exploit the possibilities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2019-06-25

Nagios XI Magpie_debug.php Root Remote Code Execution
Posted Jun 25, 2019
Authored by Chris Lyne, Guillaume Andre | Site metasploit.com

This Metasploit module exploits two vulnerabilities in Nagios XI 5.5.6. One allows for unauthenticated remote code execution and another allows for local privilege escalation. When combined, these two vulnerabilities give us a root reverse shell.

tags | exploit, remote, shell, local, root, vulnerability, code execution
advisories | CVE-2018-15708, CVE-2018-15710
MD5 | 6f7a8dbb53ba27c5718670f3c77faad2
Red Hat Security Advisory 2019-1603-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1603-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-11707, CVE-2019-11708
MD5 | 675058a76a749a72fabad40729743214
Red Hat Security Advisory 2019-1604-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1604-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-11707, CVE-2019-11708
MD5 | b1a218a94df1e83bbc8cd4de433f9188
Red Hat Security Advisory 2019-1602-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1602-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
MD5 | cb1a4adb435d9854e70a042c08f9c786
Debian Security Advisory 4471-1
Posted Jun 25, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4471-1 - Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2019-11707, CVE-2019-11708
MD5 | 6f3730ce82e081cc510350dd42e43f3a
Ubuntu Security Notice USN-4035-1
Posted Jun 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4035-1 - It was discovered that Ceph incorrectly handled read only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 16.04 LTS. It was discovered that Ceph incorrectly handled certain OMAPs holding bucket indices. An authenticated attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-14662, CVE-2018-16846, CVE-2018-16889, CVE-2019-3821
MD5 | 7cee218e01e7123f9ea9422b17816e34
Ubuntu Security Notice USN-4036-1
Posted Jun 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4036-1 - Erik Olof Gunnar Andersson discovered that OpenStack Neutron incorrectly handled certain security group rules in the iptables firewall module. An authenticated attacker could possibly use this issue to block further application of security group rules for other instances.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-9735
MD5 | 1a3699e26e767771f485304e4867e5b7
Ubuntu Security Notice USN-4034-1
Posted Jun 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4034-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, the update for Ubuntu 18.10 and Ubuntu 19.04 includes a default policy change that disables support for the Postscript and PDF formats in ImageMagick. This policy can be overridden if necessary by using an alternate ImageMagick policy configuration. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-12805, CVE-2018-16323, CVE-2018-16645, CVE-2018-18023, CVE-2018-20467, CVE-2019-11470, CVE-2019-7175, CVE-2019-7398
MD5 | f885608b4eef03eae7ba46c46019bdce
Ubuntu Security Notice USN-4037-1
Posted Jun 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4037-1 - The policykit-desktop-privileges Startup Disk Creator policy allowed administrative users to overwrite disks. As a security improvement, this operation now requires authentication.

tags | advisory
systems | linux, ubuntu
MD5 | d3379d57966871c9366fc08f090a5d34
Red Hat Security Advisory 2019-1594-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1594-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
MD5 | 1774b94e55cc6f6aa7f8568ff2c9d10f
Ubuntu Security Notice USN-4033-1
Posted Jun 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4033-1 - It was discovered that a libmysofa component does not properly validate multiplications and additions, and may crash with some specific input.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-10672
MD5 | 0f5e615c40c1f32340ded7778d3781e5
BlogEngine.NET 3.3.6 / 3.3.7 path Directory Traversal
Posted Jun 25, 2019
Authored by Aaron Bishop

BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from a path directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | bfe95ac05c7d56a481cbc5285b597336
Fortinet FCM-MB40 Cross Site Request Forgery / Remote Command Execution
Posted Jun 25, 2019
Authored by XORcat

Fortinet FCM-MB40 suffers from remote command execution and cross site request forgery vulnerabilities.

tags | exploit, remote, vulnerability, csrf
MD5 | e2212fb8aa1889c54380a3225d5c91a7
WordPress Live Chat Unlimited 2.8.3 Cross Site Scripting
Posted Jun 25, 2019
Authored by m0ze

WordPress Live Chat Unlimited plugin version 2.8.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 62ba65da25843ad684aba7d739667462
WordPress iLive 1.0.4 Cross Site Scripting
Posted Jun 25, 2019
Authored by m0ze

WordPress iLive plugin version 1.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7ce96abf8000040264f7cd6dbb02cf67
SAPIDO RB-1732 Remote Command Execution
Posted Jun 25, 2019
Authored by k1nm3n.aotoi

SAPIDO RB-1732 version 2.0.43 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | f1e066083d4fcc8ee2e15b73f9aee20e
SuperDoctor5 NRPE Remote Code Execution
Posted Jun 25, 2019
Authored by Simon Gurney

SuperDoctor5 implemented a remote command execution plugin in their implementation of NRPE that can be leveraged without authentication.

tags | exploit, remote
MD5 | 009f379f5fec547c993a347c217db066
Spidermonkey IonMonkey Incorrect Prediction
Posted Jun 25, 2019
Authored by saelo, Google Security Research

Spidermonkey IonMonkey incorrectly predicts return type of Array.prototype.pop, leading to type confusion vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-11707
MD5 | b9cfb835c09f9ff2359a0ac43fb9d908
Buffer Overflows, C Programming, And More
Posted Jun 25, 2019
Authored by Ricky Sanders

This whitepaper discusses buffer overflows, C socket programming, NSA's GHIDRA, and much more.

tags | paper, overflow
MD5 | e3482cfa449fb9607ddac0208ae27d39
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close