what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2019-09-05

Asterisk Project Security Advisory - AST-2019-005
Posted Sep 5, 2019
Authored by Gregory Massel | Site asterisk.org

Asterisk Project Security Advisory - When audio frames are given to the audio transcoding support in Asterisk the number of samples are examined and as part of this a message is output to indicate that no samples are present. A change was done to suppress this message for a particular scenario in which the message was not relevant. This change assumed that information about the origin of a frame will always exist when in reality it may not. This issue presented itself when an RTP packet containing no audio (and thus no samples) was received. In a particular transcoding scenario this audio frame would get turned into a frame with no origin information. If this new frame was then given to the audio transcoding support a crash would occur as no samples and no origin information would be present.

tags | advisory
advisories | CVE-2019-15639
SHA-256 | f099af7f927bb32ebabc2ad896ed9ecc6426a574a8666725577cefa49658c9c4
Asterisk Project Security Advisory - AST-2019-004
Posted Sep 5, 2019
Authored by Alexei Gradinari | Site asterisk.org

Asterisk Project Security Advisory - When Asterisk sends a re-invite initiating T.38 faxing, and the endpoint responds with a declined media stream a crash will then occur in Asterisk.

tags | advisory
advisories | CVE-2019-15297
SHA-256 | bb7ad078a0f3af2b1a5200e64d077cdaa043b5c90eed178634116a901bf0a64c
Wapiti Web Application Vulnerability Scanner 3.0.2
Posted Sep 5, 2019
Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: New XXE module can send payloads in parameters, query string, file uploads and raw body. New module for detection Open Redirect vulnerabilities (header based our HTML meta based or JS based). Many other additions, updates, and improvements.
tags | tool, web, scanner, vulnerability
systems | unix
SHA-256 | 19c4b0b7e49e3622d46f478ce1290c904870d04e5246b89fdd371bc9830c6b2e
Windows 10 UAC Protection Bypass Via Windows Store (WSReset.exe) And Registry
Posted Sep 5, 2019
Authored by bwatters-r7, sailay1996, ACTIVELabs | Site metasploit.com

This Metasploit module exploits a flaw in the WSReset.exe file associated with the Windows Store. This binary has autoelevate privs, and it will run a binary file contained in a low-privilege registry location. By placing a link to the binary in the registry location, WSReset.exe will launch the binary as a privileged user.

tags | exploit, registry
systems | windows
SHA-256 | fd4483c2d11523aa133d98cfbc3d2430e4968d51d316ebccfd038998c7d314e9
WordPress Ecpay Logistics For WooCommerce 1.2.181030 Cross Site Scripting
Posted Sep 5, 2019
Authored by Ricardo Sanchez

WordPress Ecpay Logistics For WooCommerce plugin version 1.2.181030 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a30bd615c191cf717a1dd3a0ea095375172367c74e0c8e8ebbb5f8e3ee306e7b
Linux/x86 TCP Reverse Shell 127.0.0.1 Nullbyte Free Shellcode
Posted Sep 5, 2019
Authored by Sandro Zaccarini

Linux/x86 TCP reverse shell 127.0.0.1 nullbyte free shellcode.

tags | shell, x86, tcp, shellcode
systems | linux
SHA-256 | 329c527166985f21f8066e80dbde39d0834fcb98733657d062bf3926cdfd341f
WordPress API Bearer Auth 20181229 Cross Site Scripting
Posted Sep 5, 2019
Authored by Ricardo Sanchez

WordPress API Bearer Auth plugin version 20181229 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8675ab0366b6c26fd347c4649b9413d45f92201753b05f00cfa73d625cbe7053
Ubuntu Security Notice USN-4123-1
Posted Sep 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4123-1 - It was discovered that npm/fstream incorrectly handled certain crafted tarballs. An attacker could use this vulnerability to write arbitrary files to the filesystem.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13173
SHA-256 | 44ffd0318bdf890a835ec37bcb33cceb2e69f451205ffb4d30efa27ad9709d7f
Red Hat Security Advisory 2019-2670-01
Posted Sep 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2670-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 76.0.3809.132. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-5869
SHA-256 | 0667ea86b468b9548437d3a42a583a0ff251b19a21e36fb12e3a0bb59e46f4b8
Slackware Security Advisory - seamonkey Updates
Posted Sep 5, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 7cc6ffe266b7217ab3a0ff96b53da019f5f366bc4ec9614435fcd33ab00cb588
Red Hat Security Advisory 2019-2587-01
Posted Sep 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2587-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, ruby
systems | linux, redhat
advisories | CVE-2018-10854, CVE-2019-11358
SHA-256 | 89b9f7500052fdb49625bbc8a8734904b10ccb16484d2ad58eaf340ea1707561
Red Hat Security Advisory 2019-2551-01
Posted Sep 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2551-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2019-0542
SHA-256 | fac43b81794eff4c4fde373963bf1874e8dd0198beb61caebbe34b63db1c7df9
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close