what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

Files Date: 2019-12-19

Faraday 3.10.0
Posted Dec 19, 2019
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Now uses Python 3 instead of Python 2 in the Faraday Server. Added ability to manage agents with multiple executors. Tons of other additions and fixes.
tags | tool, rootkit
systems | unix
MD5 | e59ee3428833dbef0330fefa7d3facbb
Deutsche Bahn Ticket Vending Machine Privilege Escalation
Posted Dec 19, 2019
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

The Deutsche Bahn Ticket Vending Machine suffers from a local kiosk privilege escalation vulnerability.

tags | exploit, local
MD5 | 4376153b371da66bed953baa93a097be
Red Hat Security Advisory 2019-4358-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4358-01 - The OpenStack Identity service authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and password credentials, token-based systems, and AWS-style logins. An issue was addressed where the credentials API allowed non-admin users to list and retrieve all users credentials.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19687
MD5 | 8aa1167e87196b9f5db31159a90a899e
Red Hat Security Advisory 2019-4356-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4356-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2019-1348, CVE-2019-1349, CVE-2019-1352, CVE-2019-1387
MD5 | 7efd7969752117a8580c51fefe0f7fb2
Red Hat Security Advisory 2019-4357-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4357-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-19337
MD5 | 4db9088d217f3b1c245c41df94c279cd
Red Hat Security Advisory 2019-4353-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4353-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-19337
MD5 | 7d586d4c9d4cf4bc16f79a8e4db63892
Red Hat Security Advisory 2019-4326-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4326-01 - A library to handle bidirectional scripts, so that the display is done in the proper way, while the text data itself is always written in logical order. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-18397
MD5 | 279e0aef5097c4967b1e02c46be33266
Red Hat Security Advisory 2019-4341-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4341-01 - An issue was resolved where Red Hat Quay stored robot account tokens in plain text.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10205
MD5 | fd3a6adc6a4abeadc7c4b6168d894f5a
Red Hat Security Advisory 2019-4352-01
Posted Dec 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4352-01 - Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications. Issues addressed include code execution, deserialization, and information leakage vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-0201, CVE-2019-10173, CVE-2019-12384, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518
MD5 | 940854291fffce3c45def466bab37588
Debian Security Advisory 4589-1
Posted Dec 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4589-1 - It was discovered that debian-edu-config, a set of configuration files used for the Debian Edu blend, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other user principals.

tags | advisory
systems | linux, debian
advisories | CVE-2019-3467
MD5 | e4df8ed4769291e763e92613218f5687
Ubuntu Security Notice USN-4224-1
Posted Dec 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4224-1 - Simon Charette discovered that the password reset functionality in Django used a Unicode case insensitive query to retrieve accounts associated with an email address. An attacker could possibly use this to obtain password reset tokens and hijack accounts.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-19844
MD5 | 4dce413f4936a997f159dadad90f4e0a
FTP Navigator 8.03 Denial Of Service
Posted Dec 19, 2019
Authored by Chris Inzinga

FTP Navigator version 8.03 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 54116157f196641786c7de4287d00206
Don't Break The Door, The Key Is Under The Doormat
Posted Dec 19, 2019
Authored by Gerard Fuguet

Whitepaper called Don't Break The Door, The Key Is Under The Doormat.

tags | paper
MD5 | c9dc48f0955811c0252b1bea14bb3b59
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    17 Files
  • 14
    Aug 14th
    7 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close