what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

Files Date: 2019-06-17

Red Hat Security Advisory 2019-1483-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1483-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2018-1000004, CVE-2018-7566, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
MD5 | 53b9818bb1e288f064583d003e11f5f2
Red Hat Security Advisory 2019-1482-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1482-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
MD5 | 9b1e7306fc16ff68908373eda7c85501
Red Hat Security Advisory 2019-1481-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1481-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
MD5 | f456c156d69955016e6c78d40b258445
Red Hat Security Advisory 2019-1488-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1488-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-3896
MD5 | 33a8de1c2c07101ed37414e7309d6bb8
Red Hat Security Advisory 2019-1479-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1479-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-9213
MD5 | 92a05bc02b91281c82d63163de2e4327
Debian Security Advisory 4464-1
Posted Jun 17, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4464-1 - Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2019-11703, CVE-2019-11704, CVE-2019-11705, CVE-2019-11706
MD5 | bd7c71ca7bb27b5c0fbe7260ac8e8038
Ubuntu Security Notice USN-3991-3
Posted Jun 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3991-3 - USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11695, CVE-2019-11697, CVE-2019-11698, CVE-2019-7317, CVE-2019-9816, CVE-2019-9820
MD5 | 8c5b15a8d0783dd7f81983d70f7b5a54
Exim 4.91 Local Privilege Escalation
Posted Jun 17, 2019
Authored by Marco Ivaldi

Exim versions 4.87 through 4.91 suffer from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2019-10149
MD5 | 1d5aa0f1d059b2ed175b1fa8c14d897f
Red Hat Security Advisory 2019-1492-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1492-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A connection rate limiting control vulnerability has been addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-5743
MD5 | 564547564a1f5a751b278132091f7c4f
Netperf 2.6.0 Buffer Overflow
Posted Jun 17, 2019
Authored by Juan Sacco

Netperf version 2.6.0 suffers from a stack-based buffer overflow.

tags | exploit, overflow
MD5 | 0ef5dc2f9b7f60ca2b8b2d08ffec6dec
Red Hat Security Advisory 2019-1477-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1477-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 75.0.3770.80. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-5828, CVE-2019-5829, CVE-2019-5830, CVE-2019-5831, CVE-2019-5832, CVE-2019-5833, CVE-2019-5835, CVE-2019-5836, CVE-2019-5837, CVE-2019-5838, CVE-2019-5839, CVE-2019-5840
MD5 | 955cef763d36fe029e2392fdfe6bf897
AROX School-ERP Pro Unauthenticated Remote Code Execution
Posted Jun 17, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module exploits a command execution vulnerability in AROX School-ERP. "import_stud.php" and "upload_fille.php" do not have session control. Session start/check functions in Line 8,9,10 are disabled with slashes. Therefore an unauthenticated user can execute the command on the system.

tags | exploit, php
MD5 | 535708ae0f4586c8a0feda2390f4b619
Red Hat Security Advisory 2019-1476-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1476-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.207. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2019-7845
MD5 | 2fad0fc0bafdc1cf0aa25811f52737cf
HC10 HC.Server Service 10.14 Remote Invalid Pointer Write
Posted Jun 17, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS if attackers can reach the service on port 8794. In addition this can potentially be leveraged for post exploit persistence with SYSTEM privileges, if physical access or malware is involved. If a physical attacker or malware can set its own program for the service failure recovery options, it can be used to maintain persistence. Afterwards, it can be triggered by sending a malicious request to DoS the service, which in turn can start the attackers recovery program. The attackers program can then try restarting the affected service to try an stay unnoticed by calling "sc start HCServerService". Services failure flag recovery options for "enabling actions for stops or errors" and can be set in the services "Recovery" properties tab or on the command line. Authentication is not required to reach the vulnerable service, this was tested successfully on Windows 7/10.

tags | exploit
systems | windows, 7
advisories | CVE-2019-12323
MD5 | d00190d41a9f1c0ea2c4f92ee9779c0d
Microsoft Word (2016) Deceptive File Reference
Posted Jun 17, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

When a Microsoft Word ".docx" File contains a hyperlink to another file, it will run the first file it finds in that directory with a valid extension. But will present to the end user an extension-less file in its Security warning dialog box without showing the extension type. If another "empty" file of the same name as the target executable exists but has no file extension. Because the extension is suppressed it makes the file seem harmless and the file can be masked to appear as just a folder etc. This can potentially trick user into running unexpected code, but will only work when you have an additional file of same name with NO extension on it.

tags | exploit
MD5 | c758f8435e2134b135cb043389ffe683
Debian Security Advisory 4463-1
Posted Jun 17, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4463-1 - Two vulnerabilities were discovered in the ZNC IRC bouncer which could result in remote code execution (CVE-2019-12816) or denial of service via invalid encoding (CVE-2019-9917).

tags | advisory, remote, denial of service, vulnerability, code execution
systems | linux, debian
advisories | CVE-2019-12816, CVE-2019-9917
MD5 | cdce5eea36ea51910b5234a62d1b5d32
Spring Security OAuth 2.3 Open Redirection
Posted Jun 17, 2019
Authored by Riemann

Spring Security OAuth versions 2.3 prior to 2.3.6 suffer from open redirection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-11269, CVE-2019-3778
MD5 | 207d8bee0a7210e34841de4f76aaa4d1
Microsoft Windows UAC Protection Bypass
Posted Jun 17, 2019
Authored by gushmazuko

This script is a proof of concept to bypass the Microsoft Windows User Access Control (UAC) via SluiFileHandlerHijackLPE.

tags | exploit, proof of concept, bypass
systems | windows
MD5 | 76887c2ea927367c717be6c7a61a4c47
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close