exploit the possibilities
Showing 1 - 22 of 22 RSS Feed

Files Date: 2019-11-18

cryptmount Filesystem Manager 5.3.2
Posted Nov 18, 2019
Authored by RW Penney | Site cryptmount.sourceforge.net

cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.

Changes: Refined handling of passwords in mudslinger testing script.
tags | tool, kernel, encryption
systems | linux, unix
MD5 | a52707f76ff4c3baa81c43a392962b8a
Windows Escalate UAC Protection Bypass
Posted Nov 18, 2019
Authored by enigma0x3, bwatters-r7 | Site metasploit.com

This Metasploit module will bypass Windows UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when Windows backup and restore is launched. It will spawn a second shell that has the UAC flag turned off. This module modifies a registry key, but cleans up the key once the payload has been invoked.

tags | exploit, shell, registry
systems | windows
MD5 | 4f1cab9439a2a2fee0bb0c73a655df7d
Ubuntu Security Notice USN-4196-1
Posted Nov 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4196-1 - It was discovered that python-ecdsa incorrectly handled certain signatures. A remote attacker could possibly use this issue to cause python-ecdsa to generate unexpected exceptions, resulting in a denial of service. It was discovered that python-ecdsa incorrectly verified DER encoding in signatures. A remote attacker could use this issue to perform certain malleability attacks. Various other issues were also addressed.

tags | advisory, remote, denial of service, python
systems | linux, ubuntu
advisories | CVE-2019-14853, CVE-2019-14859
MD5 | 35e3a03b9cd2e11397dc1e4198d7fb7b
Centova Cast 3.2.11 Arbitrary File Download
Posted Nov 18, 2019
Authored by DroidU

Centova Cast versions 3.2.11 and below suffer from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
MD5 | 06295d9b498967fba1d7e043f6b5e745
Debian Security Advisory 4571-1
Posted Nov 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4571-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-11755, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903
MD5 | efc9c0ea3531da747ebe551da4587b93
MobileGo 8.5.0 Insecure File Permissions
Posted Nov 18, 2019
Authored by ZwX

MobileGo version 8.5.0 suffers from an insecure file permission vulnerability.

tags | exploit
MD5 | 01b469607a40a0f08aba37d07b840883
Red Hat Security Advisory 2019-3901-01
Posted Nov 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3901-01 - Red Hat OpenShift Application Runtimes provide an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Vert.x 3.8.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes linked to in the References section. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-10174, CVE-2019-12384, CVE-2019-14379, CVE-2019-16869, CVE-2019-16942
MD5 | 38c505a5371b1bcf8db927756e67ce46
Ubuntu Security Notice USN-4195-1
Posted Nov 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4195-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.18 in Ubuntu 19.10. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.28. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-2910, CVE-2019-2922, CVE-2019-2946, CVE-2019-2960, CVE-2019-2968, CVE-2019-2991, CVE-2019-3003, CVE-2019-3018
MD5 | 3186ce4dc67212c7beaf20fd11739ccf
Debian Security Advisory 4570-1
Posted Nov 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4570-1 - A vulnerability was discovered in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker, allowing a malicious MQTT client to cause a denial of service (stack overflow and daemon crash), by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy.

tags | advisory, denial of service, overflow
systems | linux, debian
advisories | CVE-2019-11779
MD5 | d38cc5361b20fa3f0859c5027206cd80
nipper-ng 0.11.10 Remote Buffer Overflow
Posted Nov 18, 2019
Authored by Guy Levin

nipper-ng version 0.11.10 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
advisories | CVE-2019-17424
MD5 | d4babeb02a84d1101e6c163b25b3b907
Red Hat Security Advisory 2019-3898-01
Posted Nov 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3898-01 - Libcomps is library for structure-like manipulation with content of comps XML files. Supports read/write XML file, structure modification. A use-after-free vulnerability was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3817
MD5 | c83fa1d40190a8a566d7e096c15c4500
TemaTres 3.0 Cross Site Scripting
Posted Nov 18, 2019
Authored by Pablo Santiago

TemaTres version 3.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-14343
MD5 | 6f25a6e1c11e44890bac7aca68f875ae
Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted Nov 18, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2019-0154, CVE-2019-0155, CVE-2019-11135
MD5 | ce50f9770590619a36864a763e81aa83
Foscam Video Management System 1.1.4.9 Denial Of Service
Posted Nov 18, 2019
Authored by chuyreds

Foscam Video Management System version 1.1.4.9 username denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | f4ed71a0cf156255d4e06a58ba562112
XSSer Penetration Testing Tool 1.8-2
Posted Nov 18, 2019
Authored by psy | Site xsser.03c8.net

XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.

Changes: Ported to Python 3.x. Added anti-antixss firewall rules. Added requirements. Updated documentation and website.
tags | tool, scanner
systems | unix
MD5 | 8b9935758c7d377c8522e385691ca769
TemaTres 3.0 Cross Site Request Forgery
Posted Nov 18, 2019
Authored by Pablo Santiago

TemaTres version 3.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | e8b3eeba117e93d31065972e40d48400
Debian Security Advisory 4569-1
Posted Nov 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4569-1 - Manfred Paul and Lukas Schauer reported that the .charkeys procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox.

tags | advisory
systems | linux, debian
advisories | CVE-2019-14869
MD5 | 959d9141e9c917a14eafabc0da27c985
Crystal Live HTTP Server 6.01 Directory Traversal
Posted Nov 18, 2019
Authored by numan turle

Crystal Live HTTP Server version 6.01 suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
MD5 | 9d4260e2999b76e3021c14066da0c499
Red Hat Security Advisory 2019-3895-01
Posted Nov 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3895-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. A privilege escalation vulnerability was addressed.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2019-14287
MD5 | 6726c7f5850cf6b4d0bbed7b9fc33c10
Open Proficy HMI-SCADA 5.0.0.25920 Denial Of Service
Posted Nov 18, 2019
Authored by Luis Martinez

Open Proficy HMI-SCADA version 5.0.0.25920 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 64ca0afe85c1b214c34f0f0c11041be0
Debian Security Advisory 4568-1
Posted Nov 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4568-1 - Rich Mirch discovered that the pg_ctlcluster script didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.

tags | advisory, local
systems | linux, debian
advisories | CVE-2019-3466
MD5 | d197437ba4eb0f0378e07f5635ab426b
Lexmark Services Monitor 2.27.4.0.39 Directory Traversal
Posted Nov 18, 2019
Authored by Kevin Randall

Lexmark Services Monitor version 2.27.4.0.39 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2019-16758
MD5 | 46bf6a48051d0bf2f840e83e3f1f6cbb
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close