exploit the possibilities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2020-02-07

usersctp sctp_load_addresses_from_init Out-Of-Bounds Read
Posted Feb 7, 2020
Authored by Google Security Research, natashenka

usersctp is SCTP library used by a variety of software including WebRTC. There is a vulnerability in the sctp_load_addresses_from_init function of usersctp that can lead to a number of out-of-bound reads. The input to sctp_load_addresses_from_init is verified by calling sctp_arethere_unrecognized_parameters, however there is a difference in how these functions handle parameter bounds. The function sctp_arethere_unrecognized_parameters does not process a parameter that is partially outside of the limit of the chunk, meanwhile, sctp_load_addresses_from_init will continue processing until a parameter that is entirely outside of the chunk occurs. This means that the last parameter of a chunk is not always verified, which can lead to parameters with very short plen values being processed by sctp_load_addresses_from_init. This can lead to out-of-bounds reads whenever the plen is subtracted from the header len.

tags | exploit
MD5 | f7629110af96666d0b8af7e76ecfa60d
macOS/iOS IOAccelCommandQueue2::processSegmentKernelCommand() Out-Of-Bounds Timestamp Write
Posted Feb 7, 2020
Authored by Google Security Research, bazad

macOS and iOS suffers from an out-of-bounds timestamp write in IOAccelCommandQueue2::processSegmentKernelCommand().

tags | exploit
systems | ios
advisories | CVE-2020-3837
MD5 | 04c093e6bde68cbe168364f56f38b9ee
macOS/iOS ImageIO PVR Processing Out-Of-Bounds Read
Posted Feb 7, 2020
Authored by saelo, Google Security Research

macOS and iOS suffer from an ImageIO out-of-bounds read when processing PVR images.

tags | exploit
systems | ios
advisories | CVE-2020-3878
MD5 | 65a5c4717babccedb508eed5edd77a7d
macOS/iOS ImageIO PVR Image Processing Heap Corruption
Posted Feb 7, 2020
Authored by saelo, Google Security Research

macOS and iOS have an ImageIO heap corruption issue when processing malformed PVR images.

tags | exploit
systems | ios
advisories | CVE-2020-3878
MD5 | 09ee6affef93456d05af1a19df94303b
systemd-machined Incorrect Reference Decrement
Posted Feb 7, 2020
Authored by Tavis Ormandy, Google Security Research

systemd has an issue in systemd-machined where it decrements the reference count when references are still held.

tags | exploit
MD5 | 892461d03b79e21e6c1303c5d998422e
XNU OUserClient::_sendAsyncResult64() ipc_port Pointer Disclosure
Posted Feb 7, 2020
Authored by Google Security Research, bazad

The XNU function IOUserClient::_sendAsyncResult64() discloses the address of the ipc_port to which the notification is sent in the Mach message enqueued on the notification port.

tags | exploit
advisories | CVE-2020-3836
MD5 | 6ecb90fde4136a6abb3c8382394b9ae5
macOS/iOS XNU mk_timer_create_trap() Race Condition
Posted Feb 7, 2020
Authored by Google Security Research, bazad

macOS and iOS suffer from a race condition in XNU's mk_timer_create_trap() that can lead to type confusion.

tags | exploit
systems | ios
advisories | CVE-2020-3853
MD5 | 4e9dc95b3aaaa93bb8e5558c52ec93c3
libx264 H264 Conversion Out-Of-Bounds Write
Posted Feb 7, 2020
Authored by Google Security Research, natashenka

libx264 suffers from an out-of-bounds write when converting to H264.

tags | exploit
MD5 | a454ee0a3cf6ffcdaf4ffb1e2f6f1ea5
macOS ImageIO JPEG Out-Of-Bounds Write
Posted Feb 7, 2020
Authored by saelo, Google Security Research

ImageIO on macOS suffers from an issue where a heap out-of-bounds write occurs when processing JPEG images.

tags | exploit
advisories | CVE-2020-3827, CVE-2020-3870
MD5 | 97e1f93434c4368069b75479c4a0d5c6
macOS/iOS kern_stack_snapshot_internal() Userspace Share Issue
Posted Feb 7, 2020
Authored by Google Security Research, bazad

macOS and iOS suffer from an issue where kern_stack_snapshot_internal() shares non-zeroed kernel pages with userspace.

tags | exploit, kernel
systems | ios
advisories | CVE-2020-3875
MD5 | 9ba8ef3758b3008ca2cd79dcec2effb0
macOS/iOS ImageIO DDS Image Out-Of-Bounds Read
Posted Feb 7, 2020
Authored by saelo, Google Security Research

macOS and iOS suffer from an out-of-bounds read when processing DDS images with ImageIO.

tags | exploit
systems | ios
advisories | CVE-2020-3826
MD5 | 744a77b150f3b9b90f322d4ef38f096d
Ricoh Driver Privilege Escalation
Posted Feb 7, 2020
Authored by Shelby Pace, Alexander Pudwill, Pentagrid AG | Site metasploit.com

This Metasploit module leverages the prnmngr.vbs script to add and delete printers. Multiple runs of this module may be required given successful exploitation is time-sensitive.

tags | exploit
advisories | CVE-2019-19363
MD5 | fe0a9a6351caebe61c5e0ce2e0b572ad
D-Link ssdpcgi Unauthenticated Remote Command Execution
Posted Feb 7, 2020
Authored by secenv, s1kr10s | Site metasploit.com

This Metasploit module exploits an ssdpcgi remote command execution vulnerability in D-Link devices.

tags | exploit, remote
advisories | CVE-2019-20215
MD5 | 5329421503cffac0f084cba10efb1284
OpenSMTPD MAIL FROM Remote Code Execution
Posted Feb 7, 2020
Authored by wvu, Qualys Security Advisory | Site metasploit.com

This Metasploit module exploits a command injection in the MAIL FROM field during SMTP interaction with OpenSMTPD to execute code as the root user.

tags | exploit, root
advisories | CVE-2020-7247
MD5 | 2b9fdae42ead941fa800754cf08e9965
Bsides Brussels 2020 Call For Papers
Posted Feb 7, 2020
Authored by BSides Brussels | Site bsidesbrussels.org

BSides Brussels is a security conference in Brussels, Belgium, with talks, workshops and villages. The goal is to strengthen the exchange of knowledge, cooperation, communication, and integration between the different actors active in the IT security industry. We are pleased to announce that the first edition of BSides Brussels will be held on May 28th, 2020.

tags | paper, conference
MD5 | dd37a81441d49edfc36e142b592ed89f
Ubuntu Security Notice USN-4250-2
Posted Feb 7, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4250-2 - It was discovered that an unspecified vulnerability existed in the C API component of MariaDB. An attacker could use this to cause a denial of service for MariaDB clients. MariaDB has been updated to 10.3.22 in Ubuntu 19.10 and 10.1.44 in Ubuntu 18.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-2574
MD5 | 2540a487e49d5209eb85502928ae0f84
Ubuntu Security Notice USN-4273-1
Posted Feb 7, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4273-1 - It was discovered that ReportLab incorrectly handled certain XML documents. If a user or automated system were tricked into processing a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-17626
MD5 | 8fc6a3ac89721be0fb263e56c18eca11
Ubuntu Security Notice USN-4272-1
Posted Feb 7, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4272-1 - It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Pillow incorrectly handled certain TIFF images. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-16865, CVE-2020-5310, CVE-2020-5311, CVE-2020-5312, CVE-2020-5313
MD5 | 95e49f32e767be61067e34e4c3f02142
UFONet 1.4
Posted Feb 7, 2020
Authored by psy | Site ufonet.03c8.net

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.

Changes: Ported to Python 3.x. Various bug fixing and updates. Various other updates.
tags | tool, web, denial of service, spoof
systems | unix
MD5 | e31177e7f9c739a115f003ef4f391543
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    18 Files
  • 9
    Apr 9th
    11 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close