exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-10-31

Samhain File Integrity Checker 4.4.0
Posted Oct 31, 2019
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added support for OpenBSD signify as alternative to GnuPG.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 71af9918773e9028decc9c58136a9f56713a2951ed97b1130c0d6a01fe95eeab
Carel pCOWeb HVAC Insecure Credential Storage
Posted Oct 31, 2019
Site redteam-pentesting.de

The Carel pCOWeb card stores password hashes in the file /etc/passwd, allowing privilege escalation by authenticated users. Additionally, plaintext copies of the passwords are stored. Version A 1.4.11 - B 1.4.2 is affected.

tags | exploit
SHA-256 | 450784ac7f42fa743218fbb60bd08f3732984399df8feaaeb904aaf749417707
Carel pCOWeb HVAC Modbus Interface Authentication Bypass
Posted Oct 31, 2019
Site redteam-pentesting.de

The Carel pCOWeb card exposes a Modbus interface to the network. By design, Modbus does not provide authentication, allowing to control the affected system. Version A 1.4.11 - B 1.4.2 is affected.

tags | exploit
SHA-256 | ac9bdcf7f91e77dced7f5e7b4acb37e4fb6d3eaa097d2b650f4b1e1128e1c5f9
Red Hat Security Advisory 2019-3281-01
Posted Oct 31, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3281-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764
SHA-256 | 332517d0f986e800fddcb6a996bf545ae5876efc4f58467d01626aa54b79518f
Ubuntu Security Notice USN-4173-1
Posted Oct 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4173-1 - Felix Wilhelm discovered that FreeTDS incorrectly handled certain types after a protocol downgrade. A remote attacker could use this issue to cause FreeTDS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, ubuntu
advisories | CVE-2019-13508
SHA-256 | 249a5647bac6baba060acea4c6d26f95b420042b9d301e0d524db8fde562d0e8
Ubuntu Security Notice USN-4170-2
Posted Oct 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4170-2 - USN-4170-1 fixed a vulnerability in Whoopsie. The update caused Whoopsie to crash when sending reports. This update fixes the problem. Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute code as the whoopsie user. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
SHA-256 | 3d48c852e7dcfc3abb2fb09ed80df3fe28d0dc3f88c1ca2fde2213d5b6b9be2e
Nostromo 1.9.6 Directory Traversal / Remote Command Execution
Posted Oct 31, 2019
Authored by Quentin Kaiser, sp0re | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Nostromo versions 1.9.6 and below. This issue is caused by a directory traversal in the function http_verify in nostromo nhttpd allowing an attacker to achieve remote code execution via a crafted HTTP request.

tags | exploit, remote, web, code execution
advisories | CVE-2019-16278
SHA-256 | 1baffab9687f81feac9fe65275eba574314a19a248d0ee583a4ac8f7f390b032
Falco 0.18.0
Posted Oct 31, 2019
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Added support for converting k8s pod security policies (psps) into set of falco rules that can be used to evaluate the conditions specified in the psp. Added flags to disable syscall event source or k8s_audit event source. Various other updates and bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 19d7c7abbfac4c6fde1221a583df9546772368078433af5e6b111ad18b30aabb
WordPress Google Review Slider 6.1 SQL Injection
Posted Oct 31, 2019
Authored by Princy Edward

WordPress Google Review Slider plugin version 6.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 911c95419821334da71eefac39a1736f977de60c9cfdd08de57af973e356d0a4
Red Hat Security Advisory 2019-3278-01
Posted Oct 31, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3278-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. A privilege escalation vulnerability has been addressed.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2019-14287
SHA-256 | 09bd141bfc689914a6f037134dcdcc5ded17272004cc9cdae40303e14eba15ff
Ubuntu Security Notice USN-4172-1
Posted Oct 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4172-1 - It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18218
SHA-256 | 6fe3c94e2cd5e4c880d9f27376b84f019f84c878a29d5d6c0fbe26568c400032
Red Hat Security Advisory 2019-3267-01
Posted Oct 31, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3267-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the openshift-enterprise-cli container image for Red Hat OpenShift Container Platform 4.1.21. An arbitrary file write vulnerability was addressed.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2019-11251
SHA-256 | 906104ae39293840d5212d29dd0ff8cc64dadcf01d461ace938bc39d9d04c9cd
WMV To AVI MPEG DVD WMV Converter 4.6.1217 Buffer Overflow
Posted Oct 31, 2019
Authored by Doan Nguyen

WMV to AVI MPEG DVD WMV Converter version 4.6.1217 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 8d7b9c4e9eac2146af29c7dd55d6367cd28e4dfe7145bef186543371c430ddab
Red Hat Security Advisory 2019-3266-01
Posted Oct 31, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3266-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the openshift RPM packages for Red Hat OpenShift Container Platform 4.1.21. An arbitrary file write vulnerability was addressed.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2019-11251
SHA-256 | 6bed6b5c148ae9a3c52340c5463b29776453157b65077748ccba93309aba8a01
Red Hat Security Advisory 2019-3265-01
Posted Oct 31, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3265-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ansible-operator, apb, containernetworking-plugins, golang-github-openshift-prometheus-alert-buffer, golang-github-prometheus-promu and openshift-eventrouter RPM packages for Red Hat OpenShift Container Platform 4.1.21. Issues addressed include unbounded memory growth.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9512, CVE-2019-9514
SHA-256 | 66c6686738c7b7aa9986790e91b9a9c2b4f1ece1dcc127b32bfa252b00d6e23d
MikroTik RouterOS 6.45.6 DNS Cache Poisoning
Posted Oct 31, 2019
Authored by Jacob Baines

MikroTik RouterOS version 6.45.6 DNS cache poisoning exploit.

tags | exploit
advisories | CVE-2019-3978
SHA-256 | a383237105abf2d8cd196092df38ab74a7bb21e90a231ec004bccdee62539d22
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close