what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2019-06-25 to 2019-06-26

Nagios XI Magpie_debug.php Root Remote Code Execution
Posted Jun 25, 2019
Authored by Chris Lyne, Guillaume Andre | Site metasploit.com

This Metasploit module exploits two vulnerabilities in Nagios XI 5.5.6. One allows for unauthenticated remote code execution and another allows for local privilege escalation. When combined, these two vulnerabilities give us a root reverse shell.

tags | exploit, remote, shell, local, root, vulnerability, code execution
advisories | CVE-2018-15708, CVE-2018-15710
SHA-256 | 497ccf076e88aa8797c172933964fb4ad92dddf4ca42816ab9c5f28af82b486b
Red Hat Security Advisory 2019-1603-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1603-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-11707, CVE-2019-11708
SHA-256 | 1c3f2ab92856bea753598266e0cc7112742e48a1357ca4f5bcdf1245036a66c2
Red Hat Security Advisory 2019-1604-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1604-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-11707, CVE-2019-11708
SHA-256 | efd19650a5c49f811bbd4c75bac4c43febd3026a5a92342fc9aa1c76b748f966
Red Hat Security Advisory 2019-1602-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1602-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | 44681c017f6cb6453545b8a6d66047878734200ddb425c65cba895080004b65a
Debian Security Advisory 4471-1
Posted Jun 25, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4471-1 - Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2019-11707, CVE-2019-11708
SHA-256 | 4efa717e1288d15a4d933ab0a6403d42fc7d8662286f3a6e0d8b5818ccf16912
Ubuntu Security Notice USN-4035-1
Posted Jun 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4035-1 - It was discovered that Ceph incorrectly handled read only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 16.04 LTS. It was discovered that Ceph incorrectly handled certain OMAPs holding bucket indices. An authenticated attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-14662, CVE-2018-16846, CVE-2018-16889, CVE-2019-3821
SHA-256 | 85436c925c63103095d0ad444af8d9ef4922926097f5c1fdde3ab59dcf521e93
Ubuntu Security Notice USN-4036-1
Posted Jun 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4036-1 - Erik Olof Gunnar Andersson discovered that OpenStack Neutron incorrectly handled certain security group rules in the iptables firewall module. An authenticated attacker could possibly use this issue to block further application of security group rules for other instances.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-9735
SHA-256 | e4e59fbad634306202b9b1275923fc716c0b615791f01c6e7aa73e2b89177a0b
Ubuntu Security Notice USN-4034-1
Posted Jun 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4034-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, the update for Ubuntu 18.10 and Ubuntu 19.04 includes a default policy change that disables support for the Postscript and PDF formats in ImageMagick. This policy can be overridden if necessary by using an alternate ImageMagick policy configuration. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-12805, CVE-2018-16323, CVE-2018-16645, CVE-2018-18023, CVE-2018-20467, CVE-2019-11470, CVE-2019-7175, CVE-2019-7398
SHA-256 | ecf3a57b2183bd65d70fdbbe614267c9c6cd7c405ee6f4ce6e0d3d339ad01411
Ubuntu Security Notice USN-4037-1
Posted Jun 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4037-1 - The policykit-desktop-privileges Startup Disk Creator policy allowed administrative users to overwrite disks. As a security improvement, this operation now requires authentication.

tags | advisory
systems | linux, ubuntu
SHA-256 | c5f3ca2d62880c10f006e915b63814648747d70ea633f8c5229865fda1477d3e
Red Hat Security Advisory 2019-1594-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1594-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | 42cc94d32edd63d60d4201b04d197d324050b9d1d3c45b0f2c6a12cc47a4bf7f
Ubuntu Security Notice USN-4033-1
Posted Jun 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4033-1 - It was discovered that a libmysofa component does not properly validate multiplications and additions, and may crash with some specific input.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-10672
SHA-256 | 09c6ad3c40f1db2d8e16728433af45b79bd7368acb7ca9b9293a6890e680a595
BlogEngine.NET 3.3.6 / 3.3.7 path Directory Traversal
Posted Jun 25, 2019
Authored by Aaron Bishop

BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from a path directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 6a2c42641d4296f9a21aee848c4725f2494a67b5f3c258c250034179e2a48cf2
Fortinet FCM-MB40 Cross Site Request Forgery / Remote Command Execution
Posted Jun 25, 2019
Authored by XORcat

Fortinet FCM-MB40 suffers from remote command execution and cross site request forgery vulnerabilities.

tags | exploit, remote, vulnerability, csrf
SHA-256 | f3304438db41066a361a9c48682e8fe987bd5904a7ad099883d46442445cc1a3
WordPress Live Chat Unlimited 2.8.3 Cross Site Scripting
Posted Jun 25, 2019
Authored by m0ze

WordPress Live Chat Unlimited plugin version 2.8.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ab8bc1948bcdc3f2bfb4fe1c92cd333ba1e13b7b2227e3a9a5462063b0160841
WordPress iLive 1.0.4 Cross Site Scripting
Posted Jun 25, 2019
Authored by m0ze

WordPress iLive plugin version 1.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fd619811b05b204dfc56b440e51d9beff8359cf1c99ba855c68323667b6eb6f7
SAPIDO RB-1732 Remote Command Execution
Posted Jun 25, 2019
Authored by k1nm3n.aotoi

SAPIDO RB-1732 version 2.0.43 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 8c2ffa8c45bd6258d34b73f2418379b89138a62e8600141be0baac10df62bde8
SuperDoctor5 NRPE Remote Code Execution
Posted Jun 25, 2019
Authored by Simon Gurney

SuperDoctor5 implemented a remote command execution plugin in their implementation of NRPE that can be leveraged without authentication.

tags | exploit, remote
SHA-256 | d6c0429243c969acaf8ffc7a427c26c5b9f2c01b2c9571c53034ba8870bba0d9
Spidermonkey IonMonkey Incorrect Prediction
Posted Jun 25, 2019
Authored by saelo, Google Security Research

Spidermonkey IonMonkey incorrectly predicts return type of Array.prototype.pop, leading to type confusion vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-11707
SHA-256 | 9e304ae2a07d3108f6f5ef85d1c28d031eea4e4fd06da0f3643edab9e09c52ee
Buffer Overflows, C Programming, And More
Posted Jun 25, 2019
Authored by Ricky Sanders

This whitepaper discusses buffer overflows, C socket programming, NSA's GHIDRA, and much more.

tags | paper, overflow
SHA-256 | 0ea7c3bd93f2fba6ee55a0ccf041c83ed5a8df449578075de3d9706bd453e572
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close