exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2019-07-15

Ubuntu Security Notice USN-4057-1
Posted Jul 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4057-1 - Mike Salvatore discovered that Zipios mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-13453
MD5 | dae36d4c344d8686ae8d52665972276a
Slackware Security Advisory - bzip2 Updates
Posted Jul 15, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bzip2 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-3189, CVE-2019-12900
MD5 | 529e61d54f5a81c0fcc0113d9dbe7905
Ubuntu Security Notice USN-4056-1
Posted Jul 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4056-1 - It was discovered that Exiv2 incorrectly handled certain PSD files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Exiv2 incorrectly handled certain PNG files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Exiv2 incorrectly handled certain CRW files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-19107, CVE-2019-13112, CVE-2019-13114
MD5 | ce37372e3ab8d7f50784568bdf00538a
AppXSvc Hard Link Privilege Escalation
Posted Jul 15, 2019
Authored by James Forshaw, Nabeel Ahmed, Shelby Pace | Site metasploit.com

There exists a privilege escalation vulnerability for Windows 10 builds prior to build 17763. Due to the AppXSvc's improper handling of hard links, a user can gain full privileges over a SYSTEM-owned file. The user can then utilize the new file to execute code as SYSTEM. This Metasploit module employs a technique using the Diagnostics Hub Standard Collector Service (DiagHub) which was discovered by James Forshaw to load and execute a DLL as SYSTEM.

tags | exploit
systems | windows
advisories | CVE-2019-0841
MD5 | c94395650cca2e92c0d550946f0e7a22
PHP Laravel Framework Token Unserialize Remote Command Execution
Posted Jul 15, 2019
Authored by aushack, Stale Pettersen | Site metasploit.com

This Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation.

tags | exploit, remote, web, php, vulnerability
advisories | CVE-2017-16894, CVE-2018-15133
MD5 | 7094c48d642dbb2c66067663c6ef39d9
Debian Security Advisory 4482-1
Posted Jul 15, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4482-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery.

tags | advisory, denial of service, arbitrary, spoof, xss, info disclosure, csrf
systems | linux, debian
advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717, CVE-2019-11730, CVE-2019-9811
MD5 | 98a6d07eeef8d662beb2fa0f236cb9d3
Microsoft Windows HTTP To SMB NTLM Reflection Privilege Escalation
Posted Jul 15, 2019
Authored by Google Security Research, Glazvunov

Microsoft Windows suffers from an HTTP to SMB NTLM reflection that leads to a privilege escalation.

tags | exploit, web
systems | windows
advisories | CVE-2019-1019
MD5 | 62e80bf3709f00ac9657fb8dd16d9822
Citrix SD-WAN Appliance 10.2.2 Authentication Bypass / Remote Command Execution
Posted Jul 15, 2019
Authored by Chris Lyne

Citrix SD-WAN Appliance version 10.2.2 suffers from authentication bypass and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, bypass
advisories | CVE-2019-12989, CVE-2019-12991
MD5 | 1c552352db4cb01f5841843a21926509
Red Hat Security Advisory 2019-1777-01
Posted Jul 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1777-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.8.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717, CVE-2019-11730, CVE-2019-9811
MD5 | 6e026a6707ddc296c024fed95cdbe8df
Ubuntu Security Notice USN-4055-1
Posted Jul 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4055-1 - Mike Salvatore discovered that FlightCrew improperly handled certain malformed EPUB files. An attacker could potentially use this vulnerability to cause a denial of service. Mike Salvatore discovered that FlightCrew mishandled certain malformed EPUB files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Mike Salvatore discovered that the version of Zipios included in FlightCrew mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13032, CVE-2019-13241, CVE-2019-13453
MD5 | 797b140c1d1b3f14e7a806b02c5bfedb
Streamripper 2.6 Buffer Overflow
Posted Jul 15, 2019
Authored by Andrey Stoykov

Streamripper version 2.6 Song Pattern buffer overflow exploit.

tags | exploit, overflow
MD5 | dd24c19a7001e0ae2db79741d79b9334
Red Hat Security Advisory 2019-1774-01
Posted Jul 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1774-01 - Vim is an updated and improved version of the vi editor. An arbitrary command execution vulnerability has been addressed.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2019-12735
MD5 | 1317e257c8088f1778bfcb6c002f50eb
Netgear WiFi Router JWNR2010v5 / R6080 Authentication Bypass
Posted Jul 15, 2019
Authored by Wadeek

Netgear WiFi router versions JWNR2010v5 and R6080 suffer from authentication bypass vulnerabilities.

tags | exploit, vulnerability, bypass
MD5 | d620b4215510a859c511dd8ac8d9d84c
Red Hat Security Advisory 2019-1775-01
Posted Jul 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1775-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.8.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717, CVE-2019-11730, CVE-2019-9811
MD5 | dc96e6fd4c0192bdaf02b02fb9e14907
Red Hat Security Advisory 2019-1771-01
Posted Jul 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1771-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, imap
systems | linux, redhat
advisories | CVE-2019-11356
MD5 | 7a662ed97be56cb8e5d9f0f3b495e821
Android VideoPlayer ihevcd_parse_pps Out-Of-Bounds Write
Posted Jul 15, 2019
Authored by Marcin Kozlowski

VideoPlayer on Android versions 7 through 9 suffer from an ihevcd_parse_pps out-of-bounds write vulnerability.

tags | exploit
advisories | CVE-2019-2107
MD5 | b6e2167ecafb748c6ed3b913f56c4e69
Microsoft Windows RDP BlueKeep Denial Of Service
Posted Jul 15, 2019
Authored by Ramella Sebastien

Microsoft Windows Remote Desktop BlueKeep denial of service exploit.

tags | exploit, remote, denial of service
systems | windows
advisories | CVE-2019-0708
MD5 | 03ea74e7a141e90ebbfc356da5c86bfd
FlightPath Local File Inclusion
Posted Jul 15, 2019
Authored by Mohammed Althibyani

FlightPath versions prior to 4.8.2 and 5.0-rc2 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2019-13396
MD5 | 81a5a17dad2e62aa8208195f197d9a8c
PCMan FTP Server 2 ALLO Buffer Overflow
Posted Jul 15, 2019
Authored by Nassim Asrir

PCMan FTP Server 2 ALLO remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | 01605b000736cd3698aa2c0a77b919b8
Cisco Small Business Switch Information Leakage / Open Redirect
Posted Jul 15, 2019
Authored by Ramikan

Cisco Small Business switches versions 200, 300, and 500 suffer from information leakage and open redirection vulnerabilities.

tags | exploit, vulnerability, info disclosure
systems | cisco
advisories | CVE-2019-1943
MD5 | eb2b5e1203a3fa2ae1b9100c12d53de7
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close