what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files Date: 2019-08-20

LibreOffice Macro Python Code Execution
Posted Aug 20, 2019
Authored by Shelby Pace, LoadLow, Nils Emmerich, Gabriel Masei | Site metasploit.com

This Metasploit module generates an ODT file with a dom loaded event that, when triggered, will execute arbitrary python code and the metasploit payload.

tags | exploit, arbitrary, python
advisories | CVE-2019-9851
MD5 | 6370452257edd14ff2dd490637bb95b3
TOR Virtual Network Tunneling Tool 0.4.1.5
Posted Aug 20, 2019
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This is the first stable release in the 0.4.1.x series. This series adds experimental circuit-level padding, authenticated SENDME cells to defend against certain attacks, and several performance improvements to save on CPU consumption. It fixes bugs in bootstrapping and v3 onion services. It also includes numerous smaller features and bugfixes on earlier versions.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 4a7ee49500d536d6c301a73bac0d0393
No cON Name 2019 Call For Papers
Posted Aug 20, 2019
Site noconname.org

The No cON Name 2019 call for papers has been announced. It will be held in Barcelona, Spain, from November 14th and 15th, 2019.

tags | paper, conference
MD5 | b8bd894366b8d00bf3e8bf213eeecd1e
Webmin 1.920 Remote Root
Posted Aug 20, 2019
Authored by Todor Donev

Webmin version 1.920 remote root exploit.

tags | exploit, remote, root
MD5 | e3174202504ae321de08a1dd89c21438
CentOS Control Web Panel (CWP) 0.9.8.851 phpMyAdmin Password Change
Posted Aug 20, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS Control Web Panel (CWP) version 0.9.8.851 allows an attacker to change arbitrary passwords.

tags | exploit, web, arbitrary
systems | linux, centos
advisories | CVE-2019-14246
MD5 | 7df560dfc3cd46821b6dd0851ddddda5
CentOS Control Web Panel (CWP) 0.9.8.851 Arbitrary Database Drop
Posted Aug 20, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS Control Web Panel (CWP) version 0.9.8.851 suffers from an arbitrary database dropping vulnerability.

tags | exploit, web, arbitrary
systems | linux, centos
advisories | CVE-2019-14245
MD5 | 815a00d6960c4fb8777b34723cfc6bc6
Ubuntu Security Notice USN-4107-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4107-1 - It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-3977
MD5 | 9a49aa81ed9e6042b0f98fb5869e73dc
Ubuntu Security Notice USN-4106-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4106-1 - Mike Salvatore discovered that NLTK mishandled crafted ZIP archives during extraction. A remote attacker could use this vulnerability to write arbitrary files to the filesystem.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14751
MD5 | 59fef2967a0edf55e73428bf40115653
Ubuntu Security Notice USN-4105-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4105-1 - Stephan Zeisberg discovered that the CUPS SNMP backend incorrectly handled encoded ASN.1 inputs. A remote attacker could possibly use this issue to cause CUPS to crash by providing specially crafted network traffic. It was discovered that CUPS did not properly handle client disconnection events. A local attacker could possibly use this issue to cause a denial of service or disclose memory from the CUPS server. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-8675
MD5 | 87a97306e282671654e746f6eb6aab82
Ubuntu Security Notice USN-4104-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4104-1 - Donny Davis discovered that the Nova Compute service could return configuration or other information in response to a failed API request in some situations. A remote attacker could use this to expose sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-14433
MD5 | a0143fc0cfd251691906cda8e2906a53
Ubuntu Security Notice USN-4103-2
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4103-2 - Jasiel Spelman discovered that a double free existed in the docker-credential- helpers dependency of Docker. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-1020014
MD5 | d93444345df478249e1732f65906885b
Ubuntu Security Notice USN-4103-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4103-1 - Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-1020014
MD5 | 7d7e9cba00e3d104f9c7a8cef64dd300
CentOS Control Web Panel (CWP) 0.9.8.848 User Enumeration
Posted Aug 20, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS Control Web Panel (CWP) version 0.9.8.848 suffers from a user enumeration vulnerability.

tags | exploit, web
systems | linux, centos
advisories | CVE-2019-13599
MD5 | 4d690cefefbcb68edc18c7fc5d83e5ca
Haveged 1.9.5 Alpha
Posted Aug 20, 2019
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: This is an alpha pre-release. Added test for /dev/random symlink. Updated to automake 1.16. Various other updates.
tags | tool
systems | linux, unix
MD5 | 6e059a24511cf2b3f1c2ba3ac266256c
WordPress Add Mime Types 2.2.1 Cross Site Request Forgery
Posted Aug 20, 2019
Authored by Princy Edward

WordPress Add Mime Types plugin version 2.2.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 2bb55a6acfbfa6869d4a50dbb63bbb4b
Linux/x86_64 AVX2 XOR Decoder + execve("/bin/sh") Shellcode
Posted Aug 20, 2019
Authored by Goncalo Ribeiro

62 bytes small Linux/x86_64 AVX2 XOR decoder + execve("/bin/sh") shellcode.

tags | shellcode
systems | linux
MD5 | e995ac71f71d13c923a5d40f730b27a4
Microsoft Office365 / ProPlus 16.0.11901.20204 Code Execution / Protection Bypass
Posted Aug 20, 2019
Authored by Social Engineering Neo

Microsoft Office365 and ProPlus build 16.0.11901.20204 suffers from code execution and protection bypass vulnerabilities.

tags | exploit, vulnerability, code execution, bypass
MD5 | 2a3e5e2f19b48891b0c281595f535b3c
Linux/x86_64 Reverse Shell TCP/4444 With Password Shellcode
Posted Aug 20, 2019
Authored by Goncalo Ribeiro

120 bytes small Linux/x86_64 reverse (127.0.0.1:4444/TCP) shell (/bin/sh) + password (pass) shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | 9d833727135aee23ab7360fd99fb9844
Linux/MIPS64 Reverse Shell Shellcode
Posted Aug 20, 2019
Authored by Antonio De la Piedra

157 bytes small Linux/MIPS64 reverse (localhost:4444/TCP) shell shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | 943dc4bcee3d0b33275bf2fdf8a0cb86
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close