exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2019-09-16 to 2019-09-17

LastPass Credential Leak From Previous Site
Posted Sep 16, 2019
Authored by Tavis Ormandy, Google Security Research

LastPass suffers from an issue where bypassing do_popupregister() leaks credentials from the previous site.

tags | exploit
SHA-256 | e91aef0b7b7de488bc6fb1b7167218cb57d0484b98f8e1376f39b3cadbd7f574
Ubuntu Security Notice USN-4124-2
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4124-2 - USN-4124-1 fixed a vulnerability in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-15846
SHA-256 | 71d8e06b2c0c4cae4eecb4ffbda30d10eebc44079e9ff99b08f2472331d3317f
Debian Security Advisory 4523-1
Posted Sep 16, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4523-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, information disclosure and a covert content attack on S/MIME encryption using a crafted multipart/alternative message.

tags | advisory, arbitrary, xss, info disclosure
systems | linux, debian
advisories | CVE-2019-11739, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752
SHA-256 | 967040fbd9171f3b407f3ab9a0be62a4592c18053d4ec0a0f46e543fc5f9373f
Inteno IOPSYS Gateway 3DES Key Extraction Improper Access
Posted Sep 16, 2019
Authored by Gerard Fuguet

Inteno EG200 routers with firmware versions EG200-WU7P1U_ADAMO3.16.4-190226_1650 and below have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP.

tags | exploit, web
advisories | CVE-2019-13140
SHA-256 | 39f36f4b6db5a31b0de8f71b6618765de1c62790a395b11e89b90ba6c5ca5670
Red Hat Security Advisory 2019-2774-01
Posted Sep 16, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2774-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-11739, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752
SHA-256 | 3c16fc4cc180d6fe147e9d65f595a3f31a52151e992d0e5d130ce3cae1e23e6d
Ubuntu Security Notice USN-4134-1
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4134-1 - Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-14822
SHA-256 | ed92e9e046984937207054328dcbba793eb2ef62bdf1c54b81a17f9db3ef13c2
docPrint Pro 8.0 SEH Buffer Overflow
Posted Sep 16, 2019
Authored by Connor McGarr

docPrint Pro version 8.0 suffers from a SEH buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 1e614fb447afd0b36c2e12b10f63bf118d4cfc22467707b5d7072f5e0ac8217e
Ubuntu Security Notice USN-4133-1
Posted Sep 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4133-1 - It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.

tags | advisory, remote, local
systems | linux, ubuntu
advisories | CVE-2019-12295
SHA-256 | 9c9c4741019601e94212dc80ac960db60e2bddb1eb957b1ccec83ee8da1600cd
Debian Security Advisory 4522-1
Posted Sep 16, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4522-1 - Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-19502, CVE-2018-19503, CVE-2018-19504, CVE-2018-20194, CVE-2018-20195, CVE-2018-20197, CVE-2018-20198, CVE-2018-20357, CVE-2018-20358, CVE-2018-20359, CVE-2018-20361, CVE-2018-20362, CVE-2019-15296
SHA-256 | 33b9fccecf4353ae4a2b83a59bf84ceb570c6f8ad53dd6dfc6f568c4274c84e3
AppXSvc 17763.1.amd64fre.rs5_release.180914-1434 Privilege Escalation
Posted Sep 16, 2019
Authored by Gabor Seljan

AppXSvc version 17763.1.amd64fre.rs5_release.180914-1434 suffers from an arbitrary file security descriptor overwrite privilege escalation vulnerability.

tags | exploit, arbitrary
advisories | CVE-2019-1253
SHA-256 | f49c3a4798f6de0b0e932407bc8aae3873282516c62cce9782739f11c9e278a0
Master Data Online Cross Site Request Forgery / Data Tampering
Posted Sep 16, 2019
Authored by Prithwish Pal

Master Data Online suffers from a cross site request forgery vulnerability that allows for data tampering.

tags | exploit, csrf
advisories | CVE-2018-17789
SHA-256 | 44c88779610ebd4f3d5c4f4e62acdbc7a81948f558f8ae470f6da5b266509b54
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close