what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2019-10-08

Ubuntu Security Notice USN-4149-1
Posted Oct 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4149-1 - It was discovered that Unbound incorrectly handled certain NOTIFY queries. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-16866
SHA-256 | 09f9cfa7dc31d778dac5daeb0e108477ccc6f66da492e0fa755ac7426b253bff
Apple Security Advisory 2019-10-07-4
Posted Oct 8, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-10-07-4 - iCloud for Windows 7.14 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss
systems | windows, apple
advisories | CVE-2019-8625, CVE-2019-8707, CVE-2019-8719, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8745, CVE-2019-8763
SHA-256 | 6a7c2c77310c062987794cea58581f0c9165cca74089949df34cf416dec8d5f3
Red Hat Security Advisory 2019-2975-01
Posted Oct 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2975-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Bluetooth BR/EDR encryption key negotiation attacks were addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-1125, CVE-2019-9506
SHA-256 | 1235e2a7acc93c54c6e8db8b58a106abc75a8ae1dc21d4324a6241be5409b8a8
Faraday 3.9.2
Posted Oct 8, 2019
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added agents feature for distributed plugin execution Added an API endpoint to to perform a bulk create of many objects (hosts, services, vulns, commands and credentials). Many other additions and updates.
tags | tool, rootkit
systems | unix
SHA-256 | a0a425e6034950938c3346c539d51d80f5788cfa95f5584b394adeb591a11843
File Sharing Wizard 1.5.0 POST SEH Overflow
Posted Oct 8, 2019
Authored by x00pwn, Dean Welch | Site metasploit.com

This Metasploit module exploits an unauthenticated HTTP POST SEH-based buffer overflow in File Sharing Wizard version 1.5.0.

tags | exploit, web, overflow
advisories | CVE-2019-16724
SHA-256 | 5ba4934d2c6e2bc26de53ab037769cf889d219ee535dd367281aadff1d2fbd42
WebKit FrameLoader::clear Same-Origin Policy Bypass
Posted Oct 8, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a same-origin policy bypass vulnerability in FrameLoader::clear.

tags | exploit, bypass
SHA-256 | 334e5b8a59befbfda5f832467d0a3088d6e29ced2e3ce411870872bfc402e694
Red Hat Security Advisory 2019-2980-01
Posted Oct 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2980-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an information leakage vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-9636
SHA-256 | 58df67f1d3c3ee439003b39d0be2e9a506c36b86b91c62d74ef9b923ae08852e
Apple Security Advisory 2019-10-07-3
Posted Oct 8, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-10-07-3 - iCloud for Windows 10.7 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss
systems | windows, apple
advisories | CVE-2019-8625, CVE-2019-8707, CVE-2019-8719, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8745, CVE-2019-8763
SHA-256 | 8c0721b6cd1c6850d630ec21a0194e061a081691eea98bf32c61367f52fd48bf
Red Hat Security Advisory 2019-2978-01
Posted Oct 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2978-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. An auth hijacking issue has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-6133
SHA-256 | 1d5c2956e676d04d3d4761fe7164c641c826acf901393e347da3b6e20abcacc2
Apple Security Advisory 2019-10-07-2
Posted Oct 8, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-10-07-2 - iTunes for Windows 12.10.1 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss
systems | windows, apple
advisories | CVE-2019-8625, CVE-2019-8707, CVE-2019-8719, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8745, CVE-2019-8763
SHA-256 | a50da9c93476e1a8416f8f9d096bf883c915df1249be2b70c1f3089b95de093c
Apple Security Advisory 2019-10-07-1
Posted Oct 8, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-10-07-1 - macOS Catalina 10.15 is now available and addresses buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2019-11041, CVE-2019-11042, CVE-2019-8701, CVE-2019-8705, CVE-2019-8717, CVE-2019-8730, CVE-2019-8745, CVE-2019-8748, CVE-2019-8755, CVE-2019-8757, CVE-2019-8758, CVE-2019-8768, CVE-2019-8769, CVE-2019-8770, CVE-2019-8772, CVE-2019-8781
SHA-256 | 46470c1654beb5b432d7623a4594d9db95d356ab30101f33d237b0df88fee0e2
Red Hat Security Advisory 2019-2977-01
Posted Oct 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2977-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A rate limiting issue has been addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-5743
SHA-256 | aac9f1dcb750c44cf956e00d95ceaecf229abcc3ebbfa69652b51810f094faea
Red Hat Security Advisory 2019-2979-01
Posted Oct 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2979-01 - The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow, protocol
systems | linux, redhat
advisories | CVE-2019-5953
SHA-256 | ee14858e70273310573a5f5f583f6115b32aceeda2695a50f06c4004a70b4dd7
Debian Security Advisory 4539-2
Posted Oct 8, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4539-2 - A change introduced in openssl 1.1.1d (which got released as DSA 4539-1) requires sandboxing features which are not available in Linux kernels before 3.19, resulting in OpenSSH rejecting connection attempts if running on an old kernel. This does not affect Linux kernels shipped in Debian oldstable/stable, but may affect buster systems which are running on an older kernel.

tags | advisory, kernel
systems | linux, debian
SHA-256 | 2dc4b343e14b048c22bf6f31d15affc87eaa865439230298cca23ab22853f39f
Socomec DIRIS A-40 Password Disclosure
Posted Oct 8, 2019
Authored by Jens Timmerman

Socomec DIRIS A-40 devices versions before 48250501 allow a remote attacker to get full access to a device via the /password.jsn URI.

tags | exploit, remote, info disclosure
advisories | CVE-2019-15859
SHA-256 | 16ab97af55d3fc1d27cd7abf2ca1d9e0663134c0198f09bc5fae39859c8f4710
OmniCenter 12.1.1 SQL Injection
Posted Oct 8, 2019
Authored by Luis Rios

OmniCenter version 12.1.1 suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
advisories | CVE-2019-17128
SHA-256 | 0b296d76f9a2e6eabb70ad9f4d5da4a6eda48b86f7e00c06f3ba1943626660c8
libyal libfwsi Buffer Overread
Posted Oct 8, 2019
Authored by Dhiraj Mishra

In libyal libfwsi versions prior to 20191006, libfwsi_extension_block_copy_from_byte_stream in libfwsi_extension_block.c has a heap-based buffer over-read because rejection of an unsupported size only considers values less than 6, even though values of 6 and 7 are also unsupported.

tags | advisory
advisories | CVE-2019-17263
SHA-256 | 46e852d4c7c1971b5e6984b6483409bbb11e258031a5a6fb7803147f5c7a344d
RENPHO 3.0.0 Information Disclosure
Posted Oct 8, 2019
Authored by Tim Schughart

RENPHO version 3.0.0 fails to encrypt in transit and due to this can disclose sensitive information and allow for man-in-the-middle attacks.

tags | exploit, info disclosure
advisories | CVE-2019-14808
SHA-256 | 6a1c6c82f8f2d77c4029355706b177fb2a7b01fa5d30d65cf34b17238f45c6f0
Linux/ARM Fork Bomb Shellcode
Posted Oct 8, 2019
Authored by CJHackerz

20 bytes small Linux/ARM fork bombing shellcode.

tags | shellcode
systems | linux
SHA-256 | 817fbcb25dabcab53e270fd807a2b136612d260c448219c344e92fa102bc3944
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close