exploit the possibilities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2020-02-05

Clam AntiVirus Toolkit 0.102.2
Posted Feb 5, 2020
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: A denial of service vulnerability has been addressed. Significantly improved scan speed of PDF files on Windows. Various other updates and improvements.
tags | tool, virus
systems | unix
advisories | CVE-2020-3123
MD5 | ecf5dd2c5c43aeed1c4b458b2e689847
Ubuntu Security Notice USN-4269-1
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4269-1 - It was discovered that systemd incorrectly handled certain PIDFile files. A local attacker could possibly use this issue to trick systemd into killing privileged processes. This issue only affected Ubuntu 16.04 LTS. It was discovered that systemd incorrectly handled certain udevadm trigger commands. A local attacker could possibly use this issue to cause systemd to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2018-16888, CVE-2019-20386, CVE-2020-1712
MD5 | 6951e3c05cd3a48038e6bb86c6a4a112
Ubuntu Security Notice USN-4268-1
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4268-1 - It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could use this vulnerability to execute arbitrary commands as root.

tags | advisory, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2020-7247
MD5 | 790d961de63720b957664ca4b2256e8b
nfstream 3.1.2
Posted Feb 5, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Fixed test workflows. Updated nDPI.
tags | tool, python
systems | unix
MD5 | 42099209a04e5cf82a4d56b4428e530f
Red Hat Security Advisory 2020-0378-01
Posted Feb 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0378-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-10195, CVE-2019-14867
MD5 | 21698bc0919d9d36b1b90be8d8bd0eb9
Windscribe WindscribeService Named Pipe Privilege Escalation
Posted Feb 5, 2020
Authored by Brendan Coles, Emin Ghuliev | Site metasploit.com

The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \\.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested successfully on Windscribe versions 1.80 and 1.81 on Windows 7 SP1 (x64).

tags | exploit, arbitrary
systems | windows, 7
advisories | CVE-2018-11479
MD5 | cd70d8abe7ef8543a1dba71630a3f379
Wago PFC200 Remote Code Execution
Posted Feb 5, 2020
Authored by Nico Jansen

This Metasploit module exploits an authenticated remote code execution vulnerability in Wago PFC200.

tags | exploit, remote, code execution
MD5 | 30d621ff752ca81c7d6aafe895b3102e
Ubuntu Security Notice USN-4263-2
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4263-2 - USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-18634
MD5 | 1a287ad621861a484ed5d0c8a8e0b7a3
Socat 1.7.3.4 Heap Overflow
Posted Feb 5, 2020
Authored by hieubl

Socat version 1.7.3.4 heap-based overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
MD5 | 62c72cfd95355e04f3ccb057807bcdab
Red Hat Security Advisory 2020-0431-01
Posted Feb 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0431-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | bd6b017de7b7f5daa19514165ab71658
Ubuntu Security Notice USN-4266-1
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4266-1 - It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-17912, CVE-2017-18229
MD5 | 16fd707590ff3b8739fdd5f760762c6b
Red Hat Security Advisory 2020-0375-01
Posted Feb 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0375-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and heap overflow vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-14816, CVE-2019-14895, CVE-2019-14898, CVE-2019-14901, CVE-2019-17133
MD5 | ac54169d6b1bf879dd8f033f30482354
Kronos WebTA 4.0 Privilege Escalation / Cross Site Scripting
Posted Feb 5, 2020
Authored by Nolan B. Kennedy

Kronos WebTA version 4.0 suffers from cross site scripting and authenticated remote privilege escalation vulnerabilities.

tags | exploit, remote, vulnerability, xss
advisories | CVE-2020-8493, CVE-2020-8495
MD5 | 3aa449c5ad121978ed635e81dfbb060e
Verodin Director Web Console 3.5.4.0 Password Disclosure
Posted Feb 5, 2020
Authored by Nolan B. Kennedy

Verodin Director Web Console version 3.5.4.0 remote authenticated password disclosure proof of concept exploit.

tags | exploit, remote, web, proof of concept, info disclosure
advisories | CVE-2019-10716
MD5 | b80441f581b37ec759191c45b35f987a
Red Hat Security Advisory 2020-0374-01
Posted Feb 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0374-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and heap overflow vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-14816, CVE-2019-14895, CVE-2019-14898, CVE-2019-14901, CVE-2019-17133
MD5 | d8407e525804629bb6b65be1a82e4d58
Ubuntu Security Notice USN-4265-2
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4265-2 - USN-4265-1 fixed several vulnerabilities in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-1930
MD5 | 40e160b528d5982576e5abf789a2519a
AVideo Platform 8.1 User Enumeration
Posted Feb 5, 2020
Authored by Ihsan Sencan

AVideo Platform version 8.1 suffers from an information disclosure vulnerability that allows for user enumeration.

tags | exploit, info disclosure
MD5 | d62321c216670ae38d7594f28dda9f7a
Red Hat Security Advisory 2020-0366-01
Posted Feb 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0366-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2019-11135, CVE-2019-14378
MD5 | 323194e4a60d75756f8e56c336031859
Red Hat Security Advisory 2020-0406-01
Posted Feb 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0406-01 - The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Issues addressed include unbounded memory growth.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9512, CVE-2019-9514
MD5 | 8f2eb48bcf665da8c74f25f982659416
AVideo Platform 8.1 Cross Site Request Forgery
Posted Feb 5, 2020
Authored by Ihsan Sencan

AVideo Platform version 8.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 63f30f2265587e3c8395a18f75d24532
xglance-bin Local Root Privilege Escalation
Posted Feb 5, 2020
Authored by Tim Brown, Marco Ortisi, Robert Jaroszuk

xglance-bin local root privilege escalation exploit that has been tested on Linux RHEL 7.x/8.x systems.

tags | exploit, local, root
systems | linux
advisories | CVE-2014-2630
MD5 | 69705e0421d4672ecab9269c7e454287
ISO-8385 Protocol Fuzzer
Posted Feb 5, 2020
Authored by Fakhir Karim Reda

This python script is a fuzzer for the ISO-8385 financial protocol. It is compatible with sulley and bofuzz and is now part of the official bofuzz release.

tags | tool, protocol, python, fuzzer
MD5 | 37298cc99eab105588978dbe38a57088
Cisco Discovery Protocol (CDP) Remote Device Takeover
Posted Feb 5, 2020
Authored by Barak Hadad, Yuval Sarel, Ben Seri | Site armis.com

Armis has discovered five critical, zero-day vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over devices.

tags | advisory, remote, vulnerability, protocol
systems | cisco
advisories | CVE-2020-3110, CVE-2020-3111, CVE-2020-3118, CVE-2020-3119, CVE-2020-3120
MD5 | 7757dbb411e6c03282748d0e682b3406
HiSilicon DVR/NVR hi3520d Firmware Backdoor Account
Posted Feb 5, 2020
Authored by Snawoot

HiSilicon DVR/NVR with hi3520d firmware suffers from having a remote backdoor account vulnerability.

tags | exploit, remote
MD5 | 83987fdcf147367bba0e4695dff89833
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    18 Files
  • 9
    Apr 9th
    11 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close