exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2020-03-02

Ubuntu Security Notice USN-4288-2
Posted Mar 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4288-2 - USN-4288-1 fixed a vulnerability in ppp. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8597
SHA-256 | c28c6cad6c0a312541d70136b3a316727d572cc4a6195317d8845fa0feae034d
macOS / iOS ImageIO OpenEXR Image Processing Memory Issues
Posted Mar 2, 2020
Authored by saelo, Google Security Research

macOS and iOS have a vulnerability with ImageIO where memory safety issues occur when processing OpenEXR images.

tags | exploit
systems | ios
SHA-256 | 23ef758e43b0bb631041d08cd27de77d60045e1369c4166c69601d12ea248b03
JSC DFG ObjectAllocationSinkingPhase Crash
Posted Mar 2, 2020
Authored by saelo, Google Security Research

An issue in JSC leaves the data flow graph inconsistent. While fuzzing JavaScriptCore with fuzzilli, the researcher found a crash condition in JSC.

tags | exploit
SHA-256 | f2e43004dcfceafecefbc6c781e8b7b7c0553fe8bd4f4bb81b7c35e3f2629141
Ubuntu Security Notice USN-4294-1
Posted Mar 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4294-1 - It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell commands as any non-root user. It was discovered that OpenSMTPD did not properly handle hardlinks under certain conditions. An unprivileged local attacker could read the first line of any file on the filesystem.

tags | advisory, remote, arbitrary, shell, local, root
systems | linux, ubuntu
advisories | CVE-2020-8793, CVE-2020-8794
SHA-256 | 5b6805dc7503709eaa6444271d78fe6c8eb7dcb5aa91a23ed44fee1b7b1d5835
Cacti 1.2.8 Unauthenticated Remote Code Execution
Posted Mar 2, 2020
Authored by Lucas Amorim | Site metasploit.com

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege.

tags | exploit, remote, arbitrary, shell, php
advisories | CVE-2020-8813
SHA-256 | ddfd448fc925b28a03aaba73be8f9999625bb6879802ec1b4e35f2eeef4e1d87
Microsoft Exchange 2019 15.2.221.12 Remote Code Execution
Posted Mar 2, 2020
Authored by Photubias

Microsoft Exchange 2019 version 15.2.221.12 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-0688
SHA-256 | 2209d610405eecbd97899d9712efd45c455cffc7e713903504d884634ddf470f
Wing FTP Server 6.2.3 Privilege Escalation
Posted Mar 2, 2020
Authored by Cary Hooper

Wing FTP Server version 6.2.3 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 1ae5578623bbeb0e096eb60fd0cab4bbd70d30453e6bbaa55594af0861423833
DevSecOps: A Secured Approach
Posted Mar 2, 2020
Authored by Aman Chhabra

Whitepaper called DevSecOps: A Secure Approach.

tags | paper
SHA-256 | d1546b1bfa5a4a9583edfd0e9540d06f4cb82195830a836cb3257c7867571fbe
Intelbras Wireless N 150Mbps WRN240 Authentication Bypass
Posted Mar 2, 2020
Authored by Elber Tavares

Intelbras Wireless N 150Mbps WRN240 suffers from a configuration upload authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-19142
SHA-256 | 5bad1b9a12d8989f3b8b025212fbd899f758b7bdf17b7706b3077006f7a60b0e
Netis WF2419 2.2.36123 Remote Code Execution
Posted Mar 2, 2020
Authored by Elias Issa

Netis WF2419 version 2.2.36123 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-19356
SHA-256 | 22aa5eac15aadbbbe2668ffb88c241e62f80f6a1ddc35e9f7c92e0c007312e6c
Cyberoam Authentication Client 2.1.2.7 Buffer Overflow
Posted Mar 2, 2020
Authored by Andrey Stoykov

Cyberoam Authentication Client version 2.1.2.7 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 8de7e2da3c8e229cd09e1484f910a5e1e10dde2d8754d786bf6d3a031f64da4f
TP-Link TL-WR849N 0.9.1 4.16 Authentication Bypass
Posted Mar 2, 2020
Authored by Elber Tavares

TP-Link TL-WR849N version 0.9.1 4.16 suffers from a firmware upload authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-19143
SHA-256 | 37bc68f5befaa23906d9aaa24672acb4b48a104af3a17bb29a119d2d699886c2
WordPress Tutor LMS 1.5.3 Cross Site Request Forgery
Posted Mar 2, 2020
Authored by Jinson Varghese Behanan

WordPress Tutor LMS plugin version 1.5.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-8615
SHA-256 | ceb7fad1bddca882cf8865660a2c2e9a841f52a147fd897d47001e0ab57a5343
TP-Link TL-WR849N Remote Code Execution
Posted Mar 2, 2020
Authored by Elber Tavares

TP-Link TL-WR849N suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-9374
SHA-256 | 95d81d485c8d63207e1a1d780392d1575772a750d2a845ebf46f2f0f27699258
Wing FTP Server 6.2.5 Privilege Escalation
Posted Mar 2, 2020
Authored by Cary Hooper

Wing FTP Server version 6.2.5 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 7eb49147e2b7a042914d584480fc87c44246f255a8583d44fa1cc3318ec8da13
Joplin Desktop 1.0.184 Cross Site Scripting
Posted Mar 2, 2020
Authored by Javier Olmedo

Joplin Desktop version 1.0.184 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-9038
SHA-256 | 16c6f4ff1e49361394b17004119f92616b072979bdd28dd5f1b0c7ebba35ae49
Ubuntu Security Notice USN-4293-1
Posted Mar 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4293-1 - It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to access sensitive information. It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a crash resulting in a denial of service or possibly unspecified other impact. This issue only affected Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-19221, CVE-2020-9308
SHA-256 | b3ce47781877c422f784f11e102c7c85af4ed90dd08c975d0db05c60927483a4
QuickHeal Generic Malformed Archive Bypass
Posted Mar 2, 2020
Authored by Thierry Zoller

The QuickHeal parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (GPFLAG) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.

tags | advisory, virus
advisories | CVE-2020-9362
SHA-256 | 21b40b46cf54a2a2543b7b5d28c8636ee603079b9c6d362408cdc930b9943fe1
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close