what you don't know can hurt you
Showing 76 - 100 of 13,200 RSS Feed

Local Files

TOR Virtual Network Tunneling Tool 0.3.5.8
Posted Feb 22, 2019
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.5.8 backports several fixes from later releases, including fixes for an annoying SOCKS-parsing bug that affected users in earlier 0.3.5.x releases. It also includes a fix for a medium-severity security bug affecting Tor 0.3.2.1-alpha and later. All Tor instances running an affected release should upgrade to 0.3.3.12, 0.3.4.11, 0.3.5.8, or 0.4.0.2-alpha.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | e4b0feca80cc221ab235c9544851b146
Apple macOS 10.13.5 Local Privilege Escalation
Posted Feb 20, 2019
Authored by Synacktiv

Apple macOS version 10.13.5 local privilege escalation exploit.

tags | exploit, local
systems | apple
advisories | CVE-2018-4193
MD5 | 4fb63a016edb0c0b8a0cfef904b84b6e
Social Bookmarking Software 1.2.3 Local File Inclusion
Posted Feb 20, 2019
Authored by Mr Winst0n

Social Bookmarking Software version 1.2.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 72101fb7a6446f6e2f1eb53d5d415aac
Ubuntu Security Notice USN-3891-1
Posted Feb 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3891-1 - It was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init process, resulting in a system denial-of-service.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-6454
MD5 | 347d92e04f1ac6e5d4a305700cc98d16
Ubuntu Security Notice USN-3850-2
Posted Feb 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3850-2 - USN-3850-1 fixed several vulnerabilities in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0495, CVE-2018-12384, CVE-2018-12404
MD5 | 550bd66bfce61ba6685d7549da716d49
Realterm Serial Termianl 2.0.0.70 Buffer Overflow
Posted Feb 18, 2019
Authored by Alejandra Sanchez

Realterm Serial Terminal version 2.0.0.70 local buffer overflow SEH exploit.

tags | exploit, overflow, local
MD5 | 6ae4e98f66359c8481538edfc7bd863a
snapd 2.37 (Ubuntu) dirty_sock Local Privilege Escalation
Posted Feb 13, 2019
Authored by Chris Moberly

This exploit bypasses access control checks to use a restricted API function (POST /v2/snaps) of the local snapd service. This allows the installation of arbitrary snaps. Snaps in "devmode" bypass the sandbox and may include an "install hook" that is run in the context of root at install time. dirty_sockv2 leverages the vulnerability to install an empty "devmode" snap including a hook that adds a new user to the local system. This user will have permissions to execute sudo commands. As opposed to version one, this does not require the SSH service to be running. It will also work on newer versions of Ubuntu with no Internet connection at all, making it resilient to changes and effective in restricted environments. This exploit should also be effective on non-Ubuntu systems that have installed snapd but that do not support the "create-user" API due to incompatible Linux shell syntax. Some older Ubuntu systems (like 16.04) may not have the snapd components installed that are required for sideloading. If this is the case, this version of the exploit may trigger it to install those dependencies. During that installation, snapd may upgrade itself to a non-vulnerable version. Testing shows that the exploit is still successful in this scenario. This is the second of two proof of concepts related to this issue. Versions below 2.37.1 are affected.

tags | exploit, arbitrary, shell, local, root, proof of concept
systems | linux, ubuntu
advisories | CVE-2019-7304
MD5 | e9db49ddfa940a474a61af831e403fe3
snapd 2.37 (Ubuntu) dirty_sock Local Privilege Escalation
Posted Feb 13, 2019
Authored by Chris Moberly

This exploit bypasses access control checks to use a restricted API function (POST /v2/create-user) of the local snapd service. This queries the Ubuntu SSO for a username and public SSH key of a provided email address, and then creates a local user based on these value. Successful exploitation for this version requires an outbound Internet connection and an SSH service accessible via localhost. This is one of two proof of concepts related to this issue. Versions below 2.37.1 are affected.

tags | exploit, local, proof of concept
systems | linux, ubuntu
advisories | CVE-2019-7304
MD5 | 0dcbfdab6f37dbe3458ba63c7f68ffc7
Ubuntu Security Notice USN-3887-1
Posted Feb 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3887-1 - Chris Moberly discovered that snapd versions 2.28 through 2.37 incorrectly validated and parsed the remote socket address when performing access controls on its UNIX socket. A local attacker could use this to access privileged socket APIs and obtain administrator privileges. On Ubuntu systems with snaps installed, snapd typically will have already automatically refreshed itself to snapd 2.37.1 which is unaffected.

tags | advisory, remote, local
systems | linux, unix, ubuntu
advisories | CVE-2019-7304
MD5 | a039dec3039229db20b992fe7a5de40b
IP-Tools 2.5 Local Buffer Overflow
Posted Feb 11, 2019
Authored by Juan Prescotto

IP-Tools version 2.5 local buffer overflow SEH exploit with egghunter shellcode.

tags | exploit, overflow, local, shellcode
MD5 | 1ad1d336358344e3ffa93cd409c5f31b
River Past Cam Do 3.7.6 Local Buffer Overflow
Posted Feb 11, 2019
Authored by Achilles

River Past Cam Do version 3.7.6 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
MD5 | a6adf6e687f7f655b2df63a110d5b8a9
Avast Anti-Virus Local Credential Disclosure
Posted Feb 10, 2019
Authored by Nathu Nandwani

Avast Anti-Virus versions prior to 19.1.2360 suffer from a local credential disclosure vulnerability.

tags | exploit, local, virus, info disclosure
advisories | CVE-2018-12572
MD5 | 6a58a9fbc1191c3c96c7392d2ff2ddc0
Ubuntu Security Notice USN-3878-2
Posted Feb 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3878-2 - It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information. Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use. A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-14625, CVE-2018-16882, CVE-2018-19407, CVE-2018-19854
MD5 | d8dbdd1eab453e97381b6d1a7b1e34a7
FreeBSD Security Advisory - FreeBSD-SA-19:02.fd
Posted Feb 6, 2019
Authored by Peter Holm | Site security.freebsd.org

FreeBSD Security Advisory - FreeBSD 12.0 attempts to handle the case where the receiving process does not provide a sufficiently large buffer for an incoming control message containing rights. In particular, to avoid leaking the corresponding descriptors into the receiving process' descriptor table, the kernel handles the truncation case by closing descriptors referenced by the discarded message. The code which performs this operation failed to release a reference obtained on the file corresponding to a received right. This bug can be used to cause the reference counter to wrap around and free the file structure. A local user can exploit the bug to gain root privileges or escape from a jail.

tags | advisory, kernel, local, root
systems | freebsd
advisories | CVE-2019-5596
MD5 | d2a5625f6a6acebfab7130396aaad041
Dell EMC VNX2 Family OS Command Injection
Posted Feb 5, 2019
Authored by Dell Product Security Incident Response Team | Site dellemc.com

VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1.9.236 contains OS command injection vulnerability. Due to inadequate restriction configured in sudoers, a local authenticated malicious user could potentially execute arbitrary OS commands as root by exploiting this vulnerability.

tags | advisory, arbitrary, local, root
advisories | CVE-2019-3704
MD5 | 8b2011fd3b0539d810ad80823308b682
Ubuntu Security Notice USN-3880-1
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3880-1 - It was discovered that the CIFS client implementation in the Linux kernel did not properly handle setup negotiation during session recovery, leading to a NULL pointer exception. An attacker could use this to create a malicious CIFS server that caused a denial of service. Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-1066, CVE-2018-17972, CVE-2018-18281, CVE-2018-9568
MD5 | 2df3c39651f380c1654b491a60d6c979
Ubuntu Security Notice USN-3879-1
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3879-1 - Wen Xu discovered that the ext4 file system implementation in the Linux kernel could possibly perform an out of bounds write when updating the journal for an inline file. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. Vasily Averin and Pavel Tikhomirov discovered that the cleancache subsystem of the Linux kernel did not properly initialize new files in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-10883, CVE-2018-16862, CVE-2018-19407, CVE-2018-19824, CVE-2018-20169
MD5 | de715ed77a7448afa809105bbb07f753
Ubuntu Security Notice USN-3878-1
Posted Feb 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3878-1 - It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information. Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use. A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-14625, CVE-2018-16882, CVE-2018-19407, CVE-2018-19854
MD5 | 9e099e4ba51ada496ad8b339ee89b49c
SureMDM Local / Remote File Inclusion
Posted Feb 2, 2019
Authored by Digital Interruption

SureMDM versions prior to the 2018-11 Patch suffers from local and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
advisories | CVE-2018-15657
MD5 | 728be3615f19e47ef2386381a986f217
Red Hat Security Advisory 2019-0232-01
Posted Feb 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0232-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Issues addressed include an off-by-one error.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2019-3813
MD5 | 6bd2c72e10e34603f44739b69e3975a7
Ubuntu Security Notice USN-3874-1
Posted Jan 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3874-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, gain additional privileges by escaping the sandbox, or execute arbitrary code. It was discovered that Firefox allowed PAC files to specify that requests to localhost are sent through the proxy to another server. If proxy auto-detection is enabled, an attacker could potentially exploit this to conduct attacks on local services and tools. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-18500, CVE-2018-18504, CVE-2018-18505, CVE-2018-18506
MD5 | 0610de62126292ee797c34a48f213f8a
UltraISO 9.7.1.3519 Local Buffer Overflow
Posted Jan 31, 2019
Authored by Dino Covotsos

UltraISO version 9.7.1.3519 local buffer overflow SEH exploit.

tags | exploit, overflow, local
MD5 | 512360df20036a97f88a8885e86b6458
R i386 3.5.0 Local Buffer Overflow
Posted Jan 31, 2019
Authored by Dino Covotsos

R i386 version 3.5.0 local buffer overflow SEH exploit.

tags | exploit, overflow, local
MD5 | 81980ebf65142d09fc37ca92c273f598
10-Strike Network Inventory Explorer 8.54 Local Buffer Overflow
Posted Jan 30, 2019
Authored by bzyo

10-Strike Network Inventory Explorer version 8.54 local buffer overflow SEH exploit with DEP bypass.

tags | exploit, overflow, local
MD5 | 20b3a3086a4b524a3b049f7bd22374fd
Ubuntu Security Notice USN-3872-1
Posted Jan 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3872-1 - It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information. Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use. A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-14625, CVE-2018-16882, CVE-2018-19407, CVE-2018-19854
MD5 | 29c83776d4d06ad3285e2083d9bd1ec5
Page 4 of 528
Back23456Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    12 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    16 Files
  • 22
    May 22nd
    13 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close