what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2019-12-19

Faraday 3.10.0
Posted Dec 19, 2019
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Now uses Python 3 instead of Python 2 in the Faraday Server. Added ability to manage agents with multiple executors. Tons of other additions and fixes.
tags | tool, rootkit
systems | unix
SHA-256 | f88f90111c84943c54ed30508e7ed962f3a207f681d0bc65500e35b684eb105b
Deutsche Bahn Ticket Vending Machine Privilege Escalation
Posted Dec 19, 2019
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

The Deutsche Bahn Ticket Vending Machine suffers from a local kiosk privilege escalation vulnerability.

tags | exploit, local
SHA-256 | 5971c4b58a7d2afbacc5c158f98dd5c786a8afaecb525b550f4c00f11d324b13
Red Hat Security Advisory 2019-4358-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4358-01 - The OpenStack Identity service authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and password credentials, token-based systems, and AWS-style logins. An issue was addressed where the credentials API allowed non-admin users to list and retrieve all users credentials.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19687
SHA-256 | 8d64a15f8acd37509d405de1e4329f96f3110df713ea6216a2650682dc3e0346
Red Hat Security Advisory 2019-4356-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4356-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2019-1348, CVE-2019-1349, CVE-2019-1352, CVE-2019-1387
SHA-256 | 75b2c23f16e2c56c47dd13c644fc7c0898bd6dcca7a91807c78a3eb2563846dc
Red Hat Security Advisory 2019-4357-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4357-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-19337
SHA-256 | 881de3defb7584bf97a9132a154940789ab184d3390211d15fe49e902e793ca6
Red Hat Security Advisory 2019-4353-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4353-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-19337
SHA-256 | 01e632f693290194f6decf41d319edc3180d561f66612a7500d6101d952f0ec1
Red Hat Security Advisory 2019-4326-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4326-01 - A library to handle bidirectional scripts, so that the display is done in the proper way, while the text data itself is always written in logical order. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-18397
SHA-256 | b9d0915061cf43dbc1453ef5fd0fb6b2e6ebe01cf43682aaa4f4195f863c6394
Red Hat Security Advisory 2019-4341-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4341-01 - An issue was resolved where Red Hat Quay stored robot account tokens in plain text.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10205
SHA-256 | cb4d46e0c022d28e2017f6f2cb80a4bc9bde13c8bc9b0a6bf487ad588d84fe19
Red Hat Security Advisory 2019-4352-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4352-01 - Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications. Issues addressed include code execution, deserialization, and information leakage vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-0201, CVE-2019-10173, CVE-2019-12384, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518
SHA-256 | f1533a79e96cd3429ddc8bf06dda73bd15b59ba3b3f8b62bdccf40e56138d887
Debian Security Advisory 4589-1
Posted Dec 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4589-1 - It was discovered that debian-edu-config, a set of configuration files used for the Debian Edu blend, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other user principals.

tags | advisory
systems | linux, debian
advisories | CVE-2019-3467
SHA-256 | 81ed36fc1bdd6f0fc5538e25cf7ea4ef12558378dee24e75461bf5406b3f57fa
Ubuntu Security Notice USN-4224-1
Posted Dec 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4224-1 - Simon Charette discovered that the password reset functionality in Django used a Unicode case insensitive query to retrieve accounts associated with an email address. An attacker could possibly use this to obtain password reset tokens and hijack accounts.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-19844
SHA-256 | 2d00245a2e8b66cfc557ff1fb2cb66b61f72d82bf26c36911ca948106d412ecb
FTP Navigator 8.03 Denial Of Service
Posted Dec 19, 2019
Authored by Chris Inzinga

FTP Navigator version 8.03 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | df3768f34ad2879950a542bf6b7bf11a46a78c179afceef9114fda2622373ff6
Don't Break The Door, The Key Is Under The Doormat
Posted Dec 19, 2019
Authored by Gerard Fuguet

Whitepaper called Don't Break The Door, The Key Is Under The Doormat.

tags | paper
SHA-256 | e7e4105f7c52ed138e43edf0a901c3125fc58e88375089f39ed0a16c487ff549
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close