exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-01-07

Red Hat Security Advisory 2016-0013-01
Posted Jan 7, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0013-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. A vulnerability was discovered in the way OpenStack Compute networking handled security group updates; changes were not applied to already running VM instances. A remote attacker could use this flaw to access running VM instances.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2015-7713
SHA-256 | fcf160828cd160289cd554d2cc98fcd8df961d610849bde9ed000e779baa6a3d
Ubuntu Security Notice USN-2863-1
Posted Jan 7, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2863-1 - Karthikeyan Bhargavan and Gaetan Leurent discovered that OpenSSL incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2015-7575
SHA-256 | 94a3f50e35125a333662102506d570c802df7207bcc97fe5c838b1618c88fcdf
Red Hat Security Advisory 2016-0005-01
Posted Jan 7, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0005-01 - The rpcbind utility is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote attacker could possibly exploit this flaw to crash the rpcbind service by performing a series of UDP and TCP calls. All rpcbind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the rpcbind service is running, it will be automatically restarted after installing this update.

tags | advisory, remote, udp, tcp
systems | linux, redhat
advisories | CVE-2015-7236
SHA-256 | ba77d1ef8f14f6a9cc7ef813be30ad166ae7d317dfe5cfad13ef388020ea8b53
Serendipity 2.0.2 Cross Site Scripting
Posted Jan 7, 2016
Authored by Onur YILMAZ, Selcuk Miynat | Site netsparker.com

Serendipity version 2.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-8603
SHA-256 | e95b30729df1fe5b42e1dc59030dd9a7255c75aedc1da023499c18019c06d66b
OpenCart 2.1.0.1 Cross Site Scripting
Posted Jan 7, 2016
Authored by Onur YILMAZ, Ziyahan Albeniz | Site netsparker.com

OpenCart version 2.1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-4671
SHA-256 | be4592c9395d860112b8f4b1375f72eb230a7b5984f3c00b9ce788a9bce7ccc6
AVM FRITZ!Box: Buffer Overflow
Posted Jan 7, 2016
Site redteam-pentesting.de

RedTeam Pentesting discovered that several models of the AVM FRITZ!Box are vulnerable to a stack-based buffer overflow, which allows attackers to execute arbitrary code on the device. Versions prior to 6.30 are affected.

tags | exploit, overflow, arbitrary
SHA-256 | 228e71e3485b2cc97ccb9ddbef86d309e9fbac2497428d5179defa994f72604b
AVM FRITZ!Box: Arbitrary Code Execution Via Firmware Images
Posted Jan 7, 2016
Site redteam-pentesting.de

The firmware upgrade process of the FRITZ!Box 7490 is flawed. Specially crafted firmware images can overwrite critical files. Arbitrary code can get executed if an attempt is made to install such a manipulated firmware. Versions prior to 6.30 are affected.

tags | exploit, arbitrary
advisories | CVE-2014-8886
SHA-256 | 575a5202feb5cb4ff01e56570859e1e60b9ab855f5594241a51b4e330b92b5b4
ZoneAlarm DLL Hijacking
Posted Jan 7, 2016
Authored by Stefan Kanthak

ZoneAlarm installers suffer from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 3cf21572a66055de83c57f610ece78c8508a64444a975d3151ee4d6e2235852f
Emsisoft Anti Malware DLL Hijacking
Posted Jan 7, 2016
Authored by Stefan Kanthak

Emsisoft Anti Malware suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 73ae11a582480d884f45c68f80e0ef4fd1559ee05d36fa346ac9015d908de52c
ownCloud 8.2.1 / 8.1.4 / 8.0.9 Information Exposure
Posted Jan 7, 2016
Authored by Dr. Erlijn van Genuchten | Site syss.de

ownCloud versions 8.2.1 and below, 8.1.4 and below, and 8.0.9 and below suffer from an information exposure vulnerability via directory listings.

tags | exploit
advisories | CVE-2016-1499
SHA-256 | 2a03e49b47f5b92a36e0f7c8b25d095b6e9255abca3e8fe34b1f15409b04a89c
Ubuntu Security Notice USN-2862-1
Posted Jan 7, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2862-1 - It was discovered that Pygments incorrectly sanitized strings used to search system fonts. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-8557
SHA-256 | 558ac4dd2f79d1d7d79c08e19231c5dec5c45989e50d6cd770514b0f9ef9252e
HP Security Bulletin HPSBGN03530 1
Posted Jan 7, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03530 1 - A potential security vulnerability has been identified in HPE UCMDB Browser. The vulnerability could be exploited to allow remote disclosure of sensitive information and result in local unauthorized access. Note: This vulnerability only impacts customers using UCMDB browser. Revision 1 of this advisory.

tags | advisory, remote, local
advisories | CVE-2015-6862
SHA-256 | 62f31573feba619bf90d01d7cb439201723d4c68afd316e9bbd47bf7bcd5fdb1
Red Hat Security Advisory 2016-0004-01
Posted Jan 7, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0004-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-5307, CVE-2015-8104
SHA-256 | 7b6c1de75da65d611115bc77583ed4b8a46c10ea69c41a966860776907c7ffa6
WordPress Stanford Theme Cross Site Scripting
Posted Jan 7, 2016
Authored by Sha4yan

The WordPress Stanford theme suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b6ebd8b3e2371a264e06442e5602b62001924bd0dca16efb2961e677a1d53774
Ubuntu Security Notice USN-2861-1
Posted Jan 7, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2861-1 - It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program. Qixue Xiao and Chen Yu discovered that libpng incorrectly handled certain malformed images. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-8472, CVE-2015-8540
SHA-256 | 250edfc00fe008bf19be3780c5c89d17689a5a31fbb5f607cd428f829750e1fa
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close