exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-06-14

OpenSCAP Libraries 1.3.1
Posted Jun 14, 2019
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Many new features include support for SCAP 1.3 Source Datastreams. Additionally, there were many maintenance and bug fix additions in this release.
tags | protocol, library
systems | unix
SHA-256 | 1c5caa1bc8f10c470cf03bf6818986185f51513b9775f6363260cb6e79038c2f
Dell EMC Avamar ADMe Web UI 1.0.50 / 1.0.51 Local File Inclusion
Posted Jun 14, 2019
Authored by Dell Product Security Incident Response Team, Ken Pyle | Site dellemc.com

Dell EMC Avamar ADMe Web Interface is affected by a local file inclusion vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application. Versions 1.0.50 and 1.0.51 are affected.

tags | advisory, web, arbitrary, local, file inclusion
advisories | CVE-2019-3737
SHA-256 | 7acfa0ed5a7472704419b66813b778ef436398a2db8ae457ca89f746c7f72462
Java Card Proof Of Concepts
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations has discovered multiple security vulnerabilities in the reference implementation of Java Card technology from Oracle used in financial, government, transportation and telecommunication sectors among others. As for the impact, the vulnerabilities found make it possible to break memory safety of the underlying Java Card VM. As a result, full access to smartcard memory could be achieved, applet firewall could be broken or native code execution could be gained. This archive contains the proof of concept code that demonstrates these vulnerabilities which were originally made public in March of 2019.

tags | exploit, java, vulnerability, code execution, proof of concept
SHA-256 | 22ac20b59483601b9077fb4862bb70d8f034648a969c478415328a8d85326aca
Gemalto Java Card SE-2019-01 Issue 34
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the second of two extensive reports sent to Gemalto by Security Explorations to document vulnerabilities found in Java Card. Issue 34 is documented in this report.

tags | advisory, java, vulnerability
SHA-256 | 67d6d552ce4c167529c7cd84de0d0be125a4bdc6728dcd0cc31fb219c9d4011d
Gemalto Java Card SE-2019-01 Issues 19 And 33
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the first of two extensive reports sent to Gemalto by Security Explorations to document vulnerabilities found in Java Card. Issues 19 and 33 are in this report.

tags | advisory, java, vulnerability
SHA-256 | 32aca3def4a46b63b9c8e018bba1b57b074ab1a278951e26deaa861e0b140b14
Oracle Java Card SE-2019-01 Issues 26-32
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the third of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 26 through 32 are in this report.

tags | advisory, java, vulnerability
SHA-256 | 8d2b759c1b5a470b8d80314d6c5b026ab6eb6c87410e6af99040f73abe993b0f
Oracle Java Card SE-2019-01 Issues 20-25
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the second of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 20 through 25 are in this report.

tags | advisory, java, vulnerability
SHA-256 | 223a793bc15195c628f17c4fc553a3c603a66dd2a1b8dff8b24e298ddc831464
Oracle Java Card SE-2019-01 Issues 1-18
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the first of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 1 through 18 are in this report.

tags | advisory, java, vulnerability
SHA-256 | 6c524db6b0b45d01b1e715bfb97219d0ab2f4adb4b4e678d3b24918baa34d69e
Thunderbird libical Type Confusion
Posted Jun 14, 2019
Authored by Luis Merino

A type confusion has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash the process or leak information from the client system via calendar replies. Proof of concept included.

tags | exploit, remote, proof of concept
advisories | CVE-2019-11706
SHA-256 | ef2673a39e913d07181596a62fd8c9246e3d5812f7d9b077e77524dc51376013
Thunderbird libical Stack Buffer Overflow
Posted Jun 14, 2019
Authored by Luis Merino

A stack-based buffer overflow has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash or gain remote code execution in the client system. Proof of concept included.

tags | exploit, remote, overflow, code execution, proof of concept
advisories | CVE-2019-11705
SHA-256 | 47c3eb61b29367d5a2946ff2994c08510a93a27c3f70aae7b73521d1c8fa4c8e
Thunderbird libical icalparser.c Heap Overflow
Posted Jun 14, 2019
Authored by Luis Merino

A heap-based buffer overflow has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash or gain remote code execution in the client system. Proof of concept included.

tags | exploit, remote, overflow, code execution
advisories | CVE-2019-11703
SHA-256 | fbc427324f7bbbd52b32d86534519facca35022c50ab621232e63a61a9d5146c
Thunderbird libical Heap Overflow
Posted Jun 14, 2019
Authored by Luis Merino

A heap-based buffer overflow has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash or gain remote code execution in the client system. Proof of concept included.

tags | exploit, remote, overflow, code execution, proof of concept
advisories | CVE-2019-11704
SHA-256 | 766c136bb2357c16dd4df02ef330217cd6ff8d8808169a3d9f9621d7f7750e6c
CentOS 7.6 ptrace_scope Privlege Escalation
Posted Jun 14, 2019
Authored by Marcelo Vazquez

CentOS version 7.6 ptrace_scope misconfiguration local privilege escalation exploit.

tags | exploit, local
systems | linux, centos
SHA-256 | 608a9d5a7538ce173fdb713a8da2de1c7c54e2161d857c0ae1d0aa7e4f2899b2
Aida64 6.00.5100 SEH Buffer Overflow
Posted Jun 14, 2019
Authored by Nipun Jaswal

Aida64 version 6.00.5100 Log to CSV File local SEH buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 3f4b985fea61b9424f304673befaac3359d984cf18c6e0424585cc37ef8ee11a
Active Directory Enumeration With PowerShell
Posted Jun 14, 2019
Authored by Haboob Team

Whitepaper called Active Directory Enumeration with PowerShell.

tags | paper
SHA-256 | fffbc506324136811bf2f295f04bd4158eff596137de87f5ffc17f656996a8e4
Tzumi Electronics Klic Lock Authentication Bypass
Posted Jun 14, 2019
Authored by Kerry Enfinger

Tzumi Electronics Klic Lock version 1.0.9 allows for attackers to access resources via capture-replay.

tags | exploit
advisories | CVE-2019-11334
SHA-256 | b6478676c8a8574cbdf280e94c872874e68933b7e95cca2138fa97fe2ee1d83d
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close