what you don't know can hurt you
Showing 1 - 24 of 24 RSS Feed

Files Date: 2019-10-01

Packet Storm New Exploits For September, 2019
Posted Oct 1, 2019
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 160 exploits added to Packet Storm in September, 2019.

tags | exploit
MD5 | bc1e3a8489abc8859734cab040ff3937
LG-ERICSSON LN202-003H HomeHub Router Remote Configuration Disclosure
Posted Oct 1, 2019
Authored by Todor Donev

LG-ERICSSON LN202-003H HomeHub router remote configuration disclosure exploit.

tags | exploit, remote
MD5 | fc594bc6b78ed6b26e191ee2958732fd
Fortinet FortiSIEM 5.0 / 5.2.1 Improper Certification Validation
Posted Oct 1, 2019
Authored by Andrew Klaus

A FortiSIEM collector connects to a Supervisor/Worker over HTTPS TLS (443/TCP) to register itself as well as relaying event data such as syslog, netflow, SNMP, etc. When the Collector (the client) connects to the Supervisor/Worker (the server), the client does not validate the server-provided certificate against its root-CA store. Since the client does no server certificate validation, this means any certificate presented to the client will be considered valid and the connection will succeed. If an attacker spoofs a Worker/Supervisor using an ARP or DNS poisoning attack (or any other MITM attack), the Collector will blindly connect to the attacker's HTTPS TLS server. It will disclose the authentication password used along with any data being relayed. Versions 5.0 and 5.2.1 have been tested and are affected.

tags | exploit, web, root, spoof, tcp
MD5 | ee1a1fa2b58f6637bd250813eb471ce4
Rocket.Chat Cross Site Scripting
Posted Oct 1, 2019
Authored by 3H34N

Rocket.Chat versions prior to 2.1.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 36f555f2af81fce69ddbe041edf0ab91
Red Hat Security Advisory 2019-2947-01
Posted Oct 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2947-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 5.9 will be retired as of March 31, 2020, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 5.9 AMC after March 31, 2020.

tags | advisory
systems | linux, redhat
MD5 | f81bab54d451616e097ee3d8765c9e4c
Red Hat Security Advisory 2019-2949-01
Posted Oct 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2949-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2019-9517
MD5 | bc505b4e45a39a19f419119259f86b4f
Red Hat Security Advisory 2019-2950-01
Posted Oct 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2950-01 - This release adds the new Apache HTTP Server 2.4.29 Service Pack 3 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2, and includes security and bug fixes. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2019-9516, CVE-2019-9517
MD5 | 1335c2d4b9621d42b1ad59dc1aca67e6
Red Hat Security Advisory 2019-2946-01
Posted Oct 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2946-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.29 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.29, and includes bug fixes for CVEs which are linked in the References section. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2019-9516, CVE-2019-9517
MD5 | 2654348a86bd8f200f26984bc6ca53e0
Red Hat Security Advisory 2019-2945-01
Posted Oct 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2945-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security fix: If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmf_wowl_nd_results() function. This vulnerability can be exploited by compromised chipsets to compromise the host, or when used in combination with another brcmfmac driver flaw, can be used remotely. This can result in a remote denial of service. Due to the nature of the flaw, a remote privilege escalation cannot be fully ruled out. Issues addressed include buffer overflow and denial of service vulnerabilities.

tags | advisory, remote, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-9500
MD5 | a87b3a5a1e36d60f2f04b5816c45a291
Ubuntu Security Notice USN-4145-1
Posted Oct 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4145-1 - It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service. It was discovered that the IPv6 implementation in the Linux kernel did not properly validate socket options in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-10905, CVE-2017-18509, CVE-2018-20961, CVE-2018-20976, CVE-2019-0136, CVE-2019-10207, CVE-2019-11487, CVE-2019-13631, CVE-2019-15211, CVE-2019-15215, CVE-2019-15926
MD5 | ea50ef6fe5c28f797b35ddfa61c716dc
Ubuntu Security Notice USN-4144-1
Posted Oct 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4144-1 - It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. Benjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-20976, CVE-2019-15538
MD5 | a08d6c0764fd808ec1d2ad89c0113cd9
Practical Decryption exFiltration: Breaking PDF Encryption
Posted Oct 1, 2019
Authored by Christian Mainka, Vladislav Mladenov, Jens Mueller, Jorg Schwenk, Sebastian Schinzel, Fabian Ising

The Portable Document Format, better known as PDF, is one of the most widely used document formats worldwide, and in order to ensure information confidentiality, this file format supports document encryption. In this paper, the authors analyze PDF encryption and show two novel techniques for breaking the confidentiality of encrypted documents.

tags | paper
MD5 | 07a85b3d5850b0d07bc74cd4e5fcc956
DOUBLEPULSAR Payload Execution / Neutralization
Posted Oct 1, 2019
Authored by Luke Jennings, wvu, Shadow Brokers, Equation Group, zerosum0x0, Jacob Robles | Site metasploit.com

This Metasploit module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for SMB as popularly deployed by ETERNALBLUE. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant.

tags | exploit, code execution
advisories | CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148
MD5 | d3c3fbee7204613a4c2d9dde14bd8c7f
Haveged 1.9.8
Posted Oct 1, 2019
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: Fix for Unresolved symbol error_exit in libhavege. Various other updates.
tags | tool
systems | linux, unix
MD5 | fba3c88e416ad99ed69849b61fdcaad0
SQLMAP - Automatic SQL Injection Tool 1.3.10
Posted Oct 1, 2019
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | daf042c398825b0476b7952f75fc71dd
libpcap 1.9.1
Posted Oct 1, 2019
Site tcpdump.org

Libpcap is a portable packet capture library which is used in many packet sniffers, including tcpdump.

Changes: Various updates.
tags | library
systems | unix
MD5 | 21af603d9a591c7d96a6457021d84e6c
tcpdump 4.9.3
Posted Oct 1, 2019
Site tcpdump.org

tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.

Changes: This release addresses a staggering amount of vulnerabilities.
tags | tool, sniffer
systems | unix
advisories | CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461, CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465, CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881, CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229, CVE-2018-16230, CVE-2018-16300, CVE-2018-16301, CVE-2018-16451, CVE-2018-16452, CVE-2019-15166
MD5 | a4ead41d371f91aa0a2287f589958bae
WebKit Cached Pages Universal Cross Site Scripting
Posted Oct 1, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a universal cross site scripting vulnerability using cached pages.

tags | exploit, xss
MD5 | feb75421e7efde640b47418cf364c390
WebKit WebCore::ReplacementFragment::ReplacementFragment User-Agent Shadow Root Leak
Posted Oct 1, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a user-agent shadow root leak in WebCore::ReplacementFragment::ReplacementFragment.

tags | exploit, root
MD5 | 1e45ed827ba900226f8651daf3f4187f
WebKit WebCore::command Universal Cross Site Scripting
Posted Oct 1, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a universal cross site scripting vulnerability in WebCore::command.

tags | exploit, xss
MD5 | 9f13592add861df962bac226dc591317
WebKit URI / Synchronous Page Loads Universal Cross Site Scripting
Posted Oct 1, 2019
Authored by Google Security Research, Glazvunov

WebKit has an issue where URI and synchronous page loads are susceptible to a universal cross site scripting vulnerability.

tags | exploit, xss
MD5 | 31dbae9bdb725280046f9290bd4c6460
DotNetNuke Cross Site Scripting
Posted Oct 1, 2019
Authored by MaYaSeVeN

DotNetNuke versions prior to 9.4.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-12562
MD5 | 5e87d37cd67d28292a61a476162e916b
kic 2.4a Denial Of Service
Posted Oct 1, 2019
Authored by JosueEncinar

kic version 2.4a suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 08505ada1a7ddb143c3f679f69195457
DameWare Remote Support 12.1.0.34 Buffer Overflow
Posted Oct 1, 2019
Authored by Xavi Beltran

DameWare Remote Support version 12.1.0.34 SEH buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | d04705f44094a0e541c78afb71f76587
Page 1 of 1
Back1Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close