exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-01-07

Fortinet FortiSIEM 5.2.5 / 5.2.6 Hardcoded Key
Posted Jan 7, 2020
Authored by Andrew Klaus

Fortinet FortiSIEM has a hard-coded SSH public key for user "tunneluser" which is the same between all installs. An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor. The unencrypted key is also stored inside the FortiSIEM image. While the user's shell is limited to running the /opt/phoenix/phscripts/bin/tunnelshell script, SSH authentication still succeeds. Versions 5.2.5 and 5.2.6 have been verified as vulnerable.

tags | exploit, shell
MD5 | c1e379d65c2fd3986be84a1c2cc28527
MikroTik RouterOS Memory Corruption / Failed Assertion
Posted Jan 7, 2020
Authored by Qian Chen

MikroTik RouterOS versions prior to 6.44.6 suffer from memory corruption and assertion failure vulnerabilities.

tags | advisory, vulnerability
MD5 | 2cc74ba6ef507b793398cc20da1d2858
Job Portal 1.0 Shell Upload
Posted Jan 7, 2020
Authored by Tib3rius

Job Portal version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 92a381300c1d6ecd2416bff421069e92
Dairy Farm Shop Management System 1.0 Cross Site Scripting
Posted Jan 7, 2020
Authored by Chris Inzinga

Dairy Farm Shop Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-5308
MD5 | ff0b14749617c7fa797321bbc0ad1d01
Dairy Farm Shop Management System 1.0 SQL Injection
Posted Jan 7, 2020
Authored by Chris Inzinga

Dairy Farm Shop Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cdfb7788dbf963e17bb76244204aa05b
piSignage 2.6.4 Directory Traversal
Posted Jan 7, 2020
Authored by JunYeong Ko

piSignage version 2.6.4 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2019-20354
MD5 | 68016f88ad2a963a093132b97e7b02ee
Red Hat Security Advisory 2020-0046-01
Posted Jan 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0046-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-17631, CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999
MD5 | 3beeef6e7481db31085d1fb34512ca3c
Red Hat Security Advisory 2020-0036-01
Posted Jan 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0036-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, null pointer, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-0861, CVE-2017-10661, CVE-2018-10853, CVE-2018-18281, CVE-2019-11810, CVE-2019-11811
MD5 | c8d6fd9488ad254d4418605d71c4d33d
Slackware Security Advisory - mozilla-firefox Updates
Posted Jan 7, 2020
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 294977915d1ffe2b4485dbfb5c700bb0
Ubuntu Security Notice USN-4228-1
Posted Jan 7, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4228-1 - It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2019-14895, CVE-2019-18660, CVE-2019-19052, CVE-2019-19524, CVE-2019-19534
MD5 | f4feac3e893b6407d1f30572c9700e9a
Ubuntu Security Notice USN-4227-1
Posted Jan 7, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4227-1 - It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2019-14895, CVE-2019-16231, CVE-2019-16233, CVE-2019-18660, CVE-2019-19045, CVE-2019-19052, CVE-2019-19083, CVE-2019-19524, CVE-2019-19529, CVE-2019-19534, CVE-2019-19807
MD5 | 864d760849ca5c09092d63bb995d330d
Ubuntu Security Notice USN-4226-1
Posted Jan 7, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4226-1 - Michael Hanselmann discovered that the CIFS implementation in the Linux kernel did not sanitize paths returned by an SMB server. An attacker controlling an SMB server could use this to overwrite arbitrary files. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2019-10220, CVE-2019-14901, CVE-2019-16231, CVE-2019-16233, CVE-2019-17075, CVE-2019-17133, CVE-2019-18660, CVE-2019-18813, CVE-2019-19045, CVE-2019-19048, CVE-2019-19052, CVE-2019-19055, CVE-2019-19060, CVE-2019-19065, CVE-2019-19067, CVE-2019-19072, CVE-2019-19075, CVE-2019-19083, CVE-2019-19524, CVE-2019-19526, CVE-2019-19529, CVE-2019-19532, CVE-2019-19534, CVE-2019-19922, CVE-2019-2214
MD5 | 6ffbd397b56749edf4497b880653407f
Ubuntu Security Notice USN-4225-1
Posted Jan 7, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4225-1 - It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2019-14895, CVE-2019-16231, CVE-2019-18660, CVE-2019-18813, CVE-2019-19044, CVE-2019-19045, CVE-2019-19047, CVE-2019-19051, CVE-2019-19052, CVE-2019-19055, CVE-2019-19072, CVE-2019-19524, CVE-2019-19529, CVE-2019-19534, CVE-2019-19807
MD5 | 5705c3fff1cb46069231ce3d34d20efa
Complaint Management System 4.0 Remote Code Execution
Posted Jan 7, 2020
Authored by Metin Yunus Kandemir

Complaint Management System version 4.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 899f0a810fb01422e2cc89623675f0fd
AnyDesk 5.4.0 Unquoted Service Path
Posted Jan 7, 2020
Authored by sajjadbnd

AnyDesk version 5.4.0 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 663c68e075ad9e134def76d29daa85a8
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    4 Files
  • 13
    Jul 13th
    13 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close