exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2020-01-10

Android ashmem Read-Only Bypasses
Posted Jan 10, 2020
Authored by Jann Horn, Google Security Research

Android suffers from ashmem read-only bypass vulnerabilities via remap_file_pages() and ASHMEM_UNPIN.

tags | exploit, vulnerability
advisories | CVE-2020-0009
SHA-256 | 689f8071ae95d70db5dd1910063463a8d8fb46ef07c27f4a5369f3a1700ddf3f
WeChat CAudioJBM::InputAudioFrameToJBM Memory Corruption
Posted Jan 10, 2020
Authored by Google Security Research, natashenka

There is a memory corruption vulnerability in audio processing during a voice call in WeChat. When an RTP packet is processed, there is a call to UnpacketRTP. This function decrements the length of the packet by 12 without checking that the packet has at least 12 bytes in it. This leads to a negative packet length. Then, CAudioJBM::InputAudioFrameToJBM will check that the packet size is smaller than the size of a buffer before calling memcpy, but this check (n < 300) does not consider that the packet length could be negative due to the previous error. This leads to an out-of-bounds copy.

tags | exploit
SHA-256 | a0b85c6f0d5c0b58add65cb309bf9193d2b63ceb17c68e1f5561d25888f0f991
Debian Security Advisory 4601-1
Posted Jan 10, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4601-1 - It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation.

tags | advisory, local, root
systems | linux, debian
SHA-256 | e0d6a8a2799b4f9b75190b5086a55fde12692f3e78f6cd91af198fe8a8b1ee15
ASTPP 4.0.1 Database Disclosure
Posted Jan 10, 2020
Authored by Fabien Aunay

ASTPP version 4.0.1 VoIP billing suffers from a database backup disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | a2174d3dba9ae9ae0510d2c1aa2607002f40276b2fd998186e770707831fcc82
Bitdefender Malformed Archive Bypass
Posted Jan 10, 2020
Authored by Thierry Zoller

The parsing engine for various Bitdefender products supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (HOST_OS) so that it can be accessed by an end-user but not the anti-virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.

tags | advisory, virus
SHA-256 | 793090fba48547497446172319a1c4df12912499fed2f2b0ce09b16332463da7
PixelStor 5000 K:4.0.1580-20150629 Remote Code Execution
Posted Jan 10, 2020
Authored by .:UND3R:.

PixelStor 5000 version K:4.0.1580-20150629 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-6756
SHA-256 | ea5ae2630f140e0737cd5912e3d86086ab55e0d432758e973f883857b40af430
Pandora 7.0NG Remote Code Execution
Posted Jan 10, 2020
Authored by Askar

Pandora version 7.0NG suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-20224
SHA-256 | c7b678b946009e18d848768f85e0b95db2768937faaea0950ebe94f56b370033
Ubuntu Security Notice USN-4234-1
Posted Jan 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4234-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy restrictions, conduct cross-site scripting attacks, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-17016, CVE-2019-17023
SHA-256 | a0805f0ee3a6396ecc66da71874e6646c37228e4000732d37e82a0deffaaf360
TotalAV 2020 4.14.31 Privilege Escalation
Posted Jan 10, 2020
Authored by Kusol Watchara-Apanukorn

TotalAV 2020 version 4.14.31 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | e5e47182b25e16f7b070538fac89438665e73d9ec04229c5a3829c7a54a8b112
Kaspersky Generic Archive Bypass
Posted Jan 10, 2020
Authored by Thierry Zoller

The parsing engine in various Kaspersky products supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (Compression Size Flag) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

tags | advisory, virus
SHA-256 | 9de58a261f7a885904785912ed09937ff3ced4a9bf116489ceebbeb94fc32870
Backup Key Recovery 2.2.5 Denial Of Service
Posted Jan 10, 2020
Authored by Ismail Tasdelen

Backup Key Recovery version 2.2.5 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 3ecafc72257d6f8b3a06fbfdb0db83aa46dbf8710cdae0c98f23ea96e2a7f2e6
Microsoft Windows 10 Local Privilege Escalation
Posted Jan 10, 2020
Authored by Nassim Asrir

Microsoft Windows 10 UAC bypass local privilege escalation exploit.

tags | exploit, local, bypass
systems | windows
SHA-256 | da33b1ac519f32c7050bfa9bce27eebe9137f9d13a82ec83ef7d5c1e8313d7ac
Launcher Execution Mitigation Patch
Posted Jan 10, 2020
Authored by Enrico Weigelt

This patch mitigates allowing launcher the ability to execute arbitrary programs.

tags | arbitrary, patch
systems | unix
SHA-256 | 05bbc4faa849e25fbad6d25534f4c781fc3cc329c48f156bf5eb3fdb0bb6fa54
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close