d69e
Thunderbird libical Type Confusion
Posted Jun 14, 2019
Authored by Luis Merino

A type confusion has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash the process or leak information from the client system via calendar replies. Proof of concept included.

tags | exploit, remote, proof of concept
advisories | CVE-2019-11706
SHA-256 | ef2673a39e913d07181596a62fd8c9246e3d5812f7d9b077e77524dc51376013
Thunderbird libical Stack Buffer Overflow
Posted Jun 14, 2019
Authored by Luis Merino

A stack-based buffer overflow has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash or gain remote code execution in the client system. Proof of concept included.

tags | exploit, remote, overflow, code execution, proof of concept
advisories | CVE-2019-11705
SHA-256 | 47c3eb61b29367d5a2946ff2994c08510a93a27c3f70aae7b73521d1c8fa4c8e
Thunderbird libical icalparser.c Heap Overflow
Posted Jun 14, 2019
Authored by Luis Merino

A heap-based buffer overflow has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash or gain remote code execution in the client system. Proof of concept included.

tags | exploit, remote, overflow, code execution
advisories | CVE-2019-11703
SHA-256 | fbc427324f7bbbd52b32d86534519facca35022c50ab621232e63a61a9d5146c
Thunderbird libical Heap Overflow
Posted Jun 14, 2019
Authored by Luis Merino

A heap-based buffer overflow has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash or gain remote code execution in the client system. Proof of concept included.

tags | exploit, remote, overflow, code execution, proof of concept
advisories | CVE-2019-11704
SHA-256 | 766c136bb2357c16dd4df02ef330217cd6ff8d8808169a3d9f9621d7f7750e6c
CentOS 7.6 ptrace_scope Privlege Escalation
Posted Jun 14, 2019
Authored by Marcelo Vazquez

CentOS version 7.6 ptrace_scope misconfiguration local privilege escalation exploit.

tags | exploit, local
systems | linux, centos
SHA-256 | 608a9d5a7538ce173fdb713a8da2de1c7c54e2161d857c0ae1d0aa7e4f2899b2
Aida64 6.00.5100 SEH Buffer Overflow
Posted Jun 14, 2019
Authored by Nipun Jaswal

Aida64 version 6.00.5100 Log to CSV File local SEH buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 3f4b985fea61b9424f304673befaac3359d984cf18c6e0424585cc37ef8ee11a
Active Directory Enumeration With PowerShell
Posted Jun 14, 2019
Authored by Haboob Team

Whitepaper called Active Directory Enumeration with PowerShell.

tags | paper
SHA-256 | fffbc506324136811bf2f295f04bd4158eff596137de87f5ffc17f656996a8e4
Tzumi Electronics Klic Lock Authentication Bypass
Posted Jun 14, 2019
Authored by Kerry Enfinger

Tzumi Electronics Klic Lock version 1.0.9 allows for attackers to access resources via capture-replay.

tags | exploit
advisories | CVE-2019-11334
SHA-256 | b6478676c8a8574cbdf280e94c872874e68933b7e95cca2138fa97fe2ee1d83d
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close