what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2020-05-21

Gym Management System 1.0 Remote Code Execution
Posted May 21, 2020
Authored by Bobby Cooke

Gym Management System version 1.0 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 6a765a2a578f06a7b02f8904bda572779f3d00d6d0bf387951c135a5b72cf9db
Qualys Security Advisory - Qmail Remote Code Execution
Posted May 21, 2020
Authored by Alexander Peslyak, Qualys Security Advisory, Stephane Bellenger, Jean-Paul Michel, Julien Barthelemy, Andrew Richards

In 2005, three vulnerabilities were discovered in qmail but were never fixed because they were believed to be unexploitable in a default installation. Qualys recently re-discovered these vulnerabilities and were able to exploit one of them remotely in a default installation.

tags | exploit, vulnerability
advisories | CVE-2005-1513, CVE-2005-1514, CVE-2005-1515, CVE-2020-3811, CVE-2020-3812
SHA-256 | b40bd18472de68aa880c0372a9f3305689c40f370d5468a34516ef9530fd6906
Ubuntu Security Notice USN-4370-2
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4370-2 - USN-4370-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-3327, CVE-2020-3341
SHA-256 | de5808ae689b12e140acaa5c772d93c4aa0a4002f73bce4c4a5a6876954e3227
Ubuntu Security Notice USN-4371-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4371-1 - It was discovered that libvirt incorrectly handled an active pool without a target path. A remote attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. It was discovered that libvirt incorrectly handled memory when retrieving certain domain statistics. A remote attacker could possibly use this issue to cause libvirt to consume resources, resulting in a denial of service. This issue only affected Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-10703, CVE-2020-12430
SHA-256 | 34c13bb2675b4bde9213fc78d2c244ba963384fec9e6bbbb9cac57d1a9df52e3
Ubuntu Security Notice USN-4372-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4372-1 - It was discovered that QEMU incorrectly handled bochs-display devices. A local attacker in a guest could use this to cause a denial of service or possibly execute arbitrary code in the host. This issue only affected Ubuntu 19.10. It was discovered that QEMU incorrectly handled memory during certain VNC operations. A remote attacker could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-15034, CVE-2019-20382, CVE-2020-10702, CVE-2020-11869, CVE-2020-1983
SHA-256 | 050dff354c465a6781ac554efb3017f827d45dbfbdc0e9dd7c15ae317f968d6f
Apple Security Advisory 2020-05-20-1
Posted May 21, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-05-20-1 - Xcode 11.5 is now available and addresses an issue where a crafted git URL that contains a newline in it may cause credential information to be provided for the wrong host.

tags | advisory
systems | apple
advisories | CVE-2020-11008
SHA-256 | e35976b46ec8572069af8ecfa516e7c0af3685276f36b89073c48c53fa832ce2
Ubuntu Security Notice USN-4370-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4370-1 - It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-3327, CVE-2020-3341
SHA-256 | 877820ed17d981fa733ed7bc43ded0af110ab954d544704bdcd37aea406a4d50
WebLogic Server Deserialization Remote Code Execution
Posted May 21, 2020
Authored by Shelby Pace, Y4er, Jang | Site metasploit.com

This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable WebLogic servers.

tags | exploit, java, remote, code execution, protocol
advisories | CVE-2020-2555
SHA-256 | 520b0c827c8b01d8c2ca1ab697de7f2fc8a7e99f91c7209728f8431d3a566cea
Red Hat Security Advisory 2020-2250-01
Posted May 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2250-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.104 and .NET Core Runtime 3.1.4. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-1108, CVE-2020-1161
SHA-256 | 28b849b188bfaabdfecd6b3f872f23423fe23dafa29b197903d90966ec0e2537
Ubuntu Security Notice USN-4369-1
Posted May 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4369-1 - It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service. Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19377, CVE-2019-19769, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668, CVE-2020-12657
SHA-256 | 69def9b45df53fc4cdb7a3a8ed24f560a00649c84605fd7f555c6571945e7f41
OAuth 2.0 Implementation And Security
Posted May 21, 2020
Authored by Haboob Team

Whitepaper called OAuth 2.0 Implementation and Security.

tags | paper
SHA-256 | 51889b9cb5896e34189c448f717b7809247336b04dd3ebd03675f4128321eeee
AbsoluteTelnet 11.21 Denial Of Service
Posted May 21, 2020
Authored by Xenofon Vassilakopoulos

AbsoluteTelnet version 11.21 suffers from multiple denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
SHA-256 | e993df161cddc11c458ef2147ee5ee2b56312c7490e1bdd9da4c08e93a849ba1
Forma.LMS 5.6.40 Cross Site Request Forgery
Posted May 21, 2020
Authored by Daniel Ortiz

Forma.LMS version 5.6.40 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | a4fbc2d62d59b1ddc6ebd3592eedb0665b21e75d2498e9b5a3b7ff83c3e66e4a
Red Hat Security Advisory 2020-2249-01
Posted May 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2249-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.104 and .NET Core Runtime 3.1.4. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-1108, CVE-2020-1161
SHA-256 | 6b1a7c7b9f7d25f89295aa961301ef2c539a82a7abd3d63adeae12e0f2ad20f5
Hunting Red Team Activities With Forensics Artifacts
Posted May 21, 2020
Authored by Haboob Team

Whitepaper called Hunting Red Team Activities with Forensics Artifacts.

tags | paper
SHA-256 | 36c6a099b355717d492a8ce32ba064c4db6bb7183d16c52762e1fda45ae671c4
Page 1 of 1
Back1Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close