exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 151 - 175 of 397 RSS Feed

Files Date: 2018-11-01 to 2018-11-30

Ubuntu Security Notice USN-3822-1
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3822-1 - Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service. It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9588, CVE-2017-13168, CVE-2017-16649, CVE-2018-16658, CVE-2018-9363
SHA-256 | 9f6d94f1901e1160d9a212fff4c9f220ff1ecdd77f62d48385aa6a8148a71140
Ubuntu Security Notice USN-3821-2
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3821-2 - USN-3821-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-10880, CVE-2018-13053, CVE-2018-13096, CVE-2018-14609, CVE-2018-14617, CVE-2018-17972, CVE-2018-18021
SHA-256 | 2b45d9df391d578d2bf6120f0c3781be981c031e4fcd0cab749bd0c70ec71961
Kordil EDMS 2.2.60rc3 Shell Upload
Posted Nov 15, 2018
Authored by Ihsan Sencan

Kordil EDMS version 2.2.60rc3 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, sql injection
SHA-256 | f72a98f4c0e9518173ad08f8480a4f55ab7b65614d15d7095122b05a34900cc5
Meneame English Pligg 5.8 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

Meneame English Pligg version 5.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5d3ec51ad553ecccb8acc37b8f502d96f1b506ec81ff3ef06816d9d48915dda4
EverSync 0.5 Arbitrary File Download
Posted Nov 15, 2018
Authored by Ihsan Sencan

EverSync version 0.5 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
SHA-256 | 1f94245865e6a4887db7be439b0a6fcd7fe5e266951e6feb027af50cd4738fbd
Ubuntu Security Notice USN-3817-2
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3817-2 - USN-3817-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2018-1000030, CVE-2018-1000802, CVE-2018-1061, CVE-2018-14647
SHA-256 | cb1574e89bac72af854da99e6193cfbfb3f0473a690d83816718c2897ab1315e
Ubuntu Security Notice USN-3821-1
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3821-1 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-10880, CVE-2018-13053, CVE-2018-13096, CVE-2018-14609, CVE-2018-14617, CVE-2018-17972, CVE-2018-18021
SHA-256 | 254ad91732f674016cc8c241e3bd94844f31ec3b8f719729a95810b24cec4ab4
Ubuntu Security Notice USN-3820-3
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3820-3 - Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-13168, CVE-2018-15471, CVE-2018-16658, CVE-2018-9363
SHA-256 | 27691f5c9bbbf2b22481fdaf983d898f49b6c8efcbae90eb0dd1b8f97d0bd701
Galaxy Forces MMORPG 0.5.8 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

Galaxy Forces MMORPG version 0.5.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 542ca72a0728a1b6e9f669a66a27e9f07461cd5160ae21c4ae7af03da6ce89e4
Net-Billetterie 2.9 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

Net-Billetterie version 2.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | faccdf3ed437e1fbdc892c103a8341cdbe460ef09c4493184ad108a78644716e
BiP Messenger Denial Of Service
Posted Nov 15, 2018
Authored by KnocKout

BiP Messenger suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 89cae9b8bd0155540d7eb5b47a45252724678bdf6ca15e07da455bd741120544
Apkatshu 1.0
Posted Nov 15, 2018
Authored by Abdeljalil Nouiri

Apkatshu is a tool for for extracting urls, emails, ip addresses, and interesting data from APK files. The user can choose either JADX or APKTOOL for de-compilation.

tags | tool
systems | unix
SHA-256 | 0a16eb2df6020b32b626ac9e2fa4521f69687f1d9436abc2e30d5674e1abd5f4
Malicious Git HTTP Server
Posted Nov 15, 2018
Site metasploit.com

This Metasploit module exploits CVE-2018-17456, which affects Git versions 2.14.5, 2.15.3, 2.16.5, 2.17.2, 2.18.1, and 2.19.1 and lower. When a submodule url which starts with a dash e.g "-u./payload" is passed as an argument to git clone, the file "payload" inside the repository is executed. This Metasploit module creates a fake git repository which contains a submodule containing the vulnerability. The vulnerability is triggered when the submodules are initialized.

tags | exploit
advisories | CVE-2018-17456
SHA-256 | 5e9e44960e6f06d93f426ccf255b7325e10a8e4880af47ebb08bf7796333190e
Ubuntu Security Notice USN-3820-2
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3820-2 - USN-3820-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13168, CVE-2018-15471, CVE-2018-16658, CVE-2018-9363
SHA-256 | d909cd2e86e3dde5d46e66b9cb445a01b6dedcccaa02601d20cef8194c59b797
BitZoom 1.0 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

BitZoom version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ab872a1a59749c409496abc84e0ebdf7ceb655d34d139e1aa68ff1baa9f64d2f
Ubuntu Security Notice USN-3818-1
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3818-1 - It was discovered that PostgreSQL incorrectly handled certain trigger definitions when running pg_upgrade or pg_dump. A remote attacker could possibly use this issue to execute arbitrary SQL statements with superuser privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-16850
SHA-256 | 52ce5bc340aafe105e554cf1294034e3d1b9d8d710cc9ca73192ced1ce6c377f
Precurio Intranet Portal 2.0 Cross Site Request Forgery
Posted Nov 15, 2018
Authored by Ihsan Sencan

Precurio Intranet Portal version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 75835f56fce61d371e7184ad5671bdc7ab8b387e6307d73f084a2214854f18c1
DoceboLMS 1.2 Shell Upload / SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

DoceboLMS version 1.2 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | 1942dc719390f093bb247872434c6692200916c4e176aa316a1173b88d721671
Ubuntu Security Notice USN-3820-1
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3820-1 - Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-13168, CVE-2018-15471, CVE-2018-16658, CVE-2018-9363
SHA-256 | 33d95214e519f77560280b735b814c81a899f8a9f824d8f38c685c13950636c8
Ubuntu Security Notice USN-3819-1
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3819-1 - Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2018-15471
SHA-256 | bcf564aa62d3ac4b93ddf052ffaa8f0b083bbffadf362edb33538b52ea5a5474
Electricks eCommerce 1.0 Cross Site Scripting
Posted Nov 15, 2018
Authored by Nawaf Alkeraithe

Electricks eCommerce version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | adfff7d4faa6354ac38b82b4a1d79cfea6b4092a8abf26e61b77468b3517e750
Pedidos 1.0 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

Pedidos version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2adb71049b745c1e9bb57310dd7c0c139e445155ed04bb3c9e7bce7a136429eb
Rmedia SMS 1.0 SQL Injection
Posted Nov 15, 2018
Authored by Ihsan Sencan

Rmedia SMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3fbb2425bceaf71e6ec798974bd932ee4a593f8009677e30c2cfd88c95a4e561
Debian Security Advisory 4339-1
Posted Nov 15, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4339-1 - Multiple vulnerabilities were discovered in Ceph, a distributed storage replay attacks and calculated signatures incorrectly, "ceph mon" did not validate capabilities for pool operations (resulting in potential corruption or deletion of snapshot images) and a format string vulnerability in libradosstriper could result in denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2017-7519, CVE-2018-1086, CVE-2018-1128, CVE-2018-1129
SHA-256 | c7019432346c7f81c0a0665e9d626906d42c2b89e4a3f57a8aca378822cf9293
VMware Security Advisory 2018-0028
Posted Nov 15, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0028 - VMware vRealize Log Insight updates address an authorization bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2018-6980
SHA-256 | dfcf464e77f748c4151376c197f02fdba0c45af7029dd0c42cc83963fd6091c5
Page 7 of 16
Back56789Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close