exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-04-25 to 2019-04-26

systemd DynamicUser SetUID Binary Creation
Posted Apr 25, 2019
Authored by Jann Horn, Google Security Research

This bug report describes a bug in systemd that allows a service with DynamicUser in collaboration with another service or user to create a setuid binary that can be used to access its UID beyond the lifetime of the service. This bug probably has relatively low severity, given that there are not many services yet that use DynamicUser, and the requirement of collaboration with another process limits the circumstances in which it would be useful to an attacker further; but in a system that makes heavy use of DynamicUser, it would probably have impact.

tags | exploit
advisories | CVE-2019-3844
SHA-256 | 064bbdd76f48df03346ba02e71f7b8230c92792ac615692d64f9d04ec97b425c
Lavavo CD Ripper 4.20 Buffer Overflow
Posted Apr 25, 2019
Authored by Achilles

Lavavo CD Ripper version 4.20 license activation name SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 3983b9f05d055c78f6849eb93d3fb1883efee5a082c670dbddbea041819ff59e
osTicket 1.11 Cross Site Scripting / Local File Inclusion
Posted Apr 25, 2019
Authored by Ozkan Mustafa Akkus

osTicket version 1.11 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | a3a0c940e3990234b185e1da84523131a41176574735f7fdcd88b7bd105ca85a
Ubuntu Security Notice USN-3956-1
Posted Apr 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3956-1 - It was discovered that Bind incorrectly handled limiting the number of simultaneous TCP clients. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service, tcp
systems | linux, ubuntu
advisories | CVE-2018-5743
SHA-256 | 3d24ed0e149890bba90071f8a75a8241b8ac0de8924929c8af98c07861a6b0c0
Ubuntu Security Notice USN-3955-1
Posted Apr 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3955-1 - It was discovered that tcpflow incorrectly handled certain malformed network packets. A remote attacker could send these packets to a target system, causing tcpflow to crash or possibly disclose sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2018-14938
SHA-256 | 6cf5a53ec29be9040d1801329f4f20f949f71d9d030b7c6df3a273f9ac45bd7c
Ubuntu Security Notice USN-3922-3
Posted Apr 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3922-3 - USN-3922-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-9022, CVE-2019-9640, CVE-2019-9675
SHA-256 | 803a4bbada6ca25b99730a60e87bb2e4bd4ffb9f3b9c099cee7b2e025aff543b
Red Hat Security Advisory 2019-0886-01
Posted Apr 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0886-01 - Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7. This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 6 and 7.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-0223
SHA-256 | 51ee6ce89ffa1483a5ec9d03a365dbe195147c06ea7b02816c74f69960f40146
Gentoo Linux Security Advisory 201904-25
Posted Apr 25, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-25 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 3.1.0-r4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-20815, CVE-2019-9824
SHA-256 | b8ef2d5b31853634154b8d8df5f413eb259a7fcf09e7c186b608a5ad6e3aad61
Gentoo Linux Security Advisory 201904-24
Posted Apr 25, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-24 - Multiple vulnerabilities have been found in Ming, the worst of which could result in a Denial of Service condition. Versions less than 0.20181112 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2017-11728, CVE-2017-11729, CVE-2017-11730, CVE-2017-11731, CVE-2017-11732, CVE-2017-11733, CVE-2017-11734, CVE-2017-9988, CVE-2017-9989, CVE-2018-5251, CVE-2018-5294, CVE-2018-6315, CVE-2018-6358, CVE-2018-6359
SHA-256 | 89fc4c461140c0c378a047021c889a873387afdd57d749af13dc04ddb3fedb14
JioFi 4G M2S 1.0.2 Denial Of Service
Posted Apr 25, 2019
Authored by Vikas Chaudhary

JioFi 4G M2S version 1.0.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2019-7439
SHA-256 | bfb318c7283d8c93cf9ad2a4ebed7e3340ee93cda24996f05d110932ada60d32
JioFi 4G M2S 1.0.2 Cross Site Scripting
Posted Apr 25, 2019
Authored by Vikas Chaudhary

JioFi 4G M2S version 1.0.2 suffers from cross site scripting and html injection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-7438
SHA-256 | a76563a625e94df0efd3181bfd88a48c5d42ad331df04f77b53be95efc39a591
Backup Key Recovery 2.2.4 Denial Of Service
Posted Apr 25, 2019
Authored by Victor Mondragon

Backup Key Recovery version 2.2.4 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | fda5aaec9e849b7ef551fa6227f43b87a963b19943f7a75d681f96e9b8db2be9
HeidiSQL Portable 10.1.0.5464 Denial Of Service
Posted Apr 25, 2019
Authored by Victor Mondragon

HeidiSQL Portable version 10.1.0.5464 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | fde7b9d442a468d221f6586a17c488a893198703baa9d9cfc49c3e636abd98f0
AnMing MP3 CD Burner 2.0 Denial Of Service
Posted Apr 25, 2019
Authored by Achilles

AnMing MP3 CD Burner version 2.0 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 78466ee8b720a5ba53c6f0f8d1341df659ae685fbd0dc8043428a21c726da7c8
TestSSL 3.0rc5
Posted Apr 25, 2019
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This is the fifth release candidate of testssl.sh 3.0 to reflect changes. All distributors and others who use it also for production-like environment are encouraged to switch to this branch as 2.9.5 will not be supported anymore once 3.0 has been released.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 6118f08b88c0075f39820296f0d76889165dd67e64dbfdfd1104d6d122a938c9
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close