exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

Files Date: 2019-09-16

LastPass Credential Leak From Previous Site
Posted Sep 16, 2019
Authored by Tavis Ormandy, Google Security Research

LastPass suffers from an issue where bypassing do_popupregister() leaks credentials from the previous site.

tags | exploit
MD5 | 868ccacf1a79234f0073d4e84c526158
Ubuntu Security Notice USN-4124-2
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4124-2 - USN-4124-1 fixed a vulnerability in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-15846
MD5 | 96cc6b097f3176d6115b243fc194fdee
Debian Security Advisory 4523-1
Posted Sep 16, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4523-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, information disclosure and a covert content attack on S/MIME encryption using a crafted multipart/alternative message.

tags | advisory, arbitrary, xss, info disclosure
systems | linux, debian
advisories | CVE-2019-11739, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752
MD5 | ddf3032ad011c83b2ac786de6545870e
Inteno IOPSYS Gateway 3DES Key Extraction Improper Access
Posted Sep 16, 2019
Authored by Gerard Fuguet

Inteno EG200 routers with firmware versions EG200-WU7P1U_ADAMO3.16.4-190226_1650 and below have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP.

tags | exploit, web
advisories | CVE-2019-13140
MD5 | 42d98d4eb695d10843154434df1ef4f3
Red Hat Security Advisory 2019-2774-01
Posted Sep 16, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2774-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11739, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752
MD5 | 2345ff0764a023bcbe9575f6569f4b03
Ubuntu Security Notice USN-4134-1
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4134-1 - Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-14822
MD5 | 6002dfaf1a23b111091bd34ff316b088
docPrint Pro 8.0 SEH Buffer Overflow
Posted Sep 16, 2019
Authored by Connor McGarr

docPrint Pro version 8.0 suffers from a SEH buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 5308c4595d22a62a948464471901acc2
Ubuntu Security Notice USN-4133-1
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4133-1 - It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.

tags | advisory, remote, local
systems | linux, ubuntu
advisories | CVE-2019-12295
MD5 | 5beae93d0843329763e065d95b120cde
Debian Security Advisory 4522-1
Posted Sep 16, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4522-1 - Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-19502, CVE-2018-19503, CVE-2018-19504, CVE-2018-20194, CVE-2018-20195, CVE-2018-20197, CVE-2018-20198, CVE-2018-20357, CVE-2018-20358, CVE-2018-20359, CVE-2018-20361, CVE-2018-20362, CVE-2019-15296
MD5 | a595a24b5bcbf799d382af553b3e2130
AppXSvc 17763.1.amd64fre.rs5_release.180914-1434 Privilege Escalation
Posted Sep 16, 2019
Authored by Gabor Seljan

AppXSvc version 17763.1.amd64fre.rs5_release.180914-1434 suffers from an arbitrary file security descriptor overwrite privilege escalation vulnerability.

tags | exploit, arbitrary
advisories | CVE-2019-1253
MD5 | bcc6ebfdae931fcb8e576b663d612f88
Master Data Online Cross Site Request Forgery / Data Tampering
Posted Sep 16, 2019
Authored by Prithwish Pal

Master Data Online suffers from a cross site request forgery vulnerability that allows for data tampering.

tags | exploit, csrf
advisories | CVE-2018-17789
MD5 | 69777c8a3ab73daec61eecb03a1a96e5
Page 1 of 1
Back1Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    7 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close