what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2019-09-03

ZeroNights 2019 Call For Papers
Posted Sep 3, 2019
Authored by ZeroNights CFP | Site zeronights.org

The ZeroNights 2019 Call For Papers has been announced. It will be held in Saint-Petersburg, Russia November 12th through the 13th, 2019.

tags | paper, conference
SHA-256 | af2c83c5c7172588650ad2baca14249cbe1d7004b12a19169a652bb1ef5e5720
One Identity Defender 5.9.3 Insecure Cryptographic Storage
Posted Sep 3, 2019
Authored by spicyitalian

One Identity Defender version 5.9.3 suffers from an insecure cryptographic storage vulnerability.

tags | exploit
SHA-256 | 9bb141d528570df3943c8ddfc6a63680c19bb6c1237f2e20c977ef5160ca426d
Totaljs CMS 12.0 Improper Access Control
Posted Sep 3, 2019
Authored by Riccardo Krauter

Totaljs CMS version 12.0 suffers from a broken access control on an API call.

tags | exploit
SHA-256 | fdf156b531b1d3da98ee95bbd5364b284446474608142fd65919a9598d6d86a7
Totaljs CMS 12.0 Widget Creation Code Injection
Posted Sep 3, 2019
Authored by Riccardo Krauter

Totaljs CMS version 12.0 suffers from an authenticated code injection vulnerability during widget creation.

tags | exploit
SHA-256 | e84a3b40aad34be56be0995eaa9961a7ed8b23cec1171398351a1e261546a2b6
WordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site Scripting
Posted Sep 3, 2019
Authored by Ricardo Sanchez

WordPress Portrait-Archiv.com Photostore plugin version 5.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e2df683a37c9e917380fcfae1c64e51f9d4d40bf4ff0b4148abae1368864fc91
Mandos Encrypted File System Unattended Reboot Utility 1.8.9
Posted Sep 3, 2019
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Various updates.
tags | remote, root
systems | linux, unix
SHA-256 | 9bec9f41b429fe9f554092719127b710a379003641d17aeb01189eb51dcf3deb
Totaljs CMS 12.0 Insecure Admin Session Cookie
Posted Sep 3, 2019
Authored by Riccardo Krauter

Totaljs CMS version 12.0 mints an insecure cookie that can be used to crack the administrator password.

tags | exploit, insecure cookie handling
SHA-256 | 6df69239605e353638050aa0d99b6229a04afd43b2e3d8b39f3f681e5e2d1305
Totaljs CMS 12.0 Path Traversal
Posted Sep 3, 2019
Authored by Riccardo Krauter

Totaljs CMS version 12.0 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2019-15952
SHA-256 | 9b5f7333d390a6dfbc2864452ec1c372bb2acd344d08dc82ae02bfc49c40aae5
FileThingie 2.5.7 Remote Shell Upload
Posted Sep 3, 2019
Authored by Cakes

FileThingie version 2.5.7 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
SHA-256 | aae960486af85882de11fa5806bb54d18154a4ffe010539eb31f70fb9650558f
Ubuntu Security Notice USN-4120-1
Posted Sep 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4120-1 - It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-15718
SHA-256 | c86f578cb209c9dd585d96bb0fc7af8226aa79a63c36f9a84d3f1e26a081c040
Ubuntu Security Notice USN-4121-1
Posted Sep 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4121-1 - Stefan Metzmacher discovered that the Samba SMB server did not properly prevent clients from escaping outside the share root directory in some situations. An attacker could use this to gain access to files outside of the Samba share, where allowed by the permissions of the underlying filesystem.

tags | advisory, root
systems | linux, ubuntu
advisories | CVE-2019-10197
SHA-256 | 1367c76bd694c824968013e80840ec4423f8c145a8687f47480c0f08138b555d
Red Hat Security Advisory 2019-2600-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2600-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2019-1125, CVE-2019-9500
SHA-256 | a1c1aecbf9dcc5c9530c098a822b5f85a70020531244b0e148c3e99138917e2e
Red Hat Security Advisory 2019-2606-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2606-01 - The K Desktop Environment is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2019-14744
SHA-256 | 02b63b8a2f7fb8a8aad16a025ce384a5871d50f08e63d4bc9589b940af7f2df9
Red Hat Security Advisory 2019-2607-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2607-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a null pointer vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-12155
SHA-256 | 3b7318010bd2f9c32d82e1e5ab546e84395552a828afcca099adc00d3e9036f5
Red Hat Security Advisory 2019-2609-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2609-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2019-1125, CVE-2019-9500
SHA-256 | 41606b2d3b0d107064d793ba6ec7fc2f5c1fd026af72002f13b849c32000714b
Red Hat Security Advisory 2019-2622-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2622-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Issues addressed include an exception leak.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14433
SHA-256 | 4af42562dba77f7bcdbe1e7e6df56f1d25665424b7d3a21813ac16f7a7a3f0d3
Red Hat Security Advisory 2019-2628-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2628-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-10192
SHA-256 | 106b1f1b5e56f5698a42594260a21f70b42ea234ffb8221bb183f78969c74396
Red Hat Security Advisory 2019-2631-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2631-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Issues addressed include an exception leak.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14433
SHA-256 | 0874933e6667ea1a22b92eae657624c759b17062369a36bf01c00aa1f70fbd17
Red Hat Security Advisory 2019-2630-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2630-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-10192
SHA-256 | 622a6ee42399aa8c9113df81ba4a22f49cf8aca260f06ca6cc599516f5e9871f
Ubuntu Security Notice USN-4119-1
Posted Sep 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4119-1 - It was discovered that Irssi incorrectly handled certain CAP requests. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-15717
SHA-256 | 61003b4454ac65afee62a78a0371c61147fe6641339aa401d1988120b16a1474
Red Hat Security Advisory 2019-2621-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2621-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-10192
SHA-256 | 9eb568a780b889c7e7d3bc91f1456a926fbecbd04250250e2a87fb8a4cbc82fc
Ubuntu Security Notice USN-4118-1
Posted Sep 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4118-1 - It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-13053, CVE-2018-13093, CVE-2018-13098, CVE-2018-13099, CVE-2018-13100, CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14614, CVE-2018-14616, CVE-2018-14617, CVE-2018-16862, CVE-2018-19985, CVE-2018-20169, CVE-2018-20511, CVE-2018-20784, CVE-2018-20856, CVE-2018-5383, CVE-2019-0136, CVE-2019-10126, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11085, CVE-2019-11487, CVE-2019-11599
SHA-256 | 4f908bb81d9ebb9dd129fad885aa16a8ad89f97c5c09adc998aefff895ea8268
Microsoft Outlook Web Access 14.3.224.2 Header Injection
Posted Sep 3, 2019
Authored by Todor Donev

Microsoft Outlook Web Access version 14.3.224.2 remote host header injection exploit.

tags | exploit, remote, web
SHA-256 | 2a045a798379ed94af70c8ea6473d9a34de7eb79dd2b3dbfe41c7f40f2643fb1
Cisco IronPort C350 Header Injection
Posted Sep 3, 2019
Authored by Todor Donev

Cisco IronPort C350 remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 46aa6ec3a6ceb2fb7831a82b780d522b93acdd23c01e01fdc83b7da4ec5aefa9
Cisco Email Security Virtual Appliance C370 IronPort Header Injection
Posted Sep 3, 2019
Authored by Todor Donev

Cisco Email Security Virtual Appliance C370 IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 36b762978c34e1f16ed9d93334f8184be045b42ea6fd1fe3f627d000b31db178
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close