exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files Date: 2019-07-01

Ubuntu Security Notice USN-4043-1
Posted Jul 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4043-1 - It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10 and Ubuntu 19.04. Gavin Wahl discovered that Django incorrectly handled certain requests. An attacker could possibly use this issue to bypass credentials and access administrator interface. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12308, CVE-2019-12781
SHA-256 | 9d727ca527dbc3931a26a95f493eb01a514019c9b6b3aa5f02a0adbe357ecec5
Packet Storm New Exploits For June, 2019
Posted Jul 1, 2019
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 110 exploits added to Packet Storm in June, 2019.

tags | exploit
SHA-256 | 6377714e2025561461a06f0bce98b77779ff55f28b338584340fbc9448c205b5
FaceSentry Access Control System 6.4.8 Cleartext Password Storage
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 credentials used for accessing the web front end are stored unencrypted on the device in /faceGuard/database/FaceSentryWeb.sqlite.

tags | exploit, web
SHA-256 | ec3726699902d65949f66d03e83b3f866a62dd98322314d5bf41d5bbc0981bdf
REDDOXX Appliance Information Disclosure
Posted Jul 1, 2019
Site redteam-pentesting.de

REDDOXX Appliance versions 2032-SP2 up to hotfix 51 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 01cfc1c19f76e8f4ee2aac22e07f738a30f32136b6ecd7a48dfa623f47dbd4f5
SQLMAP - Automatic SQL Injection Tool 1.3.7
Posted Jul 1, 2019
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | f9fdd1c5be1b9f4c945c01aca6e986088e8d7e7349013198a9f957724c7995c0
FaceSentry Access Control System 6.4.8 Authentication Credential Disclosure
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 suffers from a cleartext transmission of sensitive information. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.

tags | exploit, remote, web
SHA-256 | 321b7d7377b28d3b45492a989c752ae4fca3b6fbd121f8d2c5174424bc4142a6
GRR 3.3.0.3
Posted Jul 1, 2019
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: This is a minor bugfix release.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | e906baf1c7879423f0ff70cf0dd4c9889713b388be02af87e640696f9a722d0a
Botan C++ Crypto Algorithms Library 2.11.0
Posted Jul 1, 2019
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Added Argon2 PBKDF/password hash. Added Bcrypt-PBKDF password hash. Added a libsodium compat layer in sodium.h. Various other updates.
tags | library
systems | unix
SHA-256 | 2a7b969cb39d0f5446a972fa2535c7a2b87ef447acdef9e2716458d7ab6a962f
SquirrelMail 1.4.22 Cross Site Scripting
Posted Jul 1, 2019
Authored by Moritz Bechler | Site syss.de

SquirrelMail version 1.4.22 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-12970
SHA-256 | e0fade0e7c5216f5956fdcd3b89294dead81e66b576a08326b496cc18d4bc0f4
FaceSentry Access Control System 6.4.8 Reflected Cross Site Scripting
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 is vulnerable to multiple cross site scripting vulnerabilities. This issue is due to the application's failure to properly sanitize user-supplied input thru the 'msg' parameter (GET) in pluginInstall.php script. An attacker may leverage any of the cross-site scripting issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials, phishing, as well as other attacks.

tags | exploit, arbitrary, php, vulnerability, xss
SHA-256 | 60046411726678f999fba5686bdb62e4a2852fb07805f244683d744972764b74
FaceSentry Access Control System 6.4.8 Remote SSH Root Access
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 facial biometric access control appliance ships with hard-coded and weak credentials for SSH access on port 23445 using the credentials wwwuser:123456. The root privilege escalation is done by abusing the insecure sudoers entry file.

tags | exploit, root
SHA-256 | 03b3a5fbba02de8c2a6eb8d47447233de7577153889b5d519b2fa614888548ff
CyberPanel 1.8.4 Cross Site Request Forgery
Posted Jul 1, 2019
Authored by Bilgi Birikim Sistemleri

CyberPanel version 1.8.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-13056
SHA-256 | a3cb05bc4aba4e01e0c62abab0b296b88d1b50e4ee4ac8fe1033494e5b0c3384
Linux/ARM64 Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode
Posted Jul 1, 2019
Authored by Ken Kitahara

8 bytes small Linux/ARM64 jump back shellcode + execve("/bin/sh", NULL, NULL) shellcode.

tags | shellcode
systems | linux
SHA-256 | 07787fdc530f60529932f28be8712d2d2e1698f889edc55fcddcc346114189b8
FaceSentry Access Control System 6.4.8 Remote Root
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script.

tags | exploit, arbitrary, shell, root, php
SHA-256 | 7a3abbb69e71f4b2ad4bed9168fdb0b732576793139ab141b74613a6a5b92caf
Linux Mint 19.1 yelp Command Injection
Posted Jul 1, 2019
Authored by b1ack0wl | Site metasploit.com

This Metasploit module exploits a vulnerability within the "ghelp", "help" and "man" URI handlers within Linux Mint's "ubuntu-system-adjustments" package. Invoking any one the URI handlers will call the python script "/usr/local/bin/yelp" with the contents of the supplied URI handler as its argument. The script will then search for the strings "gnome-help" or "ubuntu-help" and if doesn't find either of them it'll then execute os.system("/usr/bin/yelp %s" % args). User interaction is required to exploit this vulnerability. Versions 18.3 through 19.1 are affected.

tags | exploit, local, python
systems | linux, ubuntu
SHA-256 | 3f28bb3a6ac2c99bd902cd75cd3f049768c02b4004a667d25b6b743824daf03e
Mac OS X TimeMachine (tmdiagnose) Command Injection Privilege Escalation
Posted Jul 1, 2019
Authored by timwr, CodeColorist | Site metasploit.com

This Metasploit module exploits a command injection in TimeMachine on macOS <= 10.14.3 in order to run a payload as root. The tmdiagnose binary on OSX <= 10.14.3 suffers from a command injection vulnerability that can be exploited by creating a specially crafted disk label. The tmdiagnose binary uses awk to list every mounted volume, and composes shell commands based on the volume labels. By creating a volume label with the backtick character, we can have our own binary executed with root privileges.

tags | exploit, shell, root
systems | apple
advisories | CVE-2019-8513
SHA-256 | 7eb0567032fbb9cfa6bb44edac50bb3c598c094fd089f1288cc6d474ba8add57
FaceSentry Access Control System 6.4.8 Cross Site Request Forgery
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

The FaceSentry Access Control System version 6.4.8 application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web
SHA-256 | ea743d36d8f4b8d7c6dfc1c9d56c656f30e74bf009e1b21c169bd42fd675e147
Carpool Web App 1.0 Cross Site Scripting / SQL Injection
Posted Jul 1, 2019
Authored by Taurus Omar

Carpool Web App version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection
SHA-256 | 59a259c25163c286ef0a6754b85718a9de6eee039a19ad87f2df3e49ef31b76b
EA Origin Template Injection Remote Code Execution
Posted Jul 1, 2019
Authored by Dominik Penner

EA Origin versions prior to 10.5.36 suffer from a remote code execution vulnerability via template injection leveraging cross site scripting.

tags | exploit, remote, code execution, xss
advisories | CVE-2019-11354
SHA-256 | af9879f10c02113c3080a33818943c5f3c89e87d4eba8a417c9abf033be8d53d
FaceSentry Access Control System 6.4.8 Remote Command Injection
Posted Jul 1, 2019
Authored by LiquidWorm | Site zeroscience.mk

FaceSentry Access Control System version 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' and 'strInPort' parameters (POST) in pingTest and tcpPortTest PHP scripts.

tags | exploit, arbitrary, shell, root, php
SHA-256 | c1cd06426b17582915040a36f41297c181b641f416cdceedc28e43ff705b2e8b
Premier Ilan Scripti 1 SQL Injection
Posted Jul 1, 2019
Authored by Mehmet Emiroglu

Premier Ilan Scripti version 1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 27710df25930141ca0295d48ecae058c8ef71e6208669d950feb9530b9dbe2bf
Linux/ARM64 execve("/bin/sh", ["/bin/sh"], NULL) Shellcode
Posted Jul 1, 2019
Authored by Ken Kitahara

48 bytes small Linux/ARM64 execve("/bin/sh", ["/bin/sh"], NULL) shellcode.

tags | shellcode
systems | linux
SHA-256 | e3fd7c63b9f7839378f011378841e48d85f48709e015f69f550359fcc40e77d9
Linux/ARM64 Reverse (::1:4444/TCP) Shell (/bin/sh) + IPv6 Shellcode
Posted Jul 1, 2019
Authored by Ken Kitahara

140 bytes small Linux/ARM64 reverse (::1:4444/TCP) shell (/bin/sh) + IPv6 shellcode.

tags | shell, tcp, shellcode
systems | linux
SHA-256 | 7770ba1b346fac7e2ceadaf196f00aa6980cbacde25df0d35368e707d3f85bb4
Slackware Security Advisory - irssi Updates
Posted Jul 1, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-13045
SHA-256 | 2d42e79aec2ebce9863c69ac184fe0449e35a3c115c910fb3089cacb7fa15cb2
Varient 1.6.1 SQL Injection
Posted Jul 1, 2019
Authored by Mehmet Emiroglu

Varient version 1.6.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5569ec4cd91d6934bfb9c700d7ce26cfb68403c7e297e094c7a471748152096b
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close