exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2019-07-03

Posted Jul 3, 2019
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: This is a minor bugfix release.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | 3918104d38f04c724d2e79306031ec8485d879c5b57a8a89de4f48743a45d8da
BKS EBK Ethernet-Buskoppler Pro Shell Upload
Posted Jul 3, 2019
Authored by Sebastian Auwaerter | Site syss.de

BKS EBK Ethernet-Buskoppler Pro versions prior to 3.01 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2019-12971
SHA-256 | 34bbdc615e014059e3b04c9185a7fd91f2ae36a5796c871aaa3b732608c44564
Hawtio 2.5.0 Server Side Request Forgery
Posted Jul 3, 2019
Authored by CipherTechs | Site ciphertechs.com

Hawtio versions 2.5.0 and below suffer from a server side request forgery vulnerability.

tags | exploit
advisories | CVE-2019-9827
SHA-256 | dd2e863b9a9b34ce29995c68363868f23c6a9729562c6afd3e04e3168ab4b984
FreeBSD Security Advisory - FreeBSD-SA-19:10.ufs
Posted Jul 3, 2019
Authored by David G. Lawrence | Site security.freebsd.org

FreeBSD Security Advisory - A bug causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding. This data can be viewed by any user with read access to the directory. Additionally, a malicious user with write access to a directory can cause up to 254 bytes of kernel stack memory to be exposed. Some amount of the kernel stack is disclosed and written out to the filesystem.

tags | advisory, kernel
systems | freebsd, bsd
advisories | CVE-2019-5601
SHA-256 | e8b30a3f33319307ddd94571cda888074a86c142e47d6d2f8d215c8258b22fd2
FreeBSD Security Advisory - FreeBSD-SA-19:11.cd_ioctl
Posted Jul 3, 2019
Authored by Alex Fortune | Site security.freebsd.org

FreeBSD Security Advisory - To implement one particular ioctl, the Linux emulation code used a special interface present in the cd(4) driver which allows it to copy subchannel information directly to a kernel address. This interface was erroneously made accessible to userland, allowing users with read access to a cd(4) device to arbitrarily overwrite kernel memory when some media is present in the device. A user in the operator group can make use of this interface to gain root privileges on a system with a cd(4) device when some media is present in the device.

tags | advisory, kernel, root
systems | linux, freebsd
advisories | CVE-2019-5602
SHA-256 | 44ec4741c610bbd10524908bf9d984a79916c9076fb532cfe1221db289227432
Red Hat Security Advisory 2019-1636-01
Posted Jul 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1636-01 - This advisory contains the jenkins-2-plugins RPM packages for Red Hat OpenShift Container Platform 4.1.4. Various issues have been addressed including a file read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10320, CVE-2019-10328, CVE-2019-10337
SHA-256 | 35932583ad3607db55d6071f2438a343dec4f7239b799a8085c9aa5f046b14c9
FreeBSD Security Advisory - FreeBSD-SA-19:09.iconv
Posted Jul 3, 2019
Authored by Andrea Venturoli | Site security.freebsd.org

FreeBSD Security Advisory - With certain inputs, iconv may write beyond the end of the output buffer. Depending on the way in which iconv is used, an attacker may be able to create a denial of service, provoke incorrect program behavior, or induce a remote code execution. iconv is a libc library function and the nature of possible attacks will depend on the way in which iconv is used by applications or daemons.

tags | advisory, remote, denial of service, code execution
systems | freebsd, bsd
advisories | CVE-2019-5600
SHA-256 | e7a88e1043e6911b4f4a63c30931cf6dab2b72238f92b1325a7882b6e52ede1a
Symantec DLP 15.5 MP1 Cross Site Scripting
Posted Jul 3, 2019
Authored by Chapman Schleiss

Symantec DLP versions 15.5 MP1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9701
SHA-256 | c74ef0ebc52137f3edc54489288797751806cf5ef7bcb629891a453b62574470
Google ChromeOS SafeSetID LSM Transitive Trust
Posted Jul 3, 2019
Authored by Jann Horn, Google Security Research

Google ChromeOS SafeSetID LSM suffers from privilege escalation vulnerabilities.

tags | advisory, vulnerability
SHA-256 | d249d4de09d46c55a0307f0dc5339f1d018313709dc668eae4f4e4959313d6b0
TOR Virtual Network Tunneling Tool
Posted Jul 3, 2019
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This is the first stable release in the 0.4.0.x series. It contains improvements for power management and bootstrap reporting, as well as preliminary backend support for circuit padding to prevent some kinds of traffic analysis. It also continues our work in refactoring Tor for long-term maintainability.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | b5a2cbf0dcd3f1df2675dbd5ec10bbe6f8ae995c41b68cebe2bc95bffc90696e
Page 1 of 1

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By