what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 38 RSS Feed

Files Date: 2019-01-29 to 2019-01-30

iOS / macOS Uninitialized Kernel Stack Disclosure
Posted Jan 29, 2019
Authored by Google Security Research, bazad

iOS and macOS suffer from an if_ports_used_update_wakeuuid() 16-byte uninitialized kernel stack disclosure vulnerability.

tags | exploit, kernel
systems | ios
advisories | CVE-2019-6209
SHA-256 | bdfda9bc65d52d6ed0d3984c8d4faf09c2f19226fdea8d12eea56e1cf1534dd7
PDF Signer 3.0 Template Injection / CSRF / Code Execution
Posted Jan 29, 2019
Authored by dd_

PDF Signer version 3.0 suffers from a server-side template injection vulnerability that can help lead to remote command execution due to improper cookie handling and cross site request forgery issues.

tags | exploit, remote, csrf
SHA-256 | 48355218009f7f221d0640359c0a8692f90c981c4c7fa330a4cb1f8d083ab816
Red Hat Security Advisory 2019-0194-01
Posted Jan 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0194-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a crash related vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-5742
SHA-256 | ae67071105aaf1bdf88ec44bdc6f486f301f9d17ccf4669bb01648d3e0b0d157
Red Hat Security Advisory 2019-0188-01
Posted Jan 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0188-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-18559
SHA-256 | 95543b404311a724e4d4ae3a28dbef2e0c45febdf31c925aa85f1e48fa304ead
Red Hat Security Advisory 2019-0163-01
Posted Jan 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0163-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-18397, CVE-2018-18559
SHA-256 | 67bea05cdf56e6c44d7f698e4059a01ff4fe8c273c037c1f15ba734adc98234f
Red Hat Security Advisory 2019-0201-01
Posted Jan 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0201-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a memory leak vulnerability.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2019-3815
SHA-256 | 850add0778d93ddf380dd47cb0d948b7e9aaf8c2a1e05dd1f3eb6693c18ff086
Red Hat Security Advisory 2019-0204-01
Posted Jan 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0204-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a stack overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-16864, CVE-2018-16865
SHA-256 | 6fcd5d14a723cf02465650b3333098f9f2c57140c8be2ebe89550de8bb349677
Red Hat Security Advisory 2019-0202-01
Posted Jan 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0202-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-18397
SHA-256 | e466d9e8d46a7fbdf7a04ff70339a8429fecbdce61463fd8ca56e052605ddbd5
MiniUPnPd 2.1 Out-Of-Bounds Read
Posted Jan 29, 2019
Authored by b1ack0wl

MiniUPnPd versions 2.1 and below suffer from an out-of-bounds read vulnerability.

tags | exploit
SHA-256 | 2aaa71d09817976536dfc7a03db1bc67d6ef7fb15b152cb8ac3c8251862a3b07
Linux/ARM Bindshell Shellcode
Posted Jan 29, 2019
Authored by Gokul Babu

84 bytes small Linux/ARM TCP bindshell shellcode that binds to port 4321.

tags | tcp, shellcode
systems | linux
SHA-256 | 6675c4fdce11ca644750bc1ad1b0f09cb68100fc6b8fa9a65cf89532da05f2c0
Linux/x86 Read /etc/passwd Shellcode
Posted Jan 29, 2019
Authored by Joao Batista

58 bytes small Linux/x86 read /etc/passwd shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 075f10569d00f66af6a0529e3d650b0e1f373f2b2b3ec572044eed21b422eb92
Linux/x86 execve(/bin/sh) + RShift-1 Encoded Shellcode
Posted Jan 29, 2019
Authored by Joao Batista

29 bytes small Linux/x86 execve(/bin/sh) + RShift-1 encoded shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 509a7b73748516eb1e0fa3477a3f424f87f30464e13f64f0d3cb817ecff4ecd8
Nessus 8.2.1 Cross Site Scripting
Posted Jan 29, 2019
Authored by Ozer Goker

Nessus version 8.2.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 870c026477c2c7e4f6eeb5fd5ac66be8cb2a5d20c5665183930084532b94c6ea
Ubuntu Security Notice USN-3872-1
Posted Jan 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3872-1 - It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information. Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use. A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-14625, CVE-2018-16882, CVE-2018-19407, CVE-2018-19854
SHA-256 | 4db2756d9eb8ba255e08ce015e2fad82f619501758cfcb7947e8a9d0b67adbce
Ubuntu Security Notice USN-3871-1
Posted Jan 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3871-1 - Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2018-10876, CVE-2018-10877, CVE-2018-10880, CVE-2018-10883, CVE-2018-14625, CVE-2018-16882, CVE-2018-17972, CVE-2018-18281, CVE-2018-19407, CVE-2018-9516
SHA-256 | 610a75c7ac7a32b12e02eece3933f2d902097e03a13e3d1b9fd535c83c4f3455
HTML Video Player 1.2.5 Local Buffer Overflow
Posted Jan 29, 2019
Authored by Dino Covotsos

HTML Video Player version 1.2.5 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | 5da13ce830ebd2299eb1a2322857e6fef1523e8861bf45742d5a162d465b4d06
Linux/ARM Reverse Shell Shellcode
Posted Jan 29, 2019
Authored by Gokul Babu

64 bytes small Linux/ARM reverse TCP (192.168.1.124:4321) shell (/bin/sh) shellcode.

tags | shell, tcp, shellcode
systems | linux
SHA-256 | 73c3d7113860971adf57a6d814ed49aa6aaa51053acefa7ce2c6063b4e50e509
OPNsense 18.7 Cross Site Scripting
Posted Jan 29, 2019
Authored by Ozer Goker

OPNsense version 18.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a44846135186b09169adec2a92c9bda73a4e408921351467bd043fb1372c246f
Ubuntu Security Notice USN-3870-1
Posted Jan 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3870-1 - Christophe Fergeau discovered that Spice incorrectly handled memory. A remote attacker could use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-3813
SHA-256 | 75b3b84236b60b3458a63a5f717cbd80617cbb119d28df06110534f0ab7a42d0
CMSsite 1.0 SQL Injection
Posted Jan 29, 2019
Authored by Majid Kalantari

CMSsite version 1.0 suffers from a search functionality-related remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d63bf97dc4889758596cc313f29341919e5ac73cdfef163ee35eabb622775b76
Easy Video To iPod Converter 1.6.20 Buffer Overflow
Posted Jan 29, 2019
Authored by Nawaf Alkeraithe

Easy Video to iPod Converter version 1.6.20 SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | bad439b9588ff44e61f05342f15c5336ad7111ba886aba47b73485a13ce0c09f
Sricam gSOAP 2.8 Denial Of Service
Posted Jan 29, 2019
Authored by Andrew Watson

Sricam gSOAP version 2.8 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2019-6973
SHA-256 | 88977b9cf91572dd8c34d407e04440baa41b34f0cb08737f22c863b37cc2292c
Linux/x86 execve() bc Shellcode
Posted Jan 29, 2019
Authored by Daniele Votta

53 bytes small Linux/x86 execve() shellcode that runs bc (terminal calculator).

tags | x86, shellcode
systems | linux
SHA-256 | a52a21780a286e00252a03c928310b2f2177bd2819099427c7f1d5e55e46f4a1
pfSense 2.4.4-p1 Cross Site Scripting
Posted Jan 29, 2019
Authored by Ozer Goker

pfSense version 2.4.4-p1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e840dc0c5f419e9412d643710140fb69fd328344354d76357ec9c8805ba23e10
Cisco RV300 / RV320 Information Disclosure
Posted Jan 29, 2019
Authored by Harom Ramos

Cisco RV300 and RV320 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
systems | cisco
advisories | CVE-2019-1653
SHA-256 | f64b5564266a9a3f68710710054b391969d788fb5b5f9320aaa4b6b9e833b265
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close