what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files Date: 2020-02-03

Ubuntu Security Notice USN-4263-1
Posted Feb 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4263-1 - Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-18634
MD5 | f36b6bc9a1c17eb19f2bb2a0b5d96da4
Debian Security Advisory 4616-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4616-1 - Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-15890, CVE-2020-1711, CVE-2020-7039
MD5 | 64e17dfa20a0581f372e17439d45132b
SQLMAP - Automatic SQL Injection Tool 1.4.2
Posted Feb 3, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | abd19f5b92dea0a58bfe8b75c5186526
Kernel Live Patch Security Notice LSN-0062-1
Posted Feb 3, 2020
Authored by Benjamin M. Romer

It was discovered that the binder IPC implementation in the Linux kernel did not properly perform bounds checking in some situations, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2019-14615, CVE-2019-14895, CVE-2019-14896, CVE-2019-14897, CVE-2019-14901, CVE-2019-18885, CVE-2019-2214
MD5 | 03710b8e9efb16ac3a585bc63c8f8279
Schneider Electric U.Motion Builder 1.3.4 Command Injection
Posted Feb 3, 2020
Authored by Cosmin Craciun

Schneider Electric U.Motion Builder versions 1.3.4 and below authenticated remote command injection exploit.

tags | exploit, remote
advisories | CVE-2018-7777
MD5 | c3c4ba44db6b68838bb3d2e7895547e5
Red Hat Security Advisory 2020-0316-01
Posted Feb 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0316-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-17456
MD5 | 677f3af949e436d814d16cb2305cce29
P2PWIFICAM2 For iOS 10.4.1 Denial Of Service
Posted Feb 3, 2020
Authored by Ivan Marmolejo

P2PWIFICAM2 for iOS version 10.4.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | ios
MD5 | 445e6e1a3db70166a4f458206ca4d7fe
REVULN 20x2 Call For Papers
Posted Feb 3, 2020
Authored by REVULN

REVULN 20x2 is an international conference taking place the June 25th through the 26th, 2020 in St. Paul's Bay (Malta) at the Hotel Santana.

tags | paper, conference
MD5 | 5ff239aa515c6d0b4350aad7cb8f9b47
REVULN 20x1 Call For Papers
Posted Feb 3, 2020
Authored by REVULN

REVULN 20x1 is an international conference taking place the April 28th through the 30th, 2020 in Metro Manila (Philippines) at the RED Hotel Cubao.

tags | paper, conference
MD5 | f056b932638992744402d575aef22452
Debian Security Advisory 4615-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4615-1 - Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios.

tags | advisory, arbitrary, perl, vulnerability
systems | linux, debian
advisories | CVE-2020-1930, CVE-2020-1931
MD5 | 68dd9842b4c7c537bd5929d1a56d11ec
Debian Security Advisory 4614-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4614-1 - Joe Vennix discovered a stack-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users, triggerable when configured with the "pwfeedback" option enabled. An unprivileged user can take advantage of this flaw to obtain full root privileges.

tags | advisory, overflow, root
systems | linux, debian
advisories | CVE-2019-18634
MD5 | b8ce23ae3c877342694fbc6f85c091f9
School ERP System 1.0 Cross Site Request Forgery
Posted Feb 3, 2020
Authored by J3rryBl4nks

School ERP System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | de209a5b14abf50cbf9bccdf4cf797dd
Debian Security Advisory 4613-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4613-1 - A heap-based buffer overflow vulnerability was discovered in the idn2_to_ascii_4i() function in libidn2, the GNU library for Internationalized Domain Names (IDNs), which could result in denial of service, or the execution of arbitrary code when processing a long domain string.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2019-18224
MD5 | bc4ea9e149abcc89a200608b389eeeca
LeHACK 2020 Call For Papers
Posted Feb 3, 2020
Authored by Le HACK Conference | Site submit.lehack.org

LeHACK 2020 is a yearly rendezvous where hackers and aficionados are meeting with both technical and non-technical talks and workshops about hacking. It is a great place to discover, to learn, to teach and be taught in the magical city of Paris. LeHACK 2020 will be held in La Cite des Sciences et de l'Industire in Paris, France from June 26th through the 27th, 2020.

tags | paper, conference
MD5 | 2fecce4977a35ea552d93179dfb22375
Debian Security Advisory 4612-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4612-1 - It was discovered that the LDAP authentication modules for the Prosody Jabber/XMPP server incorrectly validated the XMPP address when checking whether a user has admin access.

tags | advisory
systems | linux, debian
advisories | CVE-2020-8086
MD5 | 7431c17f70c52332c0fd6645b7f7672c
phpList 3.5.0 Authentication Bypass
Posted Feb 3, 2020
Authored by Suvadip Kar

phpList version 3.5.0 suffers from an authentication bypass vulnerability due to an integer conversion issue.

tags | exploit, bypass
MD5 | 103b1f2bc484e3c317cab77def986532
Packet Storm New Exploits For January, 2020
Posted Feb 3, 2020
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 163 exploits added to Packet Storm in January, 2020.

tags | exploit
MD5 | 3c9cde2016ceebf5351276d56c3ea516
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close