exploit the possibilities
Showing 1 - 25 of 353 RSS Feed

Files Date: 2019-10-01 to 2019-10-31

Ubuntu Security Notice USN-4171-1
Posted Oct 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4171-1 - Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Various other issues were also addressed.

tags | advisory, local, root
systems | linux, ubuntu
advisories | CVE-2019-11481, CVE-2019-11482, CVE-2019-11483, CVE-2019-11485, CVE-2019-15790
MD5 | 4435b79c84276bd5e52920e950cd2986
Ansvif 1.12
Posted Oct 30, 2019
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This is a bugfix release to ansvif. Many things were tweaked and fixed since the last version, but no real functionality has changed.
tags | tool, fuzzer
systems | unix
MD5 | fb3c8c5f74b8cd710844c5a73a3e6ab4
Red Hat Security Advisory 2019-3255-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3255-01 - Heketi provides a RESTful management interface that can be used to manage the life cycle of GlusterFS volumes. With Heketi, cloud services like OpenStack Manila, Kubernetes, and OpenShift can dynamically provision GlusterFS volumes with any of the supported durability types. Heketi will automatically determine the location for bricks across the cluster, making sure to place bricks and its replicas across different failure domains. Heketi also supports any number of GlusterFS clusters, allowing cloud services to provide network file storage without being limited to a single GlusterFS cluster.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3899
MD5 | 4826792b7ef2183edb45f873efb29d06
iSeeQ Hybrid DVR WH-H4 1.03R / 2.0.0.P (get_jpeg) Stream Disclosure
Posted Oct 30, 2019
Authored by LiquidWorm | Site zeroscience.mk

iSeeQ Hybrid DVR WH-H4 versions 1.03R and 2.0.0.P suffer from an unauthenticated and unauthorized live stream disclosure vulnerability when get_jpeg script is called.

tags | exploit
MD5 | c710c78108eb8eef3cbb203ca10f85c2
Red Hat Security Advisory 2019-3253-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3253-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and various information.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-10197
MD5 | 0360d9cb55db5bb93b57d3b5c1661590
JavaScriptCore GetterSetter Type Confusion
Posted Oct 30, 2019
Authored by saelo, Google Security Research

JavaScriptCore (JSC) GetterSetter suffers from a type confusion vulnerability during DFG compilation.

tags | exploit
advisories | CVE-2019-8765
MD5 | 63f1952a7a692ab451a162d31ee902ed
Ubuntu Security Notice USN-4170-1
Posted Oct 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4170-1 - Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute code as the whoopsie user.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-11484
MD5 | a84035b492b733edf6e8a3c6ef1f382f
Linux/x86 (NOT|ROT+8 Encoded) execve(/bin/sh) Null Free Shellcode
Posted Oct 30, 2019
Authored by Daniel Ortiz

47 bytes small Linux/x86 (NOT|ROT+8 Encoded) execve(/bin/sh) null free shellcode.

tags | x86, shellcode
systems | linux
MD5 | a9113f7b013779f563b04b416050d879
Citrix StoreFront Server 7.15 XML Injection
Posted Oct 30, 2019
Authored by Vahagn Vardanya

Citrix StoreFront Server version 7.15 suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | 6f5c1fba04bb7a0d33f77002aebcad77
Ubuntu Security Notice USN-4169-1
Posted Oct 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4169-1 - It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18408
MD5 | 5fa6e628153752ffa4f0bff31836d959
WMV To AVI MPEG DVD WMV Converter 4.6.1217 Denial Of Service
Posted Oct 30, 2019
Authored by Nithoshitha S

WMV to AVI MPEG DVD WMV Converter version 4.6.1217 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | fe0e90ffad1e81d90bb940f672daceb2
Red Hat Security Advisory 2019-3245-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3245-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include unbounded memory growth.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9512, CVE-2019-9514
MD5 | d93e2a6695f83a7523cfe3f02a0cb3df
Red Hat Security Advisory 2019-3244-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3244-01 - This release of Red Hat Fuse 7.4.1 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-14860
MD5 | cf397179feee53466e8bbfe6db2c65fa
Ubuntu Security Notice USN-4167-2
Posted Oct 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4167-2 - USN-4167-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. Various other issues were also addressed.

tags | advisory, remote, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-10218, CVE-2019-14847
MD5 | 584d2ef374be5249ad5f412d3fe5f274
Red Hat Security Advisory 2019-3239-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3239-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-1002100, CVE-2019-11249, CVE-2019-11253
MD5 | 91d55b4ca5f3900b9a51847a5ddb314e
Red Hat Security Advisory 2019-3238-01
Posted Oct 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3238-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-0503, CVE-2018-0504, CVE-2018-0505
MD5 | 0f8ef6628479a11b03b9f39a59d7c895
Ubuntu Security Notice USN-4168-1
Posted Oct 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4168-1 - It was discovered that Libidn2 incorrectly handled certain inputs. A attacker could possibly use this issue to impersonate domains. It was discovered that Libidn2 incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12290, CVE-2019-18224
MD5 | 10f4de4f7ee6c221a81466a5e5d7679b
Red Hat Security Advisory 2019-3231-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3231-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. BR/EDR encryption key negotiation attacks were addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2019-9506
MD5 | 5b834fab35e4b489a2b086cdaa86ef53
Red Hat Security Advisory 2019-3222-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3222-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Out-of-bounds read and state injection vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2018-15686, CVE-2018-16866
MD5 | 14477b4669afe9df27efd4027d627074
Red Hat Security Advisory 2019-3225-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3225-01 - Java Security Services provides an interface between Java Virtual Machine and Network Security Services. It supports most of the security standards and encryption technologies supported by NSS including communication through SSL/TLS network protocols. JSS is primarily utilized by the Certificate Server as a part of the Identity Management System. The OCSP policy Leaf and Chain implicitly trusts the root certificate.

tags | advisory, java, root, protocol
systems | linux, redhat
advisories | CVE-2019-14823
MD5 | 041a48e4265ed01347d8984710428491
Ubuntu Security Notice USN-4167-1
Posted Oct 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4167-1 - Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. Simon Fonteneau and Bjoern Baumbach discovered that Samba incorrectly handled the check password script. This issue could possibly bypass custom password complexity checks, contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.04, and Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, remote, local
systems | linux, ubuntu
advisories | CVE-2019-10218, CVE-2019-14833, CVE-2019-14847
MD5 | fb9bb75af7733c67fa3cb40b9b5f6643
Ubuntu Security Notice USN-4166-2
Posted Oct 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4166-2 - USN-4166-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2019-11043
MD5 | ef6238f8e5b72babf4cb9b04e3a3e34b
Craft CMS Rate Limiting / Brute Force
Posted Oct 29, 2019
Authored by Mohammed Abdul Raheem

Craft CMS versions up to 3.1.7 are missing rate limiting on password validations.

tags | exploit
advisories | CVE-2019-15929
MD5 | 20a945b5a9341d9bb8431f7153be5809
WordPress 5.2.4 Cross Origin Resource Sharing
Posted Oct 29, 2019
Authored by Milad Khoshdel

WordPress version 5.2.4 fails to validate an origin header.

tags | exploit
MD5 | 1db094f57934f8621b34b78783495b19
Red Hat Security Advisory 2019-3232-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3232-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-19788
MD5 | 0e6d0f2e8f2d8a63206c06f8a27d9bfd
Page 1 of 15
Back12345Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close