exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 361 RSS Feed

Files Date: 2020-01-01 to 2020-01-31

Ubuntu Security Notice USN-4249-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4249-1 - It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5188
SHA-256 | c7e01c28f33f62032e35e64564b339e695d3b0b58a8fe882259ddd8e841dbe52
Ubuntu Security Notice USN-4247-2
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4247-2 - USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This update fixes the problem. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations. Various other issues were also addressed.

tags | advisory, remote, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2019-15795, CVE-2019-15796
SHA-256 | c5c90b310d7f5f0416773ced5efb38ab57d54948ec0f54e9541ce80aac0c7b0f
Pachev FTP Server 1.0 Path Traversal
Posted Jan 23, 2020
Authored by 1F98D

Pachev FTP Server version 1.0 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | fce413bdfabb6b3915f35ab909f61f24a643c6aa052c9135d2737a1eb83f5a47
BOOTP Turbo 2.0 Denial Of Service
Posted Jan 23, 2020
Authored by Bobby Cooke

BOOTP Turbo version 2.0 SEH denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 4db8d480c1490e0ceaf69100cf1cbe4af9a7ab18d90d91ad177474fee888fd2a
Red Hat Security Advisory 2020-0204-01
Posted Jan 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0204-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, heap overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-12207, CVE-2018-16884, CVE-2019-0154, CVE-2019-0155, CVE-2019-10126, CVE-2019-11135, CVE-2019-14816, CVE-2019-14821, CVE-2019-14901, CVE-2019-3900, CVE-2019-5489, CVE-2019-9506
SHA-256 | b8530fb9276e80ebe2fec5b38a7dd5cf3a19b3a0b32577a66ec4d709877292f7
Ubuntu Security Notice USN-4246-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4246-1 - It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that zlib incorrectly handled vectors involving left shifts of negative integers. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
SHA-256 | 96fd07ce458fb8e61373e902d959b958850935f8f23a8cce5911e7b2eb804982
Ubuntu Security Notice USN-4248-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4248-1 - It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16545, CVE-2017-17500, CVE-2017-17782
SHA-256 | d69fb75ca770c778259412c98fe692a2c6aebc454b35f7d0332f43a9069ad63f
Ubuntu Security Notice USN-4247-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4247-1 - It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations.

tags | advisory, remote, python
systems | linux, ubuntu
advisories | CVE-2019-15795, CVE-2019-15796
SHA-256 | 402fb2d1cf0e095a11a20ae7a60a1b22d65ad8b15259576de22ffc2b62eddc30
D-Link DIR-859 Unauthenticated Remote Command Execution
Posted Jan 22, 2020
Authored by Miguel Mendez Z, Pablo Pollanco P | Site metasploit.com

D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi (function genacgi_main() in /htdocs/cgibin), which is accessible without credentials.

tags | exploit, cgi
advisories | CVE-2019-17621
SHA-256 | ae3c3447736253b12652f3498e39b80ef8b5c39fdb23d42cf38844008d3a0195
Reliable Datagram Sockets (RDS) rds_atomic_free_op Privilege Escalation
Posted Jan 22, 2020
Authored by Brendan Coles, Jann Horn, Mohamed Ghannam, nstarke, wbowling | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems by abusing a NULL pointer dereference in the rds_atomic_free_op function in the Reliable Datagram Sockets (RDS) kernel module (rds.ko). Successful exploitation requires the RDS kernel module to be loaded. If the RDS module is not blacklisted (default); then it will be loaded automatically. This exploit supports 64-bit Ubuntu Linux systems, including distributions based on Ubuntu, such as Linux Mint and Zorin OS. This exploit does not bypass SMAP. Bypasses for SMEP and KASLR are included. Failed exploitation may crash the kernel. This module has been tested successfully on various 4.4 and 4.8 kernels.

tags | exploit, kernel, root
systems | linux, ubuntu
advisories | CVE-2018-5333, CVE-2019-9213
SHA-256 | 561f5de542c8d58118095440168a640aad5069622602f1d8eac2d963687098c9
Logwatch 7.5.3
Posted Jan 22, 2020
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 1b2b96879dec01cd02754fe00f8989b11ff16158c3dc7c4aff0faa4b1d34974b
ZOHO ManageEngine ServiceDeskPlus 11.0 Build 11007 Cross Site Scripting
Posted Jan 22, 2020
Authored by Johannes Kruchem | Site sec-consult.com

ZOHO ManageEngine ServiceDeskPlus versions 11.0 Build 11007 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-6843
SHA-256 | f632ef85f28ad70bb9342601a5f35a98d661dd706019e37f2cc899fa7c91121f
Red Hat Security Advisory 2020-0203-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0203-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Issues addressed include a use-after-free vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-18408
SHA-256 | fd41c42c4d6e0236bc390a37c8b4e54beb49086f68361600bcf853843ef316f6
Red Hat Security Advisory 2020-0202-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0202-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659
SHA-256 | 07d56fc7e4caf2f527ad3e717b85088c6e310e363c19dd38f9bf41fb9d929d7e
Employee Leaves Management System 2.0 Cross Site Request Forgery
Posted Jan 22, 2020
Authored by Priyanka Samak

Employee Leaves Management System version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 23e63333eb80703368d37d1301494778ad1aee0e7387febbad89e6da5f993e05
Red Hat Security Advisory 2020-0201-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0201-01 - Python-reportlab is a library used for generation of PDF documents. A code injection vulnerability has been addressed.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-17626
SHA-256 | cb103a9a083151521bc9381369fd06cffa071a2aaad8daf58abf2194681600a9
Red Hat Security Advisory 2020-0199-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0199-01 - OpenSLP is an open source implementation of the Service Location Protocol which is an Internet Engineering Task Force standards track protocol and provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2019-5544
SHA-256 | ee1a609d44b1e387587fd42bd06f64b674a73e249a8bfdf2acef73f85c2fc139
Debian Security Advisory 4608-1
Posted Jan 22, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4608-1 - Multiple integer overflows have been discovered in the libtiff library and the included tools.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2019-14973, CVE-2019-17546
SHA-256 | 1a6497db176ef9c93ca93386cf14b443e5341a899bf60e73653e2502fddb4db2
Red Hat Security Advisory 2020-0172-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0172-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-14818
SHA-256 | d001b2373f4967991ea46a1eae298ded73765592aa4fc39b27a3d55d3390725f
Red Hat Security Advisory 2020-0171-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0171-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-14818
SHA-256 | 83bb345c5b950872096eec2fc7401cdd0e6dd45cb6770fbda9535420a870eea1
Red Hat Security Advisory 2020-0196-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0196-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659
SHA-256 | 4b73be92bf5911b53ca5c01f8c15861f65f82e82eba34cfc359cf2c98888e94b
Red Hat Security Advisory 2020-0195-01
Posted Jan 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0195-01 - Python-reportlab is a library used for generation of PDF documents. A code injection vulnerability has been addressed.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-17626
SHA-256 | 5d992c060ac9ab8902a9fc4ade5f77b62323600e52a861952357389c280b739d
Citrix XenMobile Server 10.8 XML Injection
Posted Jan 22, 2020
Authored by Jonas Lejon

Citrix XenMobile Server version 10.8 suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2018-10653
SHA-256 | 2c11d86d93cfd73bd58d127cdd74b7f28105f208d9e5dc7da4bc9f6274cd90fc
Microsoft Windows 7 Screen Lock Shellcode
Posted Jan 22, 2020
Authored by Saswat Nayak

9 bytes small Microsoft Windows 7 screen locking shellcode.

tags | shellcode
systems | windows
SHA-256 | fc1431ed92ba6d673f84f58b86ea42ac5a467f0e1b9ce283fce744ce538aed69
XNU vm_map_copy Insufficient Fix
Posted Jan 22, 2020
Authored by Google Security Research, Ian Beer

An insufficient fix for CVE-2019-6205 means XNU vm_map_copy optimization which requires atomicity still is not atomic.

tags | exploit
advisories | CVE-2019-6205, CVE-2019-8833
SHA-256 | 64852008642517c7a6286853a18dc6ef2a98bff2e171d9812bbe7c77a11b7b7d
Page 5 of 15
Back34567Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close