exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 397 RSS Feed

Files Date: 2018-11-01 to 2018-11-30

Red Hat Security Advisory 2018-3665-01
Posted Nov 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3665-01 - NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband, and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Issues addressed include an out-of-bounds heap write.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-15688
SHA-256 | 931c94c499dac21904afc66a5700e4de49fdf7295724f9dfb38c90a85d1657e6
Red Hat Security Advisory 2018-3663-01
Posted Nov 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3663-01 - sos-collector is a utility that gathers sosreports from multi-node environments. sos-collector facilitates data collection for support cases and it can be run from either a node or from an administrator's local workstation that has network access to the environment. Issues addressed include incorrect permissions.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2018-14650
SHA-256 | fe979cf7307d73939c41d907efdc14c6ab25afb04488e4335efe9d5fecd63411
Red Hat Security Advisory 2018-3651-01
Posted Nov 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3651-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, and null pointer vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-14633, CVE-2018-14646
SHA-256 | 0d4ad75e1c0c0488c5fb0adc68d8e4c2c04aae6be649e37a8ba52aa3d7c799ba
Red Hat Security Advisory 2018-3650-01
Posted Nov 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3650-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include a file permission vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-15908, CVE-2018-15909, CVE-2018-16511, CVE-2018-16539
SHA-256 | 28914afeb0062811d3d1b40491a6e1a5af3b6a78b6677f4f2d6e8b173636b5aa
Gentoo Linux Security Advisory 201811-16
Posted Nov 27, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-16 - Multiple vulnerabilities have been found in strongSwan, the worst of which could lead to a Denial of Service condition. Versions less than 5.7.1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-10811, CVE-2018-16151, CVE-2018-16152, CVE-2018-17540, CVE-2018-5388, CVE-2018-6459
SHA-256 | 90b2c65ae66ecb8393798be16d494aeac84b63c0e80ade4bc9082323fe2ace84
Red Hat Security Advisory 2018-3656-01
Posted Nov 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3656-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include an use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-17182, CVE-2018-18021
SHA-256 | 138d3b2eb90b7429ef67ed1169a8e658e887b799fbbaab3eeed73288fade789c
phpMyAdmin 4.8.1 Authenticated Local File Inclusion
Posted Nov 27, 2018
Authored by Lucian Ioan Nitescu

phpMyAdmin version 4.8.1 authenticated local file inclusion proof of concept exploits.

tags | exploit, local, proof of concept, file inclusion
advisories | CVE-2018-12613
SHA-256 | 99adf4308fa706903d75dfc6e085c7ba2d9885c407bb3424f26d594818c0460a
Red Hat Security Advisory 2018-3655-01
Posted Nov 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3655-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. Issues addressed include a ridiculous amount of unspecified vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2018-2755, CVE-2018-2758, CVE-2018-2759, CVE-2018-2761, CVE-2018-2762, CVE-2018-2766, CVE-2018-2769, CVE-2018-2771, CVE-2018-2773, CVE-2018-2775, CVE-2018-2776, CVE-2018-2777, CVE-2018-2778, CVE-2018-2779, CVE-2018-2780, CVE-2018-2781, CVE-2018-2782, CVE-2018-2784, CVE-2018-2786, CVE-2018-2787, CVE-2018-2810, CVE-2018-2812, CVE-2018-2813, CVE-2018-2816, CVE-2018-2817, CVE-2018-2818, CVE-2018-2819, CVE-2018-2839
SHA-256 | dfcc00ca751525154904480761efc7b9132aeacc330cada2b5b82e472c7fe96e
Red Hat Security Advisory 2018-3671-01
Posted Nov 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3671-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP35. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2018-13785, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180, CVE-2018-3214
SHA-256 | b9e101d4654d1ee487628b0854b423e6a5e72265a863ae854851e88b704f39d0
Red Hat Security Advisory 2018-3672-01
Posted Nov 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3672-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP35. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2018-13785, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180, CVE-2018-3214
SHA-256 | de9a35cc190a2af10e419079bbc8309b996a09cfe811621caa087d3d2b12cfa2
Ubuntu Security Notice USN-3826-1
Posted Nov 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3826-1 - Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. It was discovered that QEMU incorrectly handled the Slirp networking back-end. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10839, CVE-2018-11806, CVE-2018-12617, CVE-2018-16847, CVE-2018-17958, CVE-2018-17962, CVE-2018-17963, CVE-2018-18849, CVE-2018-18954, CVE-2018-19364
SHA-256 | 4e4c876bb878a34b2dd16b55e3b1d2a08ed115428511e04586ecb54058caa47b
Gentoo Linux Security Advisory 201811-15
Posted Nov 26, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-15 - Multiple vulnerabilities have been found in MuPDF, the worst of which could allow the remote execution of arbitrary code. Versions less than 1.13.0 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-15587, CVE-2017-17858, CVE-2018-1000036, CVE-2018-1000037, CVE-2018-1000038, CVE-2018-1000039, CVE-2018-1000040, CVE-2018-1000051, CVE-2018-5686, CVE-2018-6187, CVE-2018-6192, CVE-2018-6544
SHA-256 | 84fc1bb2dacd392565404ca0665e2a21baa49ee8d248356babe74470a83a9a3a
Red Hat Security Advisory 2018-3653-01
Posted Nov 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3653-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-16843, CVE-2018-16845
SHA-256 | cdf8832a2ee43f362646287957e86d0a848865e5cbce03448952aedf3e742e46
No-Cms 1.0 SQL Injection
Posted Nov 26, 2018
Authored by Loading Kura Kura

No-Cms version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 70c8dc45a5d1b796fb3ea69e6b5f19f4feddf01fdbbd17933705d365bbd73ddd
Debian Security Advisory 4344-1
Posted Nov 26, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4344-1 - Aidan Marlin discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling invalid style tag content.

tags | advisory, imap, xss
systems | linux, debian
advisories | CVE-2018-19206
SHA-256 | 61088ba4c1524225f61aba788ca2db36974325e1503cca823eabfc5a0b66ce79
MariaDB Client 10.1.26 Denial Of Service
Posted Nov 26, 2018
Authored by strider

MariaDB Client version 10.1.26 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | a054d0e347263826f67fc89d81e52aa27f6e3a54105a83b36e41a5afcc238e9c
WordPress Easy Testimonials 3.2 Cross Site Scripting
Posted Nov 26, 2018
Authored by En_dust

WordPress Easy Testimonials version 3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ca72b4de993e05684b5aade461f5c5d0c3aaccf69110cfee697d504c773fc1e9
Zyxel VMG1312-B10D 5.13AAXA.8 Directory Traversal
Posted Nov 26, 2018
Authored by numan turle

Zyxel VMG1312-B10D 5.13AAXA.8 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 60c8e9a5e09699dcc7795a645cfb7557da62d34304af0a5f585f8638ad3a1365
Red Hat Security Advisory 2018-3652-01
Posted Nov 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3652-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-16845
SHA-256 | 13d4d0dbcb52c25e093c1a22ae583ea2870ab00c6e2cac59c54802f4b830fccc
Arm Whois 3.11 Buffer Overflow
Posted Nov 26, 2018
Authored by zephyr

Arm Whois version 3.11 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | a49cb25efda24f3cfb28adf894e9afdd88945abc5c1b68d5f86a2ba3a21f6906
Red Hat Security Advisory 2018-3648-01
Posted Nov 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3648-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 70.0.3538.110. Issues addressed include an use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-17478, CVE-2018-17479
SHA-256 | c03fc5ca2a56763a4889075cf695caab0284cdb260e9b4c61ee185bdae126268
Debian Security Advisory 4343-1
Posted Nov 26, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4343-1 - It was discovered that a buffer overflow in liveMedia, a set of C++ libraries for multimedia streaming could result in the execution of arbitrary code when parsing a malformed RTSP stream.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2018-4013
SHA-256 | 2a657e6e38cb5cf8947b1dab8cdb89fdc98f0ab6a0750b9ac6895379d8ba8f24
Xorg X11 Server SUID Privilege Escalation
Posted Nov 25, 2018
Authored by Narendra Shinde, Raptor, Aaron Ringo | Site metasploit.com

This Metasploit module attempts to gain root privileges with SUID Xorg X11 server versions 1.19.0 up to 1.20.3. A permission check flaw exists for -modulepath and -logfile options when starting Xorg. This allows unprivileged users that can start the server the ability to elevate privileges and run arbitrary code under root privileges. This Metasploit module has been tested with OpenBSD 6.3, 6.4, and CentOS 7 (1708). CentOS default install will require console auth for the users session. Cron launches the payload so if Selinux is enforcing exploitation may still be possible, but the module will bail. Xorg must have SUID permissions and may not start if running. On exploitation a crontab.old backup file will be created by Xorg. This Metasploit module will remove the .old file and restore crontab after successful exploitation. Failed exploitation may result in a corrupted crontab. On successful exploitation artifacts will be created consistent with starting Xorg and running a cron.

tags | exploit, arbitrary, root
systems | linux, openbsd, centos
advisories | CVE-2018-14665
SHA-256 | 720e628b35284931ff0424715e648634cd3ec31db1a89c8b1fff88eddfb6f4ab
Faraday 3.3
Posted Nov 25, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added workspace disable feature. Added mac vendor to host and services. Fixed typos and add sorting in workspace name. Many other improvements and fixes.
tags | tool, rootkit
systems | unix
SHA-256 | 49e3afed0405da7500e76bab416a443a15f2e568167d0093f29c0574bcc959d1
Gentoo Linux Security Advisory 201811-14
Posted Nov 25, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-14 - Multiple vulnerabilities have been found in Exiv2, the worst of which could result in a Denial of Service condition. Versions less than 0.26_p20180811-r3 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2017-17723, CVE-2017-17724, CVE-2018-10780, CVE-2018-10958, CVE-2018-10998, CVE-2018-10999, CVE-2018-11037, CVE-2018-11531, CVE-2018-12264, CVE-2018-12265, CVE-2018-5772, CVE-2018-8976, CVE-2018-8977, CVE-2018-9144, CVE-2018-9145, CVE-2018-9146, CVE-2018-9303, CVE-2018-9304, CVE-2018-9305, CVE-2018-9306
SHA-256 | ee5e076345c3013fb9bb4e7700361e743a480b23a91f3f44b3e6c71e0abaa72f
Page 3 of 16
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close