exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2020-03-02

Ubuntu Security Notice USN-4288-2
Posted Mar 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4288-2 - USN-4288-1 fixed a vulnerability in ppp. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8597
MD5 | 6bcbc056e18596d35faa4a6244f984a9
macOS / iOS ImageIO OpenEXR Image Processing Memory Issues
Posted Mar 2, 2020
Authored by saelo, Google Security Research

macOS and iOS have a vulnerability with ImageIO where memory safety issues occur when processing OpenEXR images.

tags | exploit
systems | ios
MD5 | dfd701d5c1fe94bd260c7c44d2b790ff
JSC DFG ObjectAllocationSinkingPhase Crash
Posted Mar 2, 2020
Authored by saelo, Google Security Research

An issue in JSC leaves the data flow graph inconsistent. While fuzzing JavaScriptCore with fuzzilli, the researcher found a crash condition in JSC.

tags | exploit
MD5 | 8ff3ad6a06cbb649d99f59f076aa906e
Ubuntu Security Notice USN-4294-1
Posted Mar 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4294-1 - It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell commands as any non-root user. It was discovered that OpenSMTPD did not properly handle hardlinks under certain conditions. An unprivileged local attacker could read the first line of any file on the filesystem.

tags | advisory, remote, arbitrary, shell, local, root
systems | linux, ubuntu
advisories | CVE-2020-8793, CVE-2020-8794
MD5 | 4dae00ef525530e6ea55476c447cd9fd
Cacti 1.2.8 Unauthenticated Remote Code Execution
Posted Mar 2, 2020
Authored by Lucas Amorim | Site metasploit.com

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege.

tags | exploit, remote, arbitrary, shell, php
advisories | CVE-2020-8813
MD5 | e3413f767022b61c38a8008949f806d6
Microsoft Exchange 2019 15.2.221.12 Remote Code Execution
Posted Mar 2, 2020
Authored by Photubias

Microsoft Exchange 2019 version 15.2.221.12 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-0688
MD5 | b2b86272dc81d9cb5dc7d3f7fcf5da05
Wing FTP Server 6.2.3 Privilege Escalation
Posted Mar 2, 2020
Authored by Cary Hooper

Wing FTP Server version 6.2.3 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | 55e0bd61fc7c43fec8d097e8ee28ba40
DevSecOps: A Secured Approach
Posted Mar 2, 2020
Authored by Aman Chhabra

Whitepaper called DevSecOps: A Secure Approach.

tags | paper
MD5 | 8bde486fb697b20ebfafa96b68611e5a
Intelbras Wireless N 150Mbps WRN240 Authentication Bypass
Posted Mar 2, 2020
Authored by Elber Tavares

Intelbras Wireless N 150Mbps WRN240 suffers from a configuration upload authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-19142
MD5 | 08f181f9560eb9e4a94a4d1854dc1d20
Netis WF2419 2.2.36123 Remote Code Execution
Posted Mar 2, 2020
Authored by Elias Issa

Netis WF2419 version 2.2.36123 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-19356
MD5 | dbd50affdbcb32ab1bb41adb5453cfeb
Cyberoam Authentication Client 2.1.2.7 Buffer Overflow
Posted Mar 2, 2020
Authored by Andrey Stoykov

Cyberoam Authentication Client version 2.1.2.7 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | eddba6d1362143102912cf298aa013f1
TP-Link TL-WR849N 0.9.1 4.16 Authentication Bypass
Posted Mar 2, 2020
Authored by Elber Tavares

TP-Link TL-WR849N version 0.9.1 4.16 suffers from a firmware upload authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-19143
MD5 | 5fc10515451b2b85ebfa1e9f129e6190
WordPress Tutor LMS 1.5.3 Cross Site Request Forgery
Posted Mar 2, 2020
Authored by Jinson Varghese Behanan

WordPress Tutor LMS plugin version 1.5.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-8615
MD5 | a3195f351910c4acd40c82f3afff25c6
TP-Link TL-WR849N Remote Code Execution
Posted Mar 2, 2020
Authored by Elber Tavares

TP-Link TL-WR849N suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-9374
MD5 | edfc7196db196658aa9ca7bde6deb539
Wing FTP Server 6.2.5 Privilege Escalation
Posted Mar 2, 2020
Authored by Cary Hooper

Wing FTP Server version 6.2.5 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | 94c9cff08d8ed9f26e94d37311beaa3f
Joplin Desktop 1.0.184 Cross Site Scripting
Posted Mar 2, 2020
Authored by Javier Olmedo

Joplin Desktop version 1.0.184 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-9038
MD5 | a39577ab43a6ccb0a439fe8666c863ac
Ubuntu Security Notice USN-4293-1
Posted Mar 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4293-1 - It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to access sensitive information. It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a crash resulting in a denial of service or possibly unspecified other impact. This issue only affected Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-19221, CVE-2020-9308
MD5 | 09204296a171196350f0efa2e5812ade
QuickHeal Generic Malformed Archive Bypass
Posted Mar 2, 2020
Authored by Thierry Zoller

The QuickHeal parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (GPFLAG) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.

tags | advisory, virus
advisories | CVE-2020-9362
MD5 | 2d1368f34cff9cc52d2696d0eccc0d18
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close