exploit the possibilities
Showing 1 - 10 of 10 RSS Feed

Files Date: 2019-10-05

Ubuntu Security Notice USN-4147-1
Posted Oct 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4147-1 - It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup. A physically proximate attacker could use this to cause a denial of service. It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-0136, CVE-2019-10207, CVE-2019-13631, CVE-2019-15090, CVE-2019-15117, CVE-2019-15118, CVE-2019-15211, CVE-2019-15212, CVE-2019-15215, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15223, CVE-2019-15538, CVE-2019-15925, CVE-2019-15926, CVE-2019-9506
MD5 | 9b6a21a8a4483fda16543f89ef6b5f9b
CA Network Flow Analysis 9.x / 10.0.x Remote Command Execution
Posted Oct 5, 2019
Authored by Kevin Kotas, Hendrik Van Belleghem | Site www3.ca.com

CA Technologies, a Broadcom Company, is alerting customers to a potential risk with CA Network Flow Analysis. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA published a solution to address the vulnerabilities and recommends that all affected customers implement this solution. The vulnerability occurs due to default credentials and a configuration weakness. A malicious actor may use the default credentials and exploit a weakness in the configuration to execute arbitrary commands on the CA Network Flow Analysis server. Versions 9.x and 10.0.x are affected.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2019-13658
MD5 | 8114522ce19045f44906d1e2af524b4f
GitLab Omnibus 12.2.1 Logrotate Privilege Escalation
Posted Oct 5, 2019
Authored by Wolfgang Hotwagner

Gitlab Omnibus versions 7.4 through 12.2.1 suffer from a privilege escalation vulnerability that leverages a race condition in logrotate, resulting in a root shell.

tags | exploit, shell, root
advisories | CVE-2019-15741
MD5 | 3955d1e8b33d1e3a16022e0127d1dc28
Signal Forced Call Acceptance
Posted Oct 5, 2019
Authored by Google Security Research, natashenka

There is a logic error in Signal that can cause an incoming call to be answered even if the callee does not pick it up.

tags | exploit
MD5 | cfd5f34a2c4720cf69df48f6e4d12c1c
Zeek 3.0.0 (Formerly Known As Bro)
Posted Oct 5, 2019
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Bro is now known as Zeek. Added support for DNSSEC resource records RRSIG, DNSKEY, DS, NSEC, and NSEC3. Added support for parsing and logging DNS SPF resource records. Various other updates.
tags | tool, intrusion detection
systems | unix
MD5 | 6f952bac75a8b5299d45361da93fd9e9
WhatWeb Scanner 0.5.0
Posted Oct 5, 2019
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb is a next-generation web scanner. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.

Changes: Version 0.5.0 is a major version release form urbanadventurer and bcoles. With the help of the WhatWeb community they have reached over 1800 plugins! Plugin authors should take note that this release is not backwards compatible, and they have made a migration tool to help you update your private or unreleased plugins. New additions include IDN support, 9 unit tests, and various other items. Multiple bug fixes and updates have been added.
tags | tool, web, scanner, javascript
systems | unix
MD5 | 3dc99c5f128d3866273f05cd77548a2f
Microsoft Windows Silent Process Exit Persistence
Posted Oct 5, 2019
Authored by bwatters-r7, Mithun Shanbhag | Site metasploit.com

This Metasploit module uploads a payload and declares that it is the debug process to launch when a specified process exits.

tags | exploit
MD5 | f082809fe67aa161ddba42a5e4eda1db
File Sharing Wizard 1.5.0 DELETE SEH Buffer Overflow
Posted Oct 5, 2019
Authored by Striker

File Sharing Wizard version 1.5.0 with build date 26-8-2008 DELETE SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | a86c8312a605c7155a37d94016a4eb24
Devinim Library Software 19.0504000 Open Redirection
Posted Oct 5, 2019
Authored by KingSkrupellos

Devinim Library Software version 19.0504000 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 23489226db9323936e525207a81efad5
ParantezTeknoloji Library Software 16.0519000 Open Redirection
Posted Oct 5, 2019
Authored by KingSkrupellos

ParantezTeknoloji Library Software version 16.0519000 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 35591f3461ccac86a7ae618520b0e965
Page 1 of 1

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By