what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2020-02-03

Ubuntu Security Notice USN-4263-1
Posted Feb 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4263-1 - Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-18634
SHA-256 | 8485d93ec2d952d049e78d5994a67c5e7e91ee758df6d12aeb7c8e6ea99106e3
Debian Security Advisory 4616-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4616-1 - Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-15890, CVE-2020-1711, CVE-2020-7039
SHA-256 | c86925d33e285cee87de038a4e6d41f8b66dba7c5d35bbf49853a20cf80e0b49
SQLMAP - Automatic SQL Injection Tool 1.4.2
Posted Feb 3, 2020
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | 77faf85164eb17dce769ec830cbd146768644315bc1024613ad13155e09c2d11
Kernel Live Patch Security Notice LSN-0062-1
Posted Feb 3, 2020
Authored by Benjamin M. Romer

It was discovered that the binder IPC implementation in the Linux kernel did not properly perform bounds checking in some situations, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2019-14615, CVE-2019-14895, CVE-2019-14896, CVE-2019-14897, CVE-2019-14901, CVE-2019-18885, CVE-2019-2214
SHA-256 | dd9eb8a13d06fc9ad56d7a4bb1f0a271663ad5edcf7bf6387c09481d3c8486e9
Schneider Electric U.Motion Builder 1.3.4 Command Injection
Posted Feb 3, 2020
Authored by Cosmin Craciun

Schneider Electric U.Motion Builder versions 1.3.4 and below authenticated remote command injection exploit.

tags | exploit, remote
advisories | CVE-2018-7777
SHA-256 | fddf6a16d030c574aa78b52dd0985b8fc03079d657c60a5f8252ea38c6d38982
Red Hat Security Advisory 2020-0316-01
Posted Feb 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0316-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2018-17456
SHA-256 | 216392714ecd88f7b91b85075e2ee5a04f8b9bc3b662d4482e8d34c1a022f9b0
P2PWIFICAM2 For iOS 10.4.1 Denial Of Service
Posted Feb 3, 2020
Authored by Ivan Marmolejo

P2PWIFICAM2 for iOS version 10.4.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | ios
SHA-256 | 1f52df5d2d5bdb2cc0f10b3fb7b91f5525d0f71daa0c876c5c59fbd0c8c9951f
REVULN 20x2 Call For Papers
Posted Feb 3, 2020
Authored by REVULN

REVULN 20x2 is an international conference taking place the June 25th through the 26th, 2020 in St. Paul's Bay (Malta) at the Hotel Santana.

tags | paper, conference
SHA-256 | cb6a89e15d510c1293370692b4ce2958476b45e3d99d2ac90bdb73e9a12cd668
REVULN 20x1 Call For Papers
Posted Feb 3, 2020
Authored by REVULN

REVULN 20x1 is an international conference taking place the April 28th through the 30th, 2020 in Metro Manila (Philippines) at the RED Hotel Cubao.

tags | paper, conference
SHA-256 | eb33f5e98c769dfe6a8b1f404b5315ab727fd98cc68a42868c5cd4bcefb989d1
Debian Security Advisory 4615-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4615-1 - Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios.

tags | advisory, arbitrary, perl, vulnerability
systems | linux, debian
advisories | CVE-2020-1930, CVE-2020-1931
SHA-256 | 03a369105465ab891d0ad9ac2729ea84660e0bb558e98aa0f5f19ad82d5d3bfe
Debian Security Advisory 4614-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4614-1 - Joe Vennix discovered a stack-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users, triggerable when configured with the "pwfeedback" option enabled. An unprivileged user can take advantage of this flaw to obtain full root privileges.

tags | advisory, overflow, root
systems | linux, debian
advisories | CVE-2019-18634
SHA-256 | 2957f727438c3e2bd92e2e038adc6d4f2ddfaacd4b035ca5555aec139dae983f
School ERP System 1.0 Cross Site Request Forgery
Posted Feb 3, 2020
Authored by J3rryBl4nks

School ERP System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 2916752dc35d5ae064e8b6062bba76b8136e4fd83d6ad811a617e16fe3c0d54f
Debian Security Advisory 4613-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4613-1 - A heap-based buffer overflow vulnerability was discovered in the idn2_to_ascii_4i() function in libidn2, the GNU library for Internationalized Domain Names (IDNs), which could result in denial of service, or the execution of arbitrary code when processing a long domain string.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2019-18224
SHA-256 | e3db76e1233159bccb40c596b224ab1f03af6655b3d18061ad965e1cc5720856
LeHACK 2020 Call For Papers
Posted Feb 3, 2020
Authored by Le HACK Conference | Site submit.lehack.org

LeHACK 2020 is a yearly rendezvous where hackers and aficionados are meeting with both technical and non-technical talks and workshops about hacking. It is a great place to discover, to learn, to teach and be taught in the magical city of Paris. LeHACK 2020 will be held in La Cite des Sciences et de l'Industire in Paris, France from June 26th through the 27th, 2020.

tags | paper, conference
SHA-256 | de41e763e656347f17893bb49d5a42f9e00f73934f8a35eff7d77332e7cabe6d
Debian Security Advisory 4612-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4612-1 - It was discovered that the LDAP authentication modules for the Prosody Jabber/XMPP server incorrectly validated the XMPP address when checking whether a user has admin access.

tags | advisory
systems | linux, debian
advisories | CVE-2020-8086
SHA-256 | a42b1dac3ec9dc5d5b341effadecefe702c5cd5ae620d147983707167d5ac1fe
phpList 3.5.0 Authentication Bypass
Posted Feb 3, 2020
Authored by Suvadip Kar

phpList version 3.5.0 suffers from an authentication bypass vulnerability due to an integer conversion issue.

tags | exploit, bypass
SHA-256 | 2072bc62db6aee6a9bbced0782d27be4fdef0e8c2d9afac438d782b977bc4427
Packet Storm New Exploits For January, 2020
Posted Feb 3, 2020
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 163 exploits added to Packet Storm in January, 2020.

tags | exploit
SHA-256 | 726cdb16ce781410d35beba804af2cb48f391958c88806a53e778ca623f92a08
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close