what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

Files Date: 2019-08-19

FortiOS 5.6.7 / 6.0.4 Credential Disclosure
Posted Aug 19, 2019
Authored by Carlos E. Vieira

FortiOS versions 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4 suffer from a credential disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2018-13379
MD5 | a022f0e2fde0c635d9836c8aef10e213
FortiOS 5.6.7 / 6.0.4 Credential Disclosure
Posted Aug 19, 2019
Authored by Carlos E. Vieira | Site metasploit.com

This Metasploit module exploits FortiOS versions 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4 to leverage a credential disclosure vulnerability by reading the /dev/cmdb/sslvpn_websession file.

tags | exploit, info disclosure
advisories | CVE-2018-13379
MD5 | 956f30465640700e922f5cf3e4a9bdf6
YouPHPTube 7.2 SQL Injection
Posted Aug 19, 2019
Authored by Fabian Mosch

YouPHPTube version 7.2 suffers from a remote SQL injection vulnerability in userCreate.json.php.

tags | exploit, remote, php, sql injection
advisories | CVE-2019-14430
MD5 | 0c5a7e8e6f6f45c7826e5a19a22f0dea
Mandos Encrypted File System Unattended Reboot Utility 1.8.8
Posted Aug 19, 2019
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: No user-visible changes.
tags | tool, remote, root
systems | linux, unix
MD5 | dc129218c58f33b7c68e4cb7a34ecd6a
Neo Billing 3.5 Cross Site Scripting
Posted Aug 19, 2019
Authored by n1x_

Neo Billing version 3.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7d47b4f46e7a051cb9a4041134f8126a
Kimai 2 Cross Site Scripting
Posted Aug 19, 2019
Authored by osamaalaa

Kimai version 2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | d467918811040b33c88487e63e4fa7b0
RAR Password Recovery 1.80 Denial Of Service
Posted Aug 19, 2019
Authored by Achilles

RAR Password Recovery version 1.80 suffers from a user name and registration code denial of service vulnerability.

tags | exploit, denial of service
MD5 | c8006c83d8c82155250a442fd9ef4c2b
Webmin 1.920 Remote Command Execution
Posted Aug 19, 2019
Authored by Zerial

Webmin unauthenticated remote command execution exploit that identifies whether or not a target is vulnerable.

tags | exploit, remote
advisories | CVE-2019-15107
MD5 | d3f8ab6c772881a15aae824b15be9760
MediaWiki OAuth2 Client 0.3 Cross Site Request Forgery
Posted Aug 19, 2019
Authored by Justin Bull

MediaWiki OAuth2 Client version 0.3 suffers from a cross site request forgery vulnerability.

tags | advisory, csrf
advisories | CVE-2019-15150
MD5 | 46e749ce553be96c1690bf02ed0d0f80
Ubuntu Security Notice USN-4078-2
Posted Aug 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4078-2 - USN-4078-1 fixed several vulnerabilities in openldap. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that OpenLDAP incorrectly handled rootDN delegation. A database administrator could use this issue to request authorization as an identity from another database, contrary to expectations. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-13057, CVE-2019-13565
MD5 | 967352482f7f59f3ac6490d52904abaf
Ubuntu Security Notice USN-4102-1
Posted Aug 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4102-1 - It was discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. It was discovered that LibreOffice incorrectly handled embedded scripts in document files. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-9850, CVE-2019-9851, CVE-2019-9852
MD5 | 654041ef4af81c243100051b9692a9c1
Ubuntu Security Notice USN-4100-1
Posted Aug 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4100-1 - It was discovered that KConfig and KDE libraries have a vulnerability where an attacker could hide malicious code under desktop and configuration files. It was discovered that KConfig allows remote attackers to write to arbitrary files via a ../ in a filename in an archive file.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-6232, CVE-2019-14744
MD5 | 42453f106831005a5f6dc076ddf90ffe
Red Hat Security Advisory 2019-2519-01
Posted Aug 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2519-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow, bypass, cross site scripting, denial of service, information leakage, and null pointer vulnerabilities.

tags | advisory, web, denial of service, overflow, php, vulnerability, xss
systems | linux, redhat
advisories | CVE-2016-10166, CVE-2017-12932, CVE-2017-16642, CVE-2017-9118, CVE-2017-9120, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-14851, CVE-2018-14884, CVE-2018-17082, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022
MD5 | 78b5fcb3a3c8f8ee710500de6377153e
Debian Security Advisory 4503-1
Posted Aug 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4503-1 - Three vulnerabilities have been discovered in the Go programming language; "net/url" accepted some invalid hosts in URLs which could result in authorisation bypass in some applications and the HTTP/2 implementation was susceptible to denial of service.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2019-14809, CVE-2019-9512, CVE-2019-9514
MD5 | a8d8ada5efc7a1f7a8e0ec5f175f4037
Gentoo Linux Security Advisory 201908-25
Posted Aug 19, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-25 - A vulnerability in hostapd and wpa_supplicant could lead to a Denial of Service condition. Versions less than 2.8 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2019-11555
MD5 | b00fa7679524b9a44d5c16c40045aa2a
Gentoo Linux Security Advisory 201908-24
Posted Aug 19, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-24 - Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could result in privilege escalation. Versions less than 10.1.38-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2018-2755, CVE-2018-2759, CVE-2018-2761, CVE-2018-2766, CVE-2018-2771, CVE-2018-2777, CVE-2018-2781, CVE-2018-2782, CVE-2018-2784, CVE-2018-2786, CVE-2018-2787, CVE-2018-2810, CVE-2018-2813, CVE-2018-2817, CVE-2018-2819, CVE-2018-3143, CVE-2018-3156, CVE-2018-3162, CVE-2018-3173, CVE-2018-3174, CVE-2018-3185, CVE-2018-3200, CVE-2018-3251, CVE-2018-3252, CVE-2018-3277, CVE-2018-3282, CVE-2018-3284, CVE-2019-2510
MD5 | e5c0ea732a8d2bfa40fbad3906cfd225
Gentoo Linux Security Advisory 201908-23
Posted Aug 19, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-23 - Multiple vulnerabilities have been found in VLC, the worst of which could result in the arbitrary execution of code. Versions less than 3.0.7 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-12874, CVE-2019-5439
MD5 | 141c6eec19e7d41b5ba291da63715ff7
Gentoo Linux Security Advisory 201908-22
Posted Aug 19, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-22 - Multiple vulnerabilities have been found in Patch, the worst of which could result in the arbitrary execution of code. Versions less than 2.7.6-r4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-13636, CVE-2019-13638
MD5 | cdeb430230ac23eeff81fe9d5f484b74
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close