exploit the possibilities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2020-01-22

D-Link DIR-859 Unauthenticated Remote Command Execution
Posted Jan 22, 2020
Authored by Miguel Mendez Z, Pablo Pollanco P | Site metasploit.com

D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi (function genacgi_main() in /htdocs/cgibin), which is accessible without credentials.

tags | exploit, cgi
advisories | CVE-2019-17621
SHA-256 | ae3c3447736253b12652f3498e39b80ef8b5c39fdb23d42cf38844008d3a0195
Reliable Datagram Sockets (RDS) rds_atomic_free_op Privilege Escalation
Posted Jan 22, 2020
Authored by Brendan Coles, Jann Horn, Mohamed Ghannam, nstarke, wbowling | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems by abusing a NULL pointer dereference in the rds_atomic_free_op function in the Reliable Datagram Sockets (RDS) kernel module (rds.ko). Successful exploitation requires the RDS kernel module to be loaded. If the RDS module is not blacklisted (default); then it will be loaded automatically. This exploit supports 64-bit Ubuntu Linux systems, including distributions based on Ubuntu, such as Linux Mint and Zorin OS. This exploit does not bypass SMAP. Bypasses for SMEP and KASLR are included. Failed exploitation may crash the kernel. This module has been tested successfully on various 4.4 and 4.8 kernels.

tags | exploit, kernel, root
systems | linux, ubuntu
advisories | CVE-2018-5333, CVE-2019-9213
SHA-256 | 561f5de542c8d58118095440168a640aad5069622602f1d8eac2d963687098c9
Logwatch 7.5.3
Posted Jan 22, 2020
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 1b2b96879dec01cd02754fe00f8989b11ff16158c3dc7c4aff0faa4b1d34974b
ZOHO ManageEngine ServiceDeskPlus 11.0 Build 11007 Cross Site Scripting
Posted Jan 22, 2020
Authored by Johannes Kruchem | Site sec-consult.com

ZOHO ManageEngine ServiceDeskPlus versions 11.0 Build 11007 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-6843
SHA-256 | f632ef85f28ad70bb9342601a5f35a98d661dd706019e37f2cc899fa7c91121f
Red Hat Security Advisory 2020-0203-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0203-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Issues addressed include a use-after-free vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-18408
SHA-256 | fd41c42c4d6e0236bc390a37c8b4e54beb49086f68361600bcf853843ef316f6
Red Hat Security Advisory 2020-0202-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0202-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659
SHA-256 | 07d56fc7e4caf2f527ad3e717b85088c6e310e363c19dd38f9bf41fb9d929d7e
Employee Leaves Management System 2.0 Cross Site Request Forgery
Posted Jan 22, 2020
Authored by Priyanka Samak

Employee Leaves Management System version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 23e63333eb80703368d37d1301494778ad1aee0e7387febbad89e6da5f993e05
Red Hat Security Advisory 2020-0201-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0201-01 - Python-reportlab is a library used for generation of PDF documents. A code injection vulnerability has been addressed.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-17626
SHA-256 | cb103a9a083151521bc9381369fd06cffa071a2aaad8daf58abf2194681600a9
Red Hat Security Advisory 2020-0199-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0199-01 - OpenSLP is an open source implementation of the Service Location Protocol which is an Internet Engineering Task Force standards track protocol and provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2019-5544
SHA-256 | ee1a609d44b1e387587fd42bd06f64b674a73e249a8bfdf2acef73f85c2fc139
Debian Security Advisory 4608-1
Posted Jan 22, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4608-1 - Multiple integer overflows have been discovered in the libtiff library and the included tools.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2019-14973, CVE-2019-17546
SHA-256 | 1a6497db176ef9c93ca93386cf14b443e5341a899bf60e73653e2502fddb4db2
Red Hat Security Advisory 2020-0172-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0172-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-14818
SHA-256 | d001b2373f4967991ea46a1eae298ded73765592aa4fc39b27a3d55d3390725f
Red Hat Security Advisory 2020-0171-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0171-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-14818
SHA-256 | 83bb345c5b950872096eec2fc7401cdd0e6dd45cb6770fbda9535420a870eea1
Red Hat Security Advisory 2020-0196-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0196-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659
SHA-256 | 4b73be92bf5911b53ca5c01f8c15861f65f82e82eba34cfc359cf2c98888e94b
Red Hat Security Advisory 2020-0195-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0195-01 - Python-reportlab is a library used for generation of PDF documents. A code injection vulnerability has been addressed.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-17626
SHA-256 | 5d992c060ac9ab8902a9fc4ade5f77b62323600e52a861952357389c280b739d
Citrix XenMobile Server 10.8 XML Injection
Posted Jan 22, 2020
Authored by Jonas Lejon

Citrix XenMobile Server version 10.8 suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2018-10653
SHA-256 | 2c11d86d93cfd73bd58d127cdd74b7f28105f208d9e5dc7da4bc9f6274cd90fc
Microsoft Windows 7 Screen Lock Shellcode
Posted Jan 22, 2020
Authored by Saswat Nayak

9 bytes small Microsoft Windows 7 screen locking shellcode.

tags | shellcode
systems | windows
SHA-256 | fc1431ed92ba6d673f84f58b86ea42ac5a467f0e1b9ce283fce744ce538aed69
XNU vm_map_copy Insufficient Fix
Posted Jan 22, 2020
Authored by Google Security Research, ianbeer

An insufficient fix for CVE-2019-6205 means XNU vm_map_copy optimization which requires atomicity still is not atomic.

tags | exploit
advisories | CVE-2019-6205, CVE-2019-8833
SHA-256 | 64852008642517c7a6286853a18dc6ef2a98bff2e171d9812bbe7c77a11b7b7d
KeePass 2.44 Denial Of Service
Posted Jan 22, 2020
Authored by Mustafa Emre Gul

KeePass version 2.44 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 3f3890b051cb4e10176165ed6dae444f5f43987976b45138c6f3db54bfd3d2e1
ECTouch ECShop 2.7.3 SQL Injection
Posted Jan 22, 2020
Authored by KingSkrupellos

ECTouch ECShop version 2.7.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8dd98cffff4151d809d69d971abf6959bcb91e00f75bdc195ac1fd4587cc5cac
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close