exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2019-10-05

Ubuntu Security Notice USN-4147-1
Posted Oct 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4147-1 - It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup. A physically proximate attacker could use this to cause a denial of service. It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-0136, CVE-2019-10207, CVE-2019-13631, CVE-2019-15090, CVE-2019-15117, CVE-2019-15118, CVE-2019-15211, CVE-2019-15212, CVE-2019-15215, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15223, CVE-2019-15538, CVE-2019-15925, CVE-2019-15926, CVE-2019-9506
SHA-256 | 3a6e4f11022c15fdae9b2f86ea5e517ab1e88fd12af7e490e6b1aa835deb5cf2
CA Network Flow Analysis 9.x / 10.0.x Remote Command Execution
Posted Oct 5, 2019
Authored by Kevin Kotas, Hendrik Van Belleghem | Site www3.ca.com

CA Technologies, a Broadcom Company, is alerting customers to a potential risk with CA Network Flow Analysis. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA published a solution to address the vulnerabilities and recommends that all affected customers implement this solution. The vulnerability occurs due to default credentials and a configuration weakness. A malicious actor may use the default credentials and exploit a weakness in the configuration to execute arbitrary commands on the CA Network Flow Analysis server. Versions 9.x and 10.0.x are affected.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2019-13658
SHA-256 | a8f4e8e65f778532ff67e151bdf00b3bd45c373dffe3db0912ad2976fbfa9ec9
GitLab Omnibus 12.2.1 Logrotate Privilege Escalation
Posted Oct 5, 2019
Authored by Wolfgang Hotwagner

Gitlab Omnibus versions 7.4 through 12.2.1 suffer from a privilege escalation vulnerability that leverages a race condition in logrotate, resulting in a root shell.

tags | exploit, shell, root
advisories | CVE-2019-15741
SHA-256 | ec5a0ad6e611974c35fee35b42232d35320003024968f9c8ab932cae0dd24449
Signal Forced Call Acceptance
Posted Oct 5, 2019
Authored by Google Security Research, natashenka

There is a logic error in Signal that can cause an incoming call to be answered even if the callee does not pick it up.

tags | exploit
SHA-256 | 3b9a4c627b9644243c268bf86ee703b8a5487f12549034ded884f920a1b96ec3
Zeek 3.0.0 (Formerly Known As Bro)
Posted Oct 5, 2019
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Bro is now known as Zeek. Added support for DNSSEC resource records RRSIG, DNSKEY, DS, NSEC, and NSEC3. Added support for parsing and logging DNS SPF resource records. Various other updates.
tags | tool, intrusion detection
systems | unix
SHA-256 | b552940a14132bcbbd9afdf6476ec615b5a44a6d15f78b2cdc15860fa02bff9a
WhatWeb Scanner 0.5.0
Posted Oct 5, 2019
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb is a next-generation web scanner. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.

Changes: Version 0.5.0 is a major version release form urbanadventurer and bcoles. With the help of the WhatWeb community they have reached over 1800 plugins! Plugin authors should take note that this release is not backwards compatible, and they have made a migration tool to help you update your private or unreleased plugins. New additions include IDN support, 9 unit tests, and various other items. Multiple bug fixes and updates have been added.
tags | tool, web, scanner, javascript
systems | unix
SHA-256 | d9dd541368c4c251ca5af53fba5cc7e2d70b012d7c4d8f1863a7aba23cd5c619
Microsoft Windows Silent Process Exit Persistence
Posted Oct 5, 2019
Authored by bwatters-r7, Mithun Shanbhag | Site metasploit.com

This Metasploit module uploads a payload and declares that it is the debug process to launch when a specified process exits.

tags | exploit
SHA-256 | a05b3a3b155bf1ca1a257a13df6b2f389b1f88604331b862f002f95fbb2ac668
File Sharing Wizard 1.5.0 DELETE SEH Buffer Overflow
Posted Oct 5, 2019
Authored by Striker

File Sharing Wizard version 1.5.0 with build date 26-8-2008 DELETE SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 3cf109c00e523a014a850c2de6ff70867f771db07b0370086324b2b963d463e1
Devinim Library Software 19.0504000 Open Redirection
Posted Oct 5, 2019
Authored by KingSkrupellos

Devinim Library Software version 19.0504000 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 03a338bfe562a8fc8fc509490801ea92a6df8b1ce994a08ea6e4e49fa7e0e177
ParantezTeknoloji Library Software 16.0519000 Open Redirection
Posted Oct 5, 2019
Authored by KingSkrupellos

ParantezTeknoloji Library Software version 16.0519000 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 81081f532847e51869b6a024c25058eb5837a70900011b6da1b364a813e143c4
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close