what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2019-12-18

GRR 3.4.0.1
Posted Dec 18, 2019
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: GRR server debian package now has to be installed on Ubuntu 18. UpdateClient flow fixed for Ubuntu clients. A number of bugfixes and minor enhancements for YARA memory scanning.
tags | tool, remote, web, forensics
systems | unix
SHA-256 | e1d8aa30b0752b40b74b2efba69dadd6ce0fe317780edf2cce36273f9106f43a
Wireshark Analyzer 3.2.0
Posted Dec 18, 2019
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: This is the last release branch with official support for Windows 7 and Windows Server 2008 R2. Many improvements have been made.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 4cfd33a19a454ff4002243e9d04d6afd64280a109a21ae652a192f2be2b1b66c
Microsoft UPnP Local Privilege Elevation
Posted Dec 18, 2019
Authored by bwatters-r7, hoangprod, NCC Group | Site metasploit.com

This Metasploit module exploits two vulnerabilities to execute a command as an elevated user. The first (CVE-2019-1405) uses the UPnP Device Host Service to elevate to NT AUTHORITY\LOCAL SERVICE. The second (CVE-2019-1322) leverages the Update Orchestrator Service to elevate from NT AUTHORITY\LOCAL SERVICE to NT AUTHORITY\SYSTEM.

tags | exploit, local, vulnerability
advisories | CVE-2019-1322, CVE-2019-1405
SHA-256 | 2b0831d90d0d3308c8fa7b290f260d2b523e84eb9e91f7f255d05dc7617c32f1
Red Hat Security Advisory 2019-4317-01
Posted Dec 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4317-01 - The rh-maven35-apache-commons-beanutils package provides Java utility methods for accessing and modifying properties of arbitrary JavaBeans.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2019-10086
SHA-256 | 7d9f4a61deefd325cb3ca3f5f72fbaf16660a62b454a4a85f6aed704c7c98172
macOS Kernel wait_for_namespace_event() Race Condition / Use-After-Free
Posted Dec 18, 2019
Authored by Google Security Research, bazad

In the macOS kernel, the XNU function wait_for_namespace_event() in bsd/vfs/vfs_syscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fp_free(), which unconditionally frees the fileproc and fileglob. This opens up a race window during which the process could manipulate those objects while they're being freed. Exploitation requires root privileges.

tags | exploit, kernel, root
systems | bsd
SHA-256 | 6d4e9cc704a5f5bbb4de66537161f105b64b583414a93c0e902c25bb793772b5
Telerik UI Remote Code Execution
Posted Dec 18, 2019
Authored by Markus Wulftange, Paul Taylor, Bishop Fox | Site know.bishopfox.com

The Telerik UI for ASP.NET AJAX insecurely deserializes JSON objects in a manner that results in arbitrary remote code execution on the software's underlying host.

tags | exploit, remote, arbitrary, code execution, asp
advisories | CVE-2019-18935
SHA-256 | 4aab62684a4cdf73f2ac375b58ade0ea344753c8d22b1fdf5f8a4e944c3eee54
Rumpus FTP Web File Manager 8.2.9.1 Cross Site Scripting
Posted Dec 18, 2019
Authored by Sudeepto Roy, Harshit Shukla

Rumpus FTP Web File Manager version 8.2.9.1 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2019-19368
SHA-256 | b29d7e3e85e42acc71951055770a2aaa59e5f0cd02eeef84356d0b6d44034301
AVS Audio Converter 9.1 Buffer Overflow
Posted Dec 18, 2019
Authored by ZwX

AVS Audio Converter version 9.1 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | e49995970ac35216bfc7bd9e9e75d0c534c97a0141129f46306b7a4566258d50
XnView 2.49.1 Denial Of Service
Posted Dec 18, 2019
Authored by ZwX

XnView version 2.49.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | c2420920bac382df4b87317d391c02698ced62b56ee14d0ae54df0d33c51646e
Debian Security Advisory 4588-1
Posted Dec 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4588-1 - It was discovered that python-ecdsa, a cryptographic signature library for Python, incorrectly handled certain signatures. A remote attacker could use this issue to cause python-ecdsa to either not warn about incorrect signatures, or generate exceptions resulting in a denial-of-service.

tags | advisory, remote, python
systems | linux, debian
advisories | CVE-2019-14853, CVE-2019-14859
SHA-256 | 8f58b8b190d816fd7cc7fa1c45dbb33b3a18c26c730101df5d1263039ef8b660
Ubuntu Security Notice USN-4223-1
Posted Dec 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4223-1 - Jan Jancar, Petr Svenda, and Vladimir Sedlacek discovered that a side- channel vulnerability existed in the ECDSA implementation in OpenJDK. An Attacker could use this to expose sensitive information. It was discovered that the Socket implementation in OpenJDK did not properly restrict the creation of subclasses with a custom Socket implementation. An attacker could use this to specially create a Java class that could possibly bypass Java sandbox restrictions. Various other issues were also addressed.

tags | advisory, java
systems | linux, ubuntu
advisories | CVE-2019-2894, CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
SHA-256 | 3e331b7ac5ae58746f0340a4b804d07d2cca4361bab05931f9b147f931602d1c
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close