exploit the possibilities
Showing 1 - 25 of 13,686 RSS Feed

Arbitrary Files

Ubuntu Security Notice USN-4065-1
Posted Jul 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4065-1 - It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. It was discovered that Squid incorrectly handled Basic authentication. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12525, CVE-2019-12527, CVE-2019-12529
MD5 | 4f76b96ab8a7b06f1886fa584c06000c
Ubuntu Security Notice USN-4064-1
Posted Jul 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4064-1 - A sandbox escape was discovered in Thunderbird. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same origin restrictions, conduct cross-site scripting attacks, spoof origin attributes, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, xss
systems | linux, ubuntu
advisories | CVE-2019-11709, CVE-2019-11715, CVE-2019-11717, CVE-2019-11719, CVE-2019-11729, CVE-2019-11730, CVE-2019-9811
MD5 | f7be91863a97abc792600ed7d274b78d
Ubuntu Security Notice USN-4063-1
Posted Jul 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4063-1 - Nils Emmerich discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. Matei "Mal" Badanoiu discovered that LibreOffice incorrectly handled stealth mode. Contrary to expectations, bullet graphics could be retrieved from remote locations when running in stealth mode. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-9848, CVE-2019-9849
MD5 | 5c4a3cb496c551255388e2750ed2e624
Ubuntu Security Notice USN-4061-1
Posted Jul 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4061-1 - It was discovered that Redis incorrectly handled the hyperloglog data structure. An attacker could use this issue to cause Redis to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-10192
MD5 | 8b3193b03bab1bc31716f1268177203e
Debian Security Advisory 4482-1
Posted Jul 15, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4482-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery.

tags | advisory, denial of service, arbitrary, spoof, xss, info disclosure, csrf
systems | linux, debian
advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717, CVE-2019-11730, CVE-2019-9811
MD5 | 98a6d07eeef8d662beb2fa0f236cb9d3
Ubuntu Security Notice USN-4055-1
Posted Jul 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4055-1 - Mike Salvatore discovered that FlightCrew improperly handled certain malformed EPUB files. An attacker could potentially use this vulnerability to cause a denial of service. Mike Salvatore discovered that FlightCrew mishandled certain malformed EPUB files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Mike Salvatore discovered that the version of Zipios included in FlightCrew mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13032, CVE-2019-13241, CVE-2019-13453
MD5 | 797b140c1d1b3f14e7a806b02c5bfedb
Red Hat Security Advisory 2019-1774-01
Posted Jul 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1774-01 - Vim is an updated and improved version of the vi editor. An arbitrary command execution vulnerability has been addressed.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2019-12735
MD5 | 1317e257c8088f1778bfcb6c002f50eb
Ubuntu Security Notice USN-4054-1
Posted Jul 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4054-1 - A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass same origin restrictions, conduct cross-site scripting attacks, conduct cross-site request forgery attacks, spoof origin attributes, spoof the addressbar contents, bypass safebrowsing protections, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, xss, csrf
systems | linux, ubuntu
advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, CVE-2019-11719, CVE-2019-11720, CVE-2019-11721, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, CVE-2019-11729, CVE-2019-11730, CVE-2019-9811
MD5 | 8ea6959ed7ac020d5ddd786544d68258
Xymon useradm Command Execution
Posted Jul 12, 2019
Authored by Brendan Coles, Markus Krell | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Xymon versions before 4.3.25 which allows authenticated users to execute arbitrary operating system commands as the web server user. When adding a new user to the system via the web interface with useradm.sh, the user's username and password are passed to htpasswd in a call to system() without validation. This module has been tested successfully on Xymon version 4.3.10 on Debian 6.

tags | exploit, web, arbitrary
systems | linux, debian
advisories | CVE-2016-2056
MD5 | 5d1fdb4c7a1abc1fbc3c13a84a4a2eef
Debian Security Advisory 4480-1
Posted Jul 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4480-1 - Multiple vulnerabilities were discovered in the HyperLogLog implementation of Redis, a persistent key-value database, which could result in denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2019-10192, CVE-2019-10193
MD5 | e5f6048460ebffda11af0a60dbde63a3
Debian Security Advisory 4479-1
Posted Jul 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4479-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery.

tags | advisory, web, denial of service, arbitrary, spoof, xss, info disclosure, csrf
systems | linux, debian
advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717, CVE-2019-11719, CVE-2019-11729, CVE-2019-11730, CVE-2019-9811
MD5 | 1e90e6a1c90fc8275f2fadb11f5d1fc8
Red Hat Security Advisory 2019-1762-01
Posted Jul 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1762-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An arbitrary file read/execution vulnerability was addressed.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2019-10161, CVE-2019-10166, CVE-2019-10167, CVE-2019-10168
MD5 | e0b1a1c7d0875a0dcb56e2bf48d61d44
Debian Security Advisory 4478-1
Posted Jul 11, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4478-1 - Two vulnerabilities were discovered in the DOSBox emulator, which could result in the execution of arbitrary code on the host running DOSBox when running a malicious executable in the emulator.

tags | advisory, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2019-12594, CVE-2019-7165
MD5 | d2099dfe1b04d9593f8a45054f2331dd
Ubuntu Security Notice USN-4051-2
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4051-2 - USN-4051-1 fixed a vulnerability in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-7307
MD5 | 733b6aa2acd3d9fb477fc75c12b7e718
Ubuntu Security Notice USN-4051-1
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4051-1 - Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-7307
MD5 | 23144505a813252b7919bf5f1a86185f
Debian Security Advisory 4477-1
Posted Jul 8, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4477-1 - Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE encryption/authentication enabled, can take advantage of this flaw to cause a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel
systems | linux, debian
advisories | CVE-2019-13132
MD5 | 0975c0781cc125d9675f4d734f053aab
Ubuntu Security Notice USN-4050-1
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4050-1 - It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13132
MD5 | 4d685491f2c5137cd9958f8dbcb03095
Ubuntu Security Notice USN-4048-1
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4048-1 - Aleksa Sarai discovered that Docker was vulnerable to a directory traversal attack. An attacker could use this vulnerability to read and write arbitrary files on the host filesystem as root.

tags | advisory, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2018-15664
MD5 | 871c67e67ab749e19e22393b83603276
Cisco Data Center Network Manager 11.1(1) Remote Code Execution
Posted Jul 8, 2019
Authored by Pedro Ribeiro

Cisco Data Center Network Manager (DCNM) versions 11.1(1) and below suffer from authentication bypass, arbitrary file upload, arbitrary file download, and information disclosure vulnerabilities.

tags | exploit, arbitrary, vulnerability, info disclosure, file upload
systems | cisco
advisories | CVE-2019-1619, CVE-2019-1620, CVE-2019-1621, CVE-2019-1622
MD5 | 2bd84aa0b859d4eb5b1a69ff91efea19
Ubuntu Security Notice USN-4047-1
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4047-1 - Matthias Gerstner and Ján Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitrary files, or execute arbitrary binaries. In the default installation, attackers would be isolated by the libvirt AppArmor profile.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-10161
MD5 | 958c7958a85b06e378fab329bef5e1ea
Ubuntu Security Notice USN-4046-1
Posted Jul 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4046-1 - It was discovered that Irssi incorrectly handled certain disconnections. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. It was discovered that Irssi incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-7054, CVE-2019-13045
MD5 | 1dfe43f222e448ed9f244002ac7dbb22
Ubuntu Security Notice USN-4038-4
Posted Jul 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4038-4 - USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regression causing bzip2 to incorrect raises CRC errors for some files. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
MD5 | d260322e9cd039be6d169d4bf7459ec9
Ubuntu Security Notice USN-4038-3
Posted Jul 4, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4038-3 - USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regression causing bzip2 to incorrect raises CRC errors for some files. It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
MD5 | 66af3c08c662baf1ba782281363a0d52
Ubuntu Security Notice USN-4045-1
Posted Jul 2, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4045-1 - A type confusion bug was discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could exploit this by causing a denial of service, or executing arbitrary code. It was discovered that a sandboxed child process could open arbitrary web content in the parent process via the Prompt:Open IPC message. When combined with another vulnerability, an attacker could potentially exploit this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11707, CVE-2019-11708
MD5 | 9fa133151559c278017a960cc0132070
Red Hat Security Advisory 2019-1683-01
Posted Jul 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1683-01 - openstack-tripleo-common contains the python library for code common to the Red Hat OpenStack Platform director CLI and GUI. An issue existed where openstack-tripleo-common allowed running new amphorae based on arbitrary images.

tags | advisory, arbitrary, python
systems | linux, redhat
advisories | CVE-2019-3895
MD5 | 000b36778e35e0340bbc4cb0ca78a977
Page 1 of 548
Back12345Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close