what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-10-31

Samhain File Integrity Checker 4.4.0
Posted Oct 31, 2019
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added support for OpenBSD signify as alternative to GnuPG.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 0fbbefc33f0c1dfe8e22ae923a92ed1e
Carel pCOWeb HVAC Insecure Credential Storage
Posted Oct 31, 2019
Site redteam-pentesting.de

The Carel pCOWeb card stores password hashes in the file /etc/passwd, allowing privilege escalation by authenticated users. Additionally, plaintext copies of the passwords are stored. Version A 1.4.11 - B 1.4.2 is affected.

tags | exploit
MD5 | adcd6976fc3af3a31111c9cc0175dc80
Carel pCOWeb HVAC Modbus Interface Authentication Bypass
Posted Oct 31, 2019
Site redteam-pentesting.de

The Carel pCOWeb card exposes a Modbus interface to the network. By design, Modbus does not provide authentication, allowing to control the affected system. Version A 1.4.11 - B 1.4.2 is affected.

tags | exploit
MD5 | a6b5f2afb3951524c7caa0e7f535303e
Red Hat Security Advisory 2019-3281-01
Posted Oct 31, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3281-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764
MD5 | a4467477761352f56e73cc5aa5cba346
Ubuntu Security Notice USN-4173-1
Posted Oct 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4173-1 - Felix Wilhelm discovered that FreeTDS incorrectly handled certain types after a protocol downgrade. A remote attacker could use this issue to cause FreeTDS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, ubuntu
advisories | CVE-2019-13508
MD5 | 602346647a2267435e1bac7bf53bb1a4
Ubuntu Security Notice USN-4170-2
Posted Oct 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4170-2 - USN-4170-1 fixed a vulnerability in Whoopsie. The update caused Whoopsie to crash when sending reports. This update fixes the problem. Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute code as the whoopsie user. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
MD5 | 71602a9b8d7477df434313c149da7b2e
Nostromo 1.9.6 Directory Traversal / Remote Command Execution
Posted Oct 31, 2019
Authored by Quentin Kaiser, sp0re | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Nostromo versions 1.9.6 and below. This issue is caused by a directory traversal in the function http_verify in nostromo nhttpd allowing an attacker to achieve remote code execution via a crafted HTTP request.

tags | exploit, remote, web, code execution
advisories | CVE-2019-16278
MD5 | 0372f5b23ff2aba4c2961bb5522b1b57
Falco 0.18.0
Posted Oct 31, 2019
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Added support for converting k8s pod security policies (psps) into set of falco rules that can be used to evaluate the conditions specified in the psp. Added flags to disable syscall event source or k8s_audit event source. Various other updates and bug fixes.
tags | tool, intrusion detection
systems | unix
MD5 | 1e8e5282ba1beb9d319e9fa325bb506d
WordPress Google Review Slider 6.1 SQL Injection
Posted Oct 31, 2019
Authored by Princy Edward

WordPress Google Review Slider plugin version 6.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4345307ef41d8fbaeb814207d34e87ea
Red Hat Security Advisory 2019-3278-01
Posted Oct 31, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3278-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. A privilege escalation vulnerability has been addressed.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2019-14287
MD5 | 48dfb6453f3477d2a9b70fa56cba7fe4
Ubuntu Security Notice USN-4172-1
Posted Oct 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4172-1 - It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18218
MD5 | fccad7ea0542890dd8e2afebb807a59b
Red Hat Security Advisory 2019-3267-01
Posted Oct 31, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3267-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the openshift-enterprise-cli container image for Red Hat OpenShift Container Platform 4.1.21. An arbitrary file write vulnerability was addressed.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2019-11251
MD5 | 6234b39232bc790d6222a016c21a97ed
WMV To AVI MPEG DVD WMV Converter 4.6.1217 Buffer Overflow
Posted Oct 31, 2019
Authored by Doan Nguyen

WMV to AVI MPEG DVD WMV Converter version 4.6.1217 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | b137f42c777af0cfa55fb36f8cf5ca1a
Red Hat Security Advisory 2019-3266-01
Posted Oct 31, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3266-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the openshift RPM packages for Red Hat OpenShift Container Platform 4.1.21. An arbitrary file write vulnerability was addressed.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2019-11251
MD5 | 3a3855cbf8ae7ebf99881719f618c759
Red Hat Security Advisory 2019-3265-01
Posted Oct 31, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3265-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ansible-operator, apb, containernetworking-plugins, golang-github-openshift-prometheus-alert-buffer, golang-github-prometheus-promu and openshift-eventrouter RPM packages for Red Hat OpenShift Container Platform 4.1.21. Issues addressed include unbounded memory growth.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9512, CVE-2019-9514
MD5 | 6b4d80d5e33491e4cadf503383c544ae
MikroTik RouterOS 6.45.6 DNS Cache Poisoning
Posted Oct 31, 2019
Authored by Jacob Baines

MikroTik RouterOS version 6.45.6 DNS cache poisoning exploit.

tags | exploit
advisories | CVE-2019-3978
MD5 | e135b8c4724b9accdba996b0b01d3ef2
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close