what you don't know can hurt you
Showing 1 - 10 of 10 RSS Feed

Files Date: 2019-07-03

Posted Jul 3, 2019
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: This is a minor bugfix release.
tags | tool, remote, web, forensics
systems | unix
MD5 | d0924a1c5aae5bc89f81249dbf96ff8d
BKS EBK Ethernet-Buskoppler Pro Shell Upload
Posted Jul 3, 2019
Authored by Sebastian Auwaerter

BKS EBK Ethernet-Buskoppler Pro versions prior to 3.01 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2019-12971
MD5 | c821815e82184f8c4a7e761fee8b26d6
Hawtio 2.5.0 Server Side Request Forgery
Posted Jul 3, 2019
Authored by CipherTechs | Site ciphertechs.com

Hawtio versions 2.5.0 and below suffer from a server side request forgery vulnerability.

tags | exploit
advisories | CVE-2019-9827
MD5 | 51ed92e4ef9c7a56a98c1af31b6886c1
FreeBSD Security Advisory - FreeBSD-SA-19:10.ufs
Posted Jul 3, 2019
Authored by David G. Lawrence | Site security.freebsd.org

FreeBSD Security Advisory - A bug causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding. This data can be viewed by any user with read access to the directory. Additionally, a malicious user with write access to a directory can cause up to 254 bytes of kernel stack memory to be exposed. Some amount of the kernel stack is disclosed and written out to the filesystem.

tags | advisory, kernel
systems | freebsd, bsd
advisories | CVE-2019-5601
MD5 | 46094c4f37df1255acbd646ec82e3d07
FreeBSD Security Advisory - FreeBSD-SA-19:11.cd_ioctl
Posted Jul 3, 2019
Authored by Alex Fortune | Site security.freebsd.org

FreeBSD Security Advisory - To implement one particular ioctl, the Linux emulation code used a special interface present in the cd(4) driver which allows it to copy subchannel information directly to a kernel address. This interface was erroneously made accessible to userland, allowing users with read access to a cd(4) device to arbitrarily overwrite kernel memory when some media is present in the device. A user in the operator group can make use of this interface to gain root privileges on a system with a cd(4) device when some media is present in the device.

tags | advisory, kernel, root
systems | linux, freebsd
advisories | CVE-2019-5602
MD5 | b564cb6482eb056f4f3410e971bced57
Red Hat Security Advisory 2019-1636-01
Posted Jul 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1636-01 - This advisory contains the jenkins-2-plugins RPM packages for Red Hat OpenShift Container Platform 4.1.4. Various issues have been addressed including a file read vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10320, CVE-2019-10328, CVE-2019-10337
MD5 | 6c5f41509fb2839aefefa133d64edcbd
FreeBSD Security Advisory - FreeBSD-SA-19:09.iconv
Posted Jul 3, 2019
Authored by Andrea Venturoli | Site security.freebsd.org

FreeBSD Security Advisory - With certain inputs, iconv may write beyond the end of the output buffer. Depending on the way in which iconv is used, an attacker may be able to create a denial of service, provoke incorrect program behavior, or induce a remote code execution. iconv is a libc library function and the nature of possible attacks will depend on the way in which iconv is used by applications or daemons.

tags | advisory, remote, denial of service, code execution
systems | freebsd, bsd
advisories | CVE-2019-5600
MD5 | 7b79e911c86a0f9ff912dd1aa191a5f3
Symantec DLP 15.5 MP1 Cross Site Scripting
Posted Jul 3, 2019
Authored by Chapman Schleiss

Symantec DLP versions 15.5 MP1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9701
MD5 | 6bb86bee6ae11345bc4a891afc6ab65a
Google ChromeOS SafeSetID LSM Transitive Trust
Posted Jul 3, 2019
Authored by Jann Horn, Google Security Research

Google ChromeOS SafeSetID LSM suffers from privilege escalation vulnerabilities.

tags | advisory, vulnerability
MD5 | 1eb159ed1602375544f5e4c09949e034
TOR Virtual Network Tunneling Tool
Posted Jul 3, 2019
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This is the first stable release in the 0.4.0.x series. It contains improvements for power management and bootstrap reporting, as well as preliminary backend support for circuit padding to prevent some kinds of traffic analysis. It also continues our work in refactoring Tor for long-term maintainability.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 23278fc58d0014db22b428cdae3ea966
Page 1 of 1

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By