exploit the possibilities
Showing 1 - 25 of 34 RSS Feed

Files Date: 2019-07-01

Ubuntu Security Notice USN-4043-1
Posted Jul 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4043-1 - It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10 and Ubuntu 19.04. Gavin Wahl discovered that Django incorrectly handled certain requests. An attacker could possibly use this issue to bypass credentials and access administrator interface. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12308, CVE-2019-12781
MD5 | 3b58ae2a9b23303c40ec471be0dc8c37
Packet Storm New Exploits For June, 2019
Posted Jul 1, 2019
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 110 exploits added to Packet Storm in June, 2019.

tags | exploit
MD5 | 814046a976fc33c4eac645f3a9351d88
FaceSentry Access Control System 6.4.8 Cleartext Password Storage
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 credentials used for accessing the web front end are stored unencrypted on the device in /faceGuard/database/FaceSentryWeb.sqlite.

tags | exploit, web
MD5 | 2280176abe89766f9a58ac9b23978977
REDDOXX Appliance Information Disclosure
Posted Jul 1, 2019
Site redteam-pentesting.de

REDDOXX Appliance versions 2032-SP2 up to hotfix 51 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | bceab1f0503b67a6767f8ab9104ece99
SQLMAP - Automatic SQL Injection Tool 1.3.7
Posted Jul 1, 2019
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | cd65484226ad4921628244949633a2ec
FaceSentry Access Control System 6.4.8 Authentication Credential Disclosure
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 suffers from a cleartext transmission of sensitive information. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.

tags | exploit, remote, web
MD5 | f08f9cdccfb33e4587804f10becb1fc0
GRR 3.3.0.3
Posted Jul 1, 2019
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: This is a minor bugfix release.
tags | tool, remote, web, forensics
systems | unix
MD5 | c63d802fdfd06512941f8bfa68a34089
Botan C++ Crypto Algorithms Library 2.11.0
Posted Jul 1, 2019
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Added Argon2 PBKDF/password hash. Added Bcrypt-PBKDF password hash. Added a libsodium compat layer in sodium.h. Various other updates.
tags | library
systems | unix
MD5 | fb6cdbd40e8cb020aaa0296eef5ba1fe
SquirrelMail 1.4.22 Cross Site Scripting
Posted Jul 1, 2019
Authored by Moritz Bechler

SquirrelMail version 1.4.22 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-12970
MD5 | 35d36e761a3e0e4a901673fe89e36bff
FaceSentry Access Control System 6.4.8 Reflected Cross Site Scripting
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 is vulnerable to multiple cross site scripting vulnerabilities. This issue is due to the application's failure to properly sanitize user-supplied input thru the 'msg' parameter (GET) in pluginInstall.php script. An attacker may leverage any of the cross-site scripting issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials, phishing, as well as other attacks.

tags | exploit, arbitrary, php, vulnerability, xss
MD5 | 4b4dab0df321f565a9ff46178b0c3e27
FaceSentry Access Control System 6.4.8 Remote SSH Root Access
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 facial biometric access control appliance ships with hard-coded and weak credentials for SSH access on port 23445 using the credentials wwwuser:123456. The root privilege escalation is done by abusing the insecure sudoers entry file.

tags | exploit, root
MD5 | 90d6fd7e6bddb33ce1e0aa6497d8fa7b
CyberPanel 1.8.4 Cross Site Request Forgery
Posted Jul 1, 2019
Authored by Bilgi Birikim Sistemleri

CyberPanel version 1.8.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-13056
MD5 | b87d945d5d7aa396b402e19b9257e188
Linux/ARM64 Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode
Posted Jul 1, 2019
Authored by Ken Kitahara

8 bytes small Linux/ARM64 jump back shellcode + execve("/bin/sh", NULL, NULL) shellcode.

tags | shellcode
systems | linux
MD5 | f672fceee4b282ff0531d21d82df0419
FaceSentry Access Control System 6.4.8 Remote Root
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script.

tags | exploit, arbitrary, shell, root, php
MD5 | dd18875e9898a4dc1ba25878fabbd4ac
Linux Mint 19.1 yelp Command Injection
Posted Jul 1, 2019
Authored by b1ack0wl | Site metasploit.com

This Metasploit module exploits a vulnerability within the "ghelp", "help" and "man" URI handlers within Linux Mint's "ubuntu-system-adjustments" package. Invoking any one the URI handlers will call the python script "/usr/local/bin/yelp" with the contents of the supplied URI handler as its argument. The script will then search for the strings "gnome-help" or "ubuntu-help" and if doesn't find either of them it'll then execute os.system("/usr/bin/yelp %s" % args). User interaction is required to exploit this vulnerability. Versions 18.3 through 19.1 are affected.

tags | exploit, local, python
systems | linux, ubuntu
MD5 | 314957596e0141c5ba05cd2c7a3cd537
Mac OS X TimeMachine (tmdiagnose) Command Injection Privilege Escalation
Posted Jul 1, 2019
Authored by timwr, CodeColorist | Site metasploit.com

This Metasploit module exploits a command injection in TimeMachine on macOS <= 10.14.3 in order to run a payload as root. The tmdiagnose binary on OSX <= 10.14.3 suffers from a command injection vulnerability that can be exploited by creating a specially crafted disk label. The tmdiagnose binary uses awk to list every mounted volume, and composes shell commands based on the volume labels. By creating a volume label with the backtick character, we can have our own binary executed with root privileges.

tags | exploit, shell, root
systems | apple
advisories | CVE-2019-8513
MD5 | 88ce8400a2b47fff385110d9d04c371b
FaceSentry Access Control System 6.4.8 Cross Site Request Forgery
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

The FaceSentry Access Control System version 6.4.8 application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web
MD5 | 681e6ef4cde9392b774fb4cacb5c752f
Carpool Web App 1.0 Cross Site Scripting / SQL Injection
Posted Jul 1, 2019
Authored by Taurus Omar

Carpool Web App version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection
MD5 | 6edd1438af37859e1ce2eb61fcd190cc
EA Origin Template Injection Remote Code Execution
Posted Jul 1, 2019
Authored by Dominik Penner

EA Origin versions prior to 10.5.36 suffer from a remote code execution vulnerability via template injection leveraging cross site scripting.

tags | exploit, remote, code execution, xss
advisories | CVE-2019-11354
MD5 | 4852b9e84ba88e619a3dba12957d8129
FaceSentry Access Control System 6.4.8 Remote Command Injection
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' and 'strInPort' parameters (POST) in pingTest and tcpPortTest PHP scripts.

tags | exploit, arbitrary, shell, root, php
MD5 | 199e4f309260b0968b822e4736a02fc7
Premier Ilan Scripti 1 SQL Injection
Posted Jul 1, 2019
Authored by Mehmet Emiroglu

Premier Ilan Scripti version 1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5133a7c95d32dec7583964b929bc752b
Linux/ARM64 execve("/bin/sh", ["/bin/sh"], NULL) Shellcode
Posted Jul 1, 2019
Authored by Ken Kitahara

48 bytes small Linux/ARM64 execve("/bin/sh", ["/bin/sh"], NULL) shellcode.

tags | shellcode
systems | linux
MD5 | 581bbe98265178dd2d9fe5925d73b94c
Linux/ARM64 Reverse (::1:4444/TCP) Shell (/bin/sh) + IPv6 Shellcode
Posted Jul 1, 2019
Authored by Ken Kitahara

140 bytes small Linux/ARM64 reverse (::1:4444/TCP) shell (/bin/sh) + IPv6 shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | 963fa2ad715b4be81cf33bb8532a371b
Slackware Security Advisory - irssi Updates
Posted Jul 1, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-13045
MD5 | a1c3192da7b68eedcec4f5709af88f69
Varient 1.6.1 SQL Injection
Posted Jul 1, 2019
Authored by Mehmet Emiroglu

Varient version 1.6.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a4160d292e9d5d7d06f1ff23e1f04972
Page 1 of 2
Back12Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close