what you don't know can hurt you
Showing 1 - 25 of 338 RSS Feed

Files Date: 2019-08-01 to 2019-08-31

Clam AntiVirus Toolkit 0.101.4
Posted Aug 21, 2019
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Multiple security vulnerabilities have been addressed in this release.
tags | tool, virus
systems | unix
advisories | CVE-2019-12625, CVE-2019-12900
MD5 | b6e6891035ce3e3f35830154bd280311
KBPublisher 6.0.2.1 SQL Injection
Posted Aug 21, 2019
Authored by Pedro Andujar

KBPublisher version 6.0.2.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2019-10687
MD5 | 1eb1a06483952b05b3a15269d967cfab
Zoho Corporation ManageEngine ServiceDesk Plus Information Disclosure
Posted Aug 21, 2019
Authored by Johannes Greil | Site sec-consult.com

Zoho Corporation ManageEngine ServiceDesk Plus 10 versions prior to 10509 suffer from an information leakage vulnerability.

tags | exploit
advisories | CVE-2019-15045, CVE-2019-15046
MD5 | df7de6aef789543ff67c502b96571b31
Red Hat Security Advisory 2019-2543-01
Posted Aug 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2543-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A data disclosure vulnerability was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10206, CVE-2019-10217
MD5 | b736ff8a98b9b479a83621367bb8a568
Red Hat Security Advisory 2019-2542-01
Posted Aug 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2542-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A data disclosure vulnerability was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10206, CVE-2019-10217
MD5 | d5c1a062b6822971e5c6515f541f052b
Red Hat Security Advisory 2019-2545-01
Posted Aug 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2545-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A data disclosure vulnerability was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10206
MD5 | 0e7d7786356bf9dfd298ea9277da070f
Red Hat Security Advisory 2019-2544-01
Posted Aug 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2544-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A data disclosure vulnerability was addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10206
MD5 | 4fbc2fb13a56f60ea0ff9c1c6fe91f50
Ubuntu Security Notice USN-4109-1
Posted Aug 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4109-1 - It was discovered that OpenJPEG incorrectly handled certain PGX files. An attacker could possibly use this issue to cause a denial of service or possibly remote code execution. It was discovered that OpenJPEG incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJPEG incorrectly handled certain PNM files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, code execution
systems | linux, ubuntu
advisories | CVE-2017-17480, CVE-2018-14423, CVE-2018-18088, CVE-2018-6616
MD5 | a6f254d4a6f4f62c286121749c69cc62
Red Hat Security Advisory 2019-2541-01
Posted Aug 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2541-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-14662, CVE-2018-16846, CVE-2018-16889
MD5 | cf505ab862a7efd5153c49b76b71ae63
Pulse Secure SSL VPN 8.1R15.1 / 8.2 / 8.3 / 9.0 Arbitrary File Disclosure
Posted Aug 21, 2019
Authored by Alyssa Herrera, 0xDezzy | Site metasploit.com

This Metasploit module exploits Pulse Secure SSL VPN versions 8.1R15.1, 8.2, 8.3, and 9.0 which suffer from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary, info disclosure
advisories | CVE-2019-11510
MD5 | 92b2a1881666fc4bc0c0655e5585cfa2
Ubuntu Security Notice USN-4108-1
Posted Aug 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4108-1 - It was discovered that Zstandard incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11922
MD5 | 4f2137669da103e7009c002f21ed23af
Red Hat Security Advisory 2019-2538-01
Posted Aug 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2538-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-14662, CVE-2018-16846, CVE-2018-16889
MD5 | 6bb5c6815dd3ff4c9b62b52c708b7ecf
Debian Security Advisory 4504-1
Posted Aug 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4504-1 - Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-13602, CVE-2019-13962, CVE-2019-14437, CVE-2019-14438, CVE-2019-14498, CVE-2019-14533, CVE-2019-14534, CVE-2019-14535, CVE-2019-14776, CVE-2019-14777, CVE-2019-14778, CVE-2019-14970
MD5 | 6fe9ce1ba15c2eb98b447b11dd24896e
FreeBSD Security Advisory - FreeBSD-SA-19:24.mqueuefs
Posted Aug 21, 2019
Authored by Karsten Konig | Site security.freebsd.org

FreeBSD Security Advisory - System calls operating on file descriptors obtain a reference to relevant struct file which due to a programming error was not always put back, which in turn could be used to overflow the counter of affected struct file. A local user can use this flaw to obtain access to files, directories, sockets, etc., opened by processes owned by other users. If obtained struct file represents a directory from outside of user's jail, it can be used to access files outside of the jail. If the user in question is a jailed root they can obtain root privileges on the host system.

tags | advisory, overflow, local, root
systems | freebsd, bsd
advisories | CVE-2019-5603
MD5 | 9cfd72e9cfbe028258e3db3b70d85035
FreeBSD Security Advisory - FreeBSD-SA-19:23.midi
Posted Aug 21, 2019
Authored by Peter Holm, Mark Johnston | Site security.freebsd.org

FreeBSD Security Advisory - The kernel driver for /dev/midistat implements a handler for read(2). This handler is not thread-safe, and a multi-threaded program can exploit races in the handler to cause it to copy out kernel memory outside the boundaries of midistat's data buffer. The races allow a program to read kernel memory within a 4GB window centered at midistat's data buffer. The buffer is allocated each time the device is opened, so an attacker is not limited to a static 4GB region of memory. On 32-bit platforms, an attempt to trigger the race may cause a page fault in kernel mode, leading to a panic.

tags | advisory, kernel
systems | freebsd
advisories | CVE-2019-5612
MD5 | c9e90cd4eb3cd766c44e2948ca9b1513
FreeBSD Security Advisory - FreeBSD-SA-19:22.mbuf
Posted Aug 21, 2019
Authored by Clement LECIGNE | Site security.freebsd.org

FreeBSD Security Advisory - Due do a missing check in the code of m_pulldown(9) data returned may not be contiguous as requested by the caller. Extra checks in the IPv6 code catch the error condition and trigger a kernel panic leading to a remote DoS (denial-of-service) attack with certain Ethernet interfaces. At this point it is unknown if any other than the IPv6 code paths can trigger a similar condition.

tags | advisory, remote, kernel
systems | freebsd
advisories | CVE-2019-5611
MD5 | 9c1a75e0d06084604a7f5ea3a769e9e8
Red Hat Security Advisory 2019-2534-01
Posted Aug 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2534-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This release of Red Hat 3scale API Management 2.6.0 replaces Red Hat 3scale API Management 2.5.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10216
MD5 | 9c5e706bb8911d6bc88a8c019dbd73c4
LibreOffice Macro Python Code Execution
Posted Aug 20, 2019
Authored by Shelby Pace, LoadLow, Nils Emmerich, Gabriel Masei | Site metasploit.com

This Metasploit module generates an ODT file with a dom loaded event that, when triggered, will execute arbitrary python code and the metasploit payload.

tags | exploit, arbitrary, python
advisories | CVE-2019-9851
MD5 | 6370452257edd14ff2dd490637bb95b3
TOR Virtual Network Tunneling Tool 0.4.1.5
Posted Aug 20, 2019
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This is the first stable release in the 0.4.1.x series. This series adds experimental circuit-level padding, authenticated SENDME cells to defend against certain attacks, and several performance improvements to save on CPU consumption. It fixes bugs in bootstrapping and v3 onion services. It also includes numerous smaller features and bugfixes on earlier versions.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 4a7ee49500d536d6c301a73bac0d0393
No cON Name 2019 Call For Papers
Posted Aug 20, 2019
Site noconname.org

The No cON Name 2019 call for papers has been announced. It will be held in Barcelona, Spain, from November 14th and 15th, 2019.

tags | paper, conference
MD5 | b8bd894366b8d00bf3e8bf213eeecd1e
Webmin 1.920 Remote Root
Posted Aug 20, 2019
Authored by Todor Donev

Webmin version 1.920 remote root exploit.

tags | exploit, remote, root
MD5 | e3174202504ae321de08a1dd89c21438
CentOS Control Web Panel (CWP) 0.9.8.851 phpMyAdmin Password Change
Posted Aug 20, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS Control Web Panel (CWP) version 0.9.8.851 allows an attacker to change arbitrary passwords.

tags | exploit, web, arbitrary
systems | linux, centos
advisories | CVE-2019-14246
MD5 | 7df560dfc3cd46821b6dd0851ddddda5
CentOS Control Web Panel (CWP) 0.9.8.851 Arbitrary Database Drop
Posted Aug 20, 2019
Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak

CentOS Control Web Panel (CWP) version 0.9.8.851 suffers from an arbitrary database dropping vulnerability.

tags | exploit, web, arbitrary
systems | linux, centos
advisories | CVE-2019-14245
MD5 | 815a00d6960c4fb8777b34723cfc6bc6
Ubuntu Security Notice USN-4107-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4107-1 - It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-3977
MD5 | 9a49aa81ed9e6042b0f98fb5869e73dc
Ubuntu Security Notice USN-4106-1
Posted Aug 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4106-1 - Mike Salvatore discovered that NLTK mishandled crafted ZIP archives during extraction. A remote attacker could use this vulnerability to write arbitrary files to the filesystem.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14751
MD5 | 59fef2967a0edf55e73428bf40115653
Page 1 of 14
Back12345Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close