exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-05-21

Gym Management System 1.0 Remote Code Execution
Posted May 21, 2020
Authored by Bobby Cooke

Gym Management System version 1.0 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | ce64ae85eae1a7a26c36e368e636d47b
Qualys Security Advisory - Qmail Remote Code Execution
Posted May 21, 2020
Authored by Alexander Peslyak, Qualys Security Advisory, Stephane Bellenger, Jean-Paul Michel, Julien Barthelemy, Andrew Richards

In 2005, three vulnerabilities were discovered in qmail but were never fixed because they were believed to be unexploitable in a default installation. Qualys recently re-discovered these vulnerabilities and were able to exploit one of them remotely in a default installation.

tags | exploit, vulnerability
advisories | CVE-2005-1513, CVE-2005-1514, CVE-2005-1515, CVE-2020-3811, CVE-2020-3812
MD5 | f669ab533f30c6f109eb83ceceabfd6c
Ubuntu Security Notice USN-4370-2
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4370-2 - USN-4370-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-3327, CVE-2020-3341
MD5 | 41f2316b173eea1d00d120657fb88797
Ubuntu Security Notice USN-4371-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4371-1 - It was discovered that libvirt incorrectly handled an active pool without a target path. A remote attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. It was discovered that libvirt incorrectly handled memory when retrieving certain domain statistics. A remote attacker could possibly use this issue to cause libvirt to consume resources, resulting in a denial of service. This issue only affected Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-10703, CVE-2020-12430
MD5 | 277d54e2071edbe532c6f11bdd7e2022
Ubuntu Security Notice USN-4372-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4372-1 - It was discovered that QEMU incorrectly handled bochs-display devices. A local attacker in a guest could use this to cause a denial of service or possibly execute arbitrary code in the host. This issue only affected Ubuntu 19.10. It was discovered that QEMU incorrectly handled memory during certain VNC operations. A remote attacker could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-15034, CVE-2019-20382, CVE-2020-10702, CVE-2020-11869, CVE-2020-1983
MD5 | abf7184cc2087c06b76ddc60ed0d60ed
Apple Security Advisory 2020-05-20-1
Posted May 21, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-05-20-1 - Xcode 11.5 is now available and addresses an issue where a crafted git URL that contains a newline in it may cause credential information to be provided for the wrong host.

tags | advisory
systems | apple
advisories | CVE-2020-11008
MD5 | 550c1f832f43751d05f4ca8e901458c9
Ubuntu Security Notice USN-4370-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4370-1 - It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-3327, CVE-2020-3341
MD5 | 39f5e383f91d9ec029fffde8daa2385b
WebLogic Server Deserialization Remote Code Execution
Posted May 21, 2020
Authored by Shelby Pace, Y4er, Jang | Site metasploit.com

This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable WebLogic servers.

tags | exploit, java, remote, code execution, protocol
advisories | CVE-2020-2555
MD5 | e3a30f51596b55d810e3f2ed09788c15
Red Hat Security Advisory 2020-2250-01
Posted May 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2250-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.104 and .NET Core Runtime 3.1.4. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-1108, CVE-2020-1161
MD5 | a4c539e4109d5abbc217a76afdc7d685
Ubuntu Security Notice USN-4369-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4369-1 - It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service. Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19377, CVE-2019-19769, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668, CVE-2020-12657
MD5 | 6d0bd201f6f7817bc3279a320a6733e2
OAuth 2.0 Implementation And Security
Posted May 21, 2020
Authored by Haboob Team

Whitepaper called OAuth 2.0 Implementation and Security.

tags | paper
MD5 | a294cb726f90f642c711278a697e63d8
AbsoluteTelnet 11.21 Denial Of Service
Posted May 21, 2020
Authored by Xenofon Vassilakopoulos

AbsoluteTelnet version 11.21 suffers from multiple denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
MD5 | c6e0e3ab4dda77e8307396c81a4fe5a9
Forma.LMS 5.6.40 Cross Site Request Forgery
Posted May 21, 2020
Authored by Daniel Ortiz

Forma.LMS version 5.6.40 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | a8f9d8914f351df98bfca9858bb28623
Red Hat Security Advisory 2020-2249-01
Posted May 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2249-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.104 and .NET Core Runtime 3.1.4. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-1108, CVE-2020-1161
MD5 | 36c26d6172e6afa550148adff581f4fd
Hunting Red Team Activities With Forensics Artifacts
Posted May 21, 2020
Authored by Haboob Team

Whitepaper called Hunting Red Team Activities with Forensics Artifacts.

tags | paper
MD5 | 052010f0eb75a3b84fd5b85efbeb2cbb
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close