exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2019-05-01

SQLMAP - Automatic SQL Injection Tool 1.3.5
Posted May 1, 2019
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: More drei updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
SHA-256 | 34c116f3de831ae3eab7216b933ca5a3dbb6a91af4970fb59db7465110018ff8
Ruby On Rails DoubleTap Development Mode secret_key_base Remote Code Execution
Posted May 1, 2019
Authored by sinn3r, mpgn, ooooooo_q | Site metasploit.com

This Metasploit module exploits a vulnerability in Ruby on Rails. In development mode, a Rails application would use its name as the secret_key_base, and can be easily extracted by visiting an invalid resource for a path. As a result, this allows a remote user to create and deliver a signed serialized payload, load it by the application, and gain remote code execution.

tags | exploit, remote, code execution, ruby
advisories | CVE-2019-5420
SHA-256 | c41bfe806c54e70143302c2e59ad47e1d40d583ed2206ee0b710112183f254cb
Ubuntu Security Notice USN-3962-1
Posted May 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3962-1 - It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-7317
SHA-256 | 052380ea1c71d02d8410070677e7a708f6a453a3153ccacfd6ed27ffef7d6d63
Winamp 5.12 Playlist (.pls) Buffer Overflow
Posted May 1, 2019
Authored by Daniele Votta

Winamp version 5.12 playlist (.pls) buffer overflow exploit with ASLR + EGGHUNT + REV_SHELL. Written in Python.

tags | exploit, overflow, python
SHA-256 | a9b323cb439cf09ca1e1857f96364155595651c7e4c96ab60eaf494596a801aa
Johnny You Are Fired
Posted May 1, 2019
Authored by Juraj Somorovsky, Jorg Schwenk, Sebastian Schinzel, Damian Poddebniak, Hanno Bock, Jens Muller, Marcus Brinkmann

This archive contains proof of concepts and a whitepaper that describes multiple email client implementations where popular clients for email are vulnerable to signature spoofing attacks.

tags | exploit, paper, spoof, proof of concept
advisories | CVE-2017-17848, CVE-2018-12019, CVE-2018-12020, CVE-2018-12356, CVE-2018-12556, CVE-2018-15586, CVE-2018-15587, CVE-2018-15588, CVE-2018-18509, CVE-2019-8338
SHA-256 | 3356c7f94ef68ddc7268602c64a93e10fbaff874992374b51f89d7cf87f71a0c
Red Hat Security Advisory 2019-0935-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0935-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include an incorrect validation of port settings.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10876, CVE-2019-9735
SHA-256 | 5aa4b505cc22226efc52429ece3e58253547fe929d4c14efc7848afbe66cac7b
Ubuntu Security Notice USN-3961-1
Posted May 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3961-1 - It was discovered that the Dovecot Submission login service incorrectly handled certain operations. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-11494
SHA-256 | cda6024b86947a39dfed42fa93c70134e44c20d09ea1b1fc88cb668427e16b2b
Red Hat Security Advisory 2019-0919-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0919-01 - OpenStack Telemetry collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents for data collection. This data is stored in a database and presented via the REST API. Issues include a sensitive data disclosure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-3830
SHA-256 | 2af0a459256b464603d9c95f7f9ca98d9fdf28445330d8b33c4422b6a85648a3
CentOS Web Panel Domain Field Cross Site Scripting
Posted May 1, 2019
Authored by DKM

CentOS Web Panel versions 0.9.8.793 (Free), 0.9.8.753 (Pro), and 0.9.8.807 (Pro) suffer from a domain field (Add DNS Zone) cross site scripting vulnerability.

tags | exploit, web, xss
systems | linux, centos
advisories | CVE-2019-11429
SHA-256 | ee3961407a160b37541218eebc898754276a429b1858ce385e94e5bb1c7f1e43
phpBB 3.2.5 Denial Of Service
Posted May 1, 2019
Authored by Colin Snover

phpBB versions 3.2.5 and below suffer from a native full text denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2019-9826
SHA-256 | 4ee52841db17fd7c232af9b9d30c29e77193d561dc0410ebc4083f7f11d0de3e
OpenSkos Simple Knowledge Organization System 2.0 File Disclosure
Posted May 1, 2019
Authored by KingSkrupellos

OpenSkos Simple Knowledge Organization System version 2.0 suffers from a database configuration file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 5ef4f816f3c5ac51cdef05783d25a8985e183e6007ec4d8f04c8c0c6d0a4f42b
Red Hat Security Advisory 2019-0916-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0916-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include an invalid port setting validation.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-9735
SHA-256 | 83d7a9bf73dee2a928a714298a2a1520b11b9dde5a517e98fd6ffb2fc31caefd
Sentrifugo Human Resource Management System 3.2 File Disclosure
Posted May 1, 2019
Authored by KingSkrupellos

Sentrifugo Human Resource Management System version 3.2 suffers from a database configuration file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | a70ca60105b27e9f8ad4a49d9a01cf33c820b2ae7510f8751c0dcd035348c038
MailCarrier 2.51 HELP Remote Buffer Overflow
Posted May 1, 2019
Authored by Vinaykumar Yennam, Dheepshika Raghunathan

MailCarrier version 2.51 HELP remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 402a6539e31dead80fb524b65b4da602f1a58f9e785b08cb3ca8960d8a4aedfa
Red Hat Security Advisory 2019-0917-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0917-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fibre Channel, iSCSI, and NFS mounts attached to Compute nodes. Issues addressed include a data retention issue post deletion.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2017-15139
SHA-256 | 8389d5203532c096873bc11f1579f2b21bcb6418c5f8183794ef2311ecac9d2e
Red Hat Security Advisory 2019-0911-01
Posted May 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0911-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-19039
SHA-256 | 1205438f653f2786d0c5e0c83873952d909dacf8a0deeb8df299a0423bfc58ac
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close