what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

Files Date: 2019-12-27

OpenBSD Dynamic Loader chpass Privilege Escalation
Posted Dec 27, 2019
Authored by Brendan Coles, Qualys Security Advisory | Site metasploit.com

This Metasploit module exploits a vulnerability in the OpenBSD ld.so dynamic loader (CVE-2019-19726). The _dl_getenv() function fails to reset the LD_LIBRARY_PATH environment variable when set with approximately ARG_MAX colons. This can be abused to load libutil.so from an untrusted path, using LD_LIBRARY_PATH in combination with the chpass set-uid executable, resulting in privileged code execution. This module has been tested successfully on OpenBSD 6.1 (amd64) and OpenBSD 6.6 (amd64).

tags | exploit, code execution
systems | openbsd
advisories | CVE-2019-19726
MD5 | 0a972f77813616f87fc79b2ebe062ffb
AVE DOMINAplus 1.10.x Credential Disclosure
Posted Dec 27, 2019
Authored by LiquidWorm | Site zeroscience.mk

AVE DOMINAplus versions 1.10.x and below suffer from a credential disclosure vulnerability.

tags | exploit
MD5 | 790cebd99238b5f56d27aae90d23bcca
AVE DOMINAplus 1.10.x Authentication Bypass
Posted Dec 27, 2019
Authored by LiquidWorm | Site zeroscience.mk

AVE DOMINAplus versions 1.10.x and below suffer from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | c5f612ad8d0f1f6fb79558c6059ce3cd
AVE DOMINAplus 1.10.x Unauthenticated Remote Reboot
Posted Dec 27, 2019
Authored by LiquidWorm | Site zeroscience.mk

AVE DOMINAplus versions 1.10.x and below suffer from an unauthenticated remote reboot vulnerability.

tags | exploit, remote
MD5 | 70f9df15a086d45c69183bd680a64058
AVE DOMINAplus 1.10.x Cross Site Request Forgery / Cross Site Scripting
Posted Dec 27, 2019
Authored by LiquidWorm | Site zeroscience.mk

AVE DOMINAplus versions 1.10.x and below suffer from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 32afcabd04560ba106459f344891b30f
Debian Security Advisory 4593-1
Posted Dec 27, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4593-1 - It was found that freeimage, a graphics library, was affected by the heap buffer overflow and stack exhaustion vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, debian
advisories | CVE-2019-12211, CVE-2019-12213
MD5 | c561ac8a7d8bf295f6f862bb4667eb46
Debian Security Advisory 4592-1
Posted Dec 27, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4592-1 - It was discovered that the Title blacklist functionality in MediaWiki, a website engine for collaborative work, could by bypassed.

tags | advisory
systems | linux, debian
advisories | CVE-2019-19709
MD5 | e3cebd60670d53849fe1fada895fb09e
Microsoft Exchange Server External Service Interaction
Posted Dec 27, 2019
Authored by Alphan Yavas

Microsoft Exchange Server 2013 CU22 and previous versions suffer from an external service interaction issue.

tags | exploit
MD5 | 8b6b75c1071aeb64e415465050e92e5f
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close