what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2019-09-16

LastPass Credential Leak From Previous Site
Posted Sep 16, 2019
Authored by Tavis Ormandy, Google Security Research

LastPass suffers from an issue where bypassing do_popupregister() leaks credentials from the previous site.

tags | exploit
SHA-256 | e91aef0b7b7de488bc6fb1b7167218cb57d0484b98f8e1376f39b3cadbd7f574
Ubuntu Security Notice USN-4124-2
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4124-2 - USN-4124-1 fixed a vulnerability in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-15846
SHA-256 | 71d8e06b2c0c4cae4eecb4ffbda30d10eebc44079e9ff99b08f2472331d3317f
Debian Security Advisory 4523-1
Posted Sep 16, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4523-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, information disclosure and a covert content attack on S/MIME encryption using a crafted multipart/alternative message.

tags | advisory, arbitrary, xss, info disclosure
systems | linux, debian
advisories | CVE-2019-11739, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752
SHA-256 | 967040fbd9171f3b407f3ab9a0be62a4592c18053d4ec0a0f46e543fc5f9373f
Inteno IOPSYS Gateway 3DES Key Extraction Improper Access
Posted Sep 16, 2019
Authored by Gerard Fuguet

Inteno EG200 routers with firmware versions EG200-WU7P1U_ADAMO3.16.4-190226_1650 and below have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP.

tags | exploit, web
advisories | CVE-2019-13140
SHA-256 | 39f36f4b6db5a31b0de8f71b6618765de1c62790a395b11e89b90ba6c5ca5670
Red Hat Security Advisory 2019-2774-01
Posted Sep 16, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2774-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11739, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752
SHA-256 | 3c16fc4cc180d6fe147e9d65f595a3f31a52151e992d0e5d130ce3cae1e23e6d
Ubuntu Security Notice USN-4134-1
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4134-1 - Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-14822
SHA-256 | ed92e9e046984937207054328dcbba793eb2ef62bdf1c54b81a17f9db3ef13c2
docPrint Pro 8.0 SEH Buffer Overflow
Posted Sep 16, 2019
Authored by Connor McGarr

docPrint Pro version 8.0 suffers from a SEH buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 1e614fb447afd0b36c2e12b10f63bf118d4cfc22467707b5d7072f5e0ac8217e
Ubuntu Security Notice USN-4133-1
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4133-1 - It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.

tags | advisory, remote, local
systems | linux, ubuntu
advisories | CVE-2019-12295
SHA-256 | 9c9c4741019601e94212dc80ac960db60e2bddb1eb957b1ccec83ee8da1600cd
Debian Security Advisory 4522-1
Posted Sep 16, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4522-1 - Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-19502, CVE-2018-19503, CVE-2018-19504, CVE-2018-20194, CVE-2018-20195, CVE-2018-20197, CVE-2018-20198, CVE-2018-20357, CVE-2018-20358, CVE-2018-20359, CVE-2018-20361, CVE-2018-20362, CVE-2019-15296
SHA-256 | 33b9fccecf4353ae4a2b83a59bf84ceb570c6f8ad53dd6dfc6f568c4274c84e3
AppXSvc 17763.1.amd64fre.rs5_release.180914-1434 Privilege Escalation
Posted Sep 16, 2019
Authored by Gabor Seljan

AppXSvc version 17763.1.amd64fre.rs5_release.180914-1434 suffers from an arbitrary file security descriptor overwrite privilege escalation vulnerability.

tags | exploit, arbitrary
advisories | CVE-2019-1253
SHA-256 | f49c3a4798f6de0b0e932407bc8aae3873282516c62cce9782739f11c9e278a0
Master Data Online Cross Site Request Forgery / Data Tampering
Posted Sep 16, 2019
Authored by Prithwish Pal

Master Data Online suffers from a cross site request forgery vulnerability that allows for data tampering.

tags | exploit, csrf
advisories | CVE-2018-17789
SHA-256 | 44c88779610ebd4f3d5c4f4e62acdbc7a81948f558f8ae470f6da5b266509b54
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close