what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2019-08-20

LibreOffice Macro Python Code Execution
Posted Aug 20, 2019
Authored by Shelby Pace, LoadLow, Nils Emmerich, Gabriel Masei | Site metasploit.com

This Metasploit module generates an ODT file with a dom loaded event that, when triggered, will execute arbitrary python code and the metasploit payload.

tags | exploit, arbitrary, python
advisories | CVE-2019-9851
SHA-256 | a9df52f5e153cebc58d4e4198c48942a2f9379eaa47f6d7466b46a1643fd0618
TOR Virtual Network Tunneling Tool 0.4.1.5
Posted Aug 20, 2019
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This is the first stable release in the 0.4.1.x series. This series adds experimental circuit-level padding, authenticated SENDME cells to defend against certain attacks, and several performance improvements to save on CPU consumption. It fixes bugs in bootstrapping and v3 onion services. It also includes numerous smaller features and bugfixes on earlier versions.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | a864e0b605fb933fcc167bf242eed4233949e8a1bf23ac8e0381b106cd920425
No cON Name 2019 Call For Papers
Posted Aug 20, 2019
Site noconname.org

The No cON Name 2019 call for papers has been announced. It will be held in Barcelona, Spain, from November 14th and 15th, 2019.

tags | paper, conference
SHA-256 | 0204aa96e645aae49c148a348532d9854d95de70929e412f851c93644cdd98c3
Webmin 1.920 Remote Root
Posted Aug 20, 2019
Authored by Todor Donev

Webmin version 1.920 remote root exploit.

tags | exploit, remote, root
SHA-256 | 24da0743c530b7cde50344fe79a0f147dea9975a51294a92407b1d5fe39f2f39
CentOS-WebPanel.com Control Web Panel (CWP) 0.9.8.851 phpMyAdmin Password Change
Posted Aug 20, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.851 allows an attacker to change arbitrary passwords.

tags | exploit, web, arbitrary
systems | linux, centos
advisories | CVE-2019-14246
SHA-256 | 4efb27420a227e97715e7d7be24416f052d4c5a363d45dce305d0340da388115
CentOS-WebPanel.com Control Web Panel (CWP) 0.9.8.851 Arbitrary Database Drop
Posted Aug 20, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.851 suffers from an arbitrary database dropping vulnerability.

tags | exploit, web, arbitrary
systems | linux, centos
advisories | CVE-2019-14245
SHA-256 | 1d6d82560f3b4ba4f1c6c891801038a74f7372c46e8936527195f907db40fd4f
Ubuntu Security Notice USN-4107-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4107-1 - It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-3977
SHA-256 | cf7a5ef0ff717dbe13fc3ebf22d058a7fb31928d477ed2707daecae9f2857ec8
Ubuntu Security Notice USN-4106-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4106-1 - Mike Salvatore discovered that NLTK mishandled crafted ZIP archives during extraction. A remote attacker could use this vulnerability to write arbitrary files to the filesystem.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14751
SHA-256 | 67c1fd94cc02ae15969151dfdc1c8669a70df4dbbdafd497a25c319b1b295ec0
Ubuntu Security Notice USN-4105-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4105-1 - Stephan Zeisberg discovered that the CUPS SNMP backend incorrectly handled encoded ASN.1 inputs. A remote attacker could possibly use this issue to cause CUPS to crash by providing specially crafted network traffic. It was discovered that CUPS did not properly handle client disconnection events. A local attacker could possibly use this issue to cause a denial of service or disclose memory from the CUPS server. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-8675
SHA-256 | 9ea594f876626482306d705e181fa2ea02fcf26088db28e67eff36a606a9e8fb
Ubuntu Security Notice USN-4104-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4104-1 - Donny Davis discovered that the Nova Compute service could return configuration or other information in response to a failed API request in some situations. A remote attacker could use this to expose sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-14433
SHA-256 | 0de56693f6a858d5f3ca51f42b40d4048f402bcac915e827fe423582f6c1e88b
Ubuntu Security Notice USN-4103-2
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4103-2 - Jasiel Spelman discovered that a double free existed in the docker-credential- helpers dependency of Docker. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-1020014
SHA-256 | db04566acdcd349de4736a6dc34a44616333ad7993774ecb342b70490985c683
Ubuntu Security Notice USN-4103-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4103-1 - Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-1020014
SHA-256 | e7e4bdf09b9ea9f7a49ec0c2f8ba123043c13dc59b323fc09ce4fe8af95f7f5d
CentOS-WebPanel.com Control Web Panel (CWP) 0.9.8.848 User Enumeration
Posted Aug 20, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.848 suffers from a user enumeration vulnerability.

tags | exploit, web
systems | linux, centos
advisories | CVE-2019-13599
SHA-256 | cc0c55ccdb42fd51d11a4b01419284a4bc4b629d40b00b2b4ccebe57d7de4456
Haveged 1.9.5 Alpha
Posted Aug 20, 2019
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: This is an alpha pre-release. Added test for /dev/random symlink. Updated to automake 1.16. Various other updates.
tags | tool
systems | linux, unix
SHA-256 | 9ac75039584f5af216d1ce97fead75f2e852bf2d3665e58d66b3da184ace7deb
WordPress Add Mime Types 2.2.1 Cross Site Request Forgery
Posted Aug 20, 2019
Authored by Princy Edward

WordPress Add Mime Types plugin version 2.2.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f4c0f6639fc24795d7e517d3b9bdd3e1005bdf352efab5d6247928df33cd244f
Linux/x86_64 AVX2 XOR Decoder + execve("/bin/sh") Shellcode
Posted Aug 20, 2019
Authored by Goncalo Ribeiro

62 bytes small Linux/x86_64 AVX2 XOR decoder + execve("/bin/sh") shellcode.

tags | shellcode
systems | linux
SHA-256 | 7cb9d761cd9b8b15b5b19ef47abaab7bba25681d2245e26a498db53f19a910dd
Microsoft Office365 / ProPlus 16.0.11901.20204 Code Execution / Protection Bypass
Posted Aug 20, 2019
Authored by Social Engineering Neo

Microsoft Office365 and ProPlus build 16.0.11901.20204 suffers from code execution and protection bypass vulnerabilities.

tags | exploit, vulnerability, code execution, bypass
SHA-256 | 04367a5166a8e361792ca288053f674734b3a645cb58593c2565f53aef404364
Linux/x86_64 Reverse Shell TCP/4444 With Password Shellcode
Posted Aug 20, 2019
Authored by Goncalo Ribeiro

120 bytes small Linux/x86_64 reverse (127.0.0.1:4444/TCP) shell (/bin/sh) + password (pass) shellcode.

tags | shell, tcp, shellcode
systems | linux
SHA-256 | 1c38c103a596fcb64ef48d59fd8c0f6942b90a78da6f307b1b22480e5eb523e5
Linux/MIPS64 Reverse Shell Shellcode
Posted Aug 20, 2019
Authored by Antonio De la Piedra

157 bytes small Linux/MIPS64 reverse (localhost:4444/TCP) shell shellcode.

tags | shell, tcp, shellcode
systems | linux
SHA-256 | 0e371de6c42c802891f465341b83b23f73f24fea23abf8aa1e01af9d67db8681
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close