exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2019-11-18

cryptmount Filesystem Manager 5.3.2
Posted Nov 18, 2019
Authored by RW Penney | Site cryptmount.sourceforge.net

cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.

Changes: Refined handling of passwords in mudslinger testing script.
tags | tool, kernel, encryption
systems | linux, unix
SHA-256 | 0184f416bfa0798a5f633bf4c5fa22a6c699089323d8f1918e18463d16bda3b5
Windows Escalate UAC Protection Bypass
Posted Nov 18, 2019
Authored by enigma0x3, bwatters-r7 | Site metasploit.com

This Metasploit module will bypass Windows UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when Windows backup and restore is launched. It will spawn a second shell that has the UAC flag turned off. This module modifies a registry key, but cleans up the key once the payload has been invoked.

tags | exploit, shell, registry
systems | windows
SHA-256 | de0a15ebe9d1aa72ab9db25c4772fd3f14a7a703cd5073c7a99bb9586f47fa3f
Ubuntu Security Notice USN-4196-1
Posted Nov 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4196-1 - It was discovered that python-ecdsa incorrectly handled certain signatures. A remote attacker could possibly use this issue to cause python-ecdsa to generate unexpected exceptions, resulting in a denial of service. It was discovered that python-ecdsa incorrectly verified DER encoding in signatures. A remote attacker could use this issue to perform certain malleability attacks. Various other issues were also addressed.

tags | advisory, remote, denial of service, python
systems | linux, ubuntu
advisories | CVE-2019-14853, CVE-2019-14859
SHA-256 | df3c0bc39dca47dcbde3f1caaeadff93fa45d0af12fef8b8f71b9ecdf0cb2e6a
Centova Cast 3.2.11 Arbitrary File Download
Posted Nov 18, 2019
Authored by DroidU

Centova Cast versions 3.2.11 and below suffer from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
SHA-256 | b4d106e6294e376a5e9f28303e16e342d7aa2a0c7ef2fc3f1a24ebc66123add2
Debian Security Advisory 4571-1
Posted Nov 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4571-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-11755, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903
SHA-256 | d1da11dc68e0e483876a30896b2795e84ff6d0181f67e226306de8a7caa0ee6d
MobileGo 8.5.0 Insecure File Permissions
Posted Nov 18, 2019
Authored by ZwX

MobileGo version 8.5.0 suffers from an insecure file permission vulnerability.

tags | exploit
SHA-256 | 3867ec204da6bd340b5f0926aeda73bc36a33f78db5a6d46c83599b62fb46a8a
Red Hat Security Advisory 2019-3901-01
Posted Nov 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3901-01 - Red Hat OpenShift Application Runtimes provide an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Vert.x 3.8.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes linked to in the References section. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-10174, CVE-2019-12384, CVE-2019-14379, CVE-2019-16869, CVE-2019-16942
SHA-256 | c9c5b0746f972193f09651db45c773093205fbfb73353adb1d47b9b1d7e33ee4
Ubuntu Security Notice USN-4195-1
Posted Nov 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4195-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.18 in Ubuntu 19.10. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.28. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-2910, CVE-2019-2922, CVE-2019-2946, CVE-2019-2960, CVE-2019-2968, CVE-2019-2991, CVE-2019-3003, CVE-2019-3018
SHA-256 | c6e6302a850191e2b376ea6b239cea8a6a540fb0e90e3adaed0f6d9cc99afeb6
Debian Security Advisory 4570-1
Posted Nov 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4570-1 - A vulnerability was discovered in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker, allowing a malicious MQTT client to cause a denial of service (stack overflow and daemon crash), by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy.

tags | advisory, denial of service, overflow
systems | linux, debian
advisories | CVE-2019-11779
SHA-256 | d986565ac146d4431943d6e5b0086d43adfc651090b5a543d16d25256ca53920
nipper-ng 0.11.10 Remote Buffer Overflow
Posted Nov 18, 2019
Authored by Guy Levin

nipper-ng version 0.11.10 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
advisories | CVE-2019-17424
SHA-256 | 886dff6e932d01084e771908395b56124a7b0c657002bbb4c43a44d97278ad17
Red Hat Security Advisory 2019-3898-01
Posted Nov 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3898-01 - Libcomps is library for structure-like manipulation with content of comps XML files. Supports read/write XML file, structure modification. A use-after-free vulnerability was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3817
SHA-256 | 99a01ff2b8bdc19ab47886ea6c91b2ea18017a436f32e40e34cf3fb73fdc7858
TemaTres 3.0 Cross Site Scripting
Posted Nov 18, 2019
Authored by Pablo Santiago

TemaTres version 3.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-14343
SHA-256 | 6fbb522bb40fad54315b77a39321a9a24dc52f1e80ef3670bcb8e03f2e2baaa7
Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted Nov 18, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2019-0154, CVE-2019-0155, CVE-2019-11135
SHA-256 | b0861077df7672bf8522d660f4e5c42b02c096d660b906d7e0d199649daf727e
Foscam Video Management System 1.1.4.9 Denial Of Service
Posted Nov 18, 2019
Authored by chuyreds

Foscam Video Management System version 1.1.4.9 username denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 8e63f54a8786991850c7a5469e8612766ad3f89edc8c72d62ffba7efbd3940e3
XSSer Penetration Testing Tool 1.8-2
Posted Nov 18, 2019
Authored by psy | Site xsser.03c8.net

XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.

Changes: Ported to Python 3.x. Added anti-antixss firewall rules. Added requirements. Updated documentation and website.
tags | tool, scanner
systems | unix
SHA-256 | 4db2282f00ea2a5023d67512a87ebbd90ad26fa3ba4213dd4bbc01fcde913474
TemaTres 3.0 Cross Site Request Forgery
Posted Nov 18, 2019
Authored by Pablo Santiago

TemaTres version 3.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 408ad091dca69f3df8a0708da1fd8237ab74307022117bec085217d142968b7d
Debian Security Advisory 4569-1
Posted Nov 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4569-1 - Manfred Paul and Lukas Schauer reported that the .charkeys procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox.

tags | advisory
systems | linux, debian
advisories | CVE-2019-14869
SHA-256 | bbdc2afd872ceca391983d93c13437185b49088b9305b351976f9109a0048103
Crystal Live HTTP Server 6.01 Directory Traversal
Posted Nov 18, 2019
Authored by numan turle

Crystal Live HTTP Server version 6.01 suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
SHA-256 | a2124740820c2e0d6ff88759285feeb95e3df9273457fcc5ae7c11f03c6e5dd1
Red Hat Security Advisory 2019-3895-01
Posted Nov 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3895-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. A privilege escalation vulnerability was addressed.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2019-14287
SHA-256 | 54326c81e625f8456b17f6e9d75e4db03b6c48baa3d9c294b1b9ec55893ed414
Open Proficy HMI-SCADA 5.0.0.25920 Denial Of Service
Posted Nov 18, 2019
Authored by Luis Martinez

Open Proficy HMI-SCADA version 5.0.0.25920 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 4874a75715b6d9a8cfe15041b5586c58aa89e6542f56b15d403d5df51ca30048
Debian Security Advisory 4568-1
Posted Nov 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4568-1 - Rich Mirch discovered that the pg_ctlcluster script didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.

tags | advisory, local
systems | linux, debian
advisories | CVE-2019-3466
SHA-256 | b5b2dcccd4ee0a6aa05a18c307bcd6c98076fddc1eebb2a9e5e79f772a3b36fc
Lexmark Services Monitor 2.27.4.0.39 Directory Traversal
Posted Nov 18, 2019
Authored by Kevin Randall

Lexmark Services Monitor version 2.27.4.0.39 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2019-16758
SHA-256 | c53c0302aae4b649e7aeba4f2bef26ca8ef3a1e6b142720e59503967cffecdfd
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close