exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-05-01 to 2019-05-02

SQLMAP - Automatic SQL Injection Tool 1.3.5
Posted May 1, 2019
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: More drei updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 74831f827a84cea61a2a91abcb935f07
Ruby On Rails DoubleTap Development Mode secret_key_base Remote Code Execution
Posted May 1, 2019
Authored by sinn3r, mpgn, ooooooo_q | Site metasploit.com

This Metasploit module exploits a vulnerability in Ruby on Rails. In development mode, a Rails application would use its name as the secret_key_base, and can be easily extracted by visiting an invalid resource for a path. As a result, this allows a remote user to create and deliver a signed serialized payload, load it by the application, and gain remote code execution.

tags | exploit, remote, code execution, ruby
advisories | CVE-2019-5420
MD5 | af50d1f86ede2ddcb95a3900ee62a058
Ubuntu Security Notice USN-3962-1
Posted May 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3962-1 - It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-7317
MD5 | f4ed0cb626722f39697532c827906c34
Winamp 5.12 Playlist (.pls) Buffer Overflow
Posted May 1, 2019
Authored by Daniele Votta

Winamp version 5.12 playlist (.pls) buffer overflow exploit with ASLR + EGGHUNT + REV_SHELL. Written in Python.

tags | exploit, overflow, python
MD5 | b4f68883190d67e734981e318f21c348
Johnny You Are Fired
Posted May 1, 2019
Authored by Juraj Somorovsky, Jorg Schwenk, Sebastian Schinzel, Damian Poddebniak, Hanno Bock, Jens Muller, Marcus Brinkmann

This archive contains proof of concepts and a whitepaper that describes multiple email client implementations where popular clients for email are vulnerable to signature spoofing attacks.

tags | exploit, paper, spoof, proof of concept
advisories | CVE-2017-17848, CVE-2018-12019, CVE-2018-12020, CVE-2018-12356, CVE-2018-12556, CVE-2018-15586, CVE-2018-15587, CVE-2018-15588, CVE-2018-18509, CVE-2019-8338
MD5 | d247e4ccd9f597d40309c5f5e797a348
Red Hat Security Advisory 2019-0935-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0935-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include an incorrect validation of port settings.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10876, CVE-2019-9735
MD5 | c5651c0df9d69453e31420b87bafcbd8
Ubuntu Security Notice USN-3961-1
Posted May 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3961-1 - It was discovered that the Dovecot Submission login service incorrectly handled certain operations. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-11494
MD5 | 7383cd3cc90d5fe74db56ff1543d23d0
Red Hat Security Advisory 2019-0919-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0919-01 - OpenStack Telemetry collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents for data collection. This data is stored in a database and presented via the REST API. Issues include a sensitive data disclosure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3830
MD5 | f3a36ab164638f737c0005f2f32c77d9
CentOS Web Panel Domain Field Cross Site Scripting
Posted May 1, 2019
Authored by DKM

CentOS Web Panel versions 0.9.8.793 (Free), 0.9.8.753 (Pro), and 0.9.8.807 (Pro) suffer from a domain field (Add DNS Zone) cross site scripting vulnerability.

tags | exploit, web, xss
systems | linux, centos
advisories | CVE-2019-11429
MD5 | be5c79be3a331f5a1d0193ab501c129f
phpBB 3.2.5 Denial Of Service
Posted May 1, 2019
Authored by Colin Snover

phpBB versions 3.2.5 and below suffer from a native full text denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2019-9826
MD5 | c5811b9abc0a93f3730a4f0ec740ca6c
OpenSkos Simple Knowledge Organization System 2.0 File Disclosure
Posted May 1, 2019
Authored by KingSkrupellos

OpenSkos Simple Knowledge Organization System version 2.0 suffers from a database configuration file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 52772e6113f454175b227690bf6e9b77
Red Hat Security Advisory 2019-0916-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0916-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include an invalid port setting validation.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9735
MD5 | e7a6bc482b4be832168ad48f3ace886b
Sentrifugo Human Resource Management System 3.2 File Disclosure
Posted May 1, 2019
Authored by KingSkrupellos

Sentrifugo Human Resource Management System version 3.2 suffers from a database configuration file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 0a345463685c9efdf1b45a291f01772d
MailCarrier 2.51 HELP Remote Buffer Overflow
Posted May 1, 2019
Authored by Vinaykumar Yennam, Dheepshika Raghunathan

MailCarrier version 2.51 HELP remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | 0379cc827183c591a378940d279e9584
Red Hat Security Advisory 2019-0917-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0917-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fibre Channel, iSCSI, and NFS mounts attached to Compute nodes. Issues addressed include a data retention issue post deletion.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2017-15139
MD5 | 5142f017c19ecf1c4c99522e0bc2030c
Red Hat Security Advisory 2019-0911-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0911-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-19039
MD5 | 444899664506442d78eac488fe8d1d45
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    9 Files
  • 23
    Aug 23rd
    3 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close