what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 264 RSS Feed

Files

EMC Documentum eRoom Unverified Password Change
Posted Jan 31, 2017
Site emc.com

EMC Documentum eRoom includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions affected include 7.4.4 and 7.4.4 SP. Versions prior to 7.4.5 P04 and 7.5.0 P01 are also affected.

tags | advisory
advisories | CVE-2017-2766
SHA-256 | e835023b15095c92be0207b2036c81225742f33b18d6c5ba2baf30034498536c
Revive Adserver 4.0.0 XSS / Deserialization / Session Fixation
Posted Jan 31, 2017
Authored by Matteo Beccati

Revive Adserver versions 4.0.0 and below suffer from cross site scripting, session fixation, and deserialization of untrusted data vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 49fc47c53b039e7dd7aa51c531ed2ea56ab25e997650a7d59f9e2c32e722f087
HPE Security Bulletin HPESBMU03701 1
Posted Jan 31, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBMU03701 1 - A potential vulnerability has been identified in HPE Smart Storage Administrator. The vulnerability could remotely be exploited to allow execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2016-8523
SHA-256 | 389f47122d3d84da0c8406651485468f4b6e77a77a96f6b2064f6ed76dcf6148
Gentoo Linux Security Advisory 201701-77
Posted Jan 31, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-77 - A vulnerability in Ansible may allow rogue clients to execute commands on the Ansible controller. Versions less than 2.1.4.0_rc3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-9587
SHA-256 | 2cb237a335974f57ee8379fa18610f2a02590df401548e2efc9bc897e132ba96
Red Hat Security Advisory 2017-0215-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0215-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.

tags | advisory, remote, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-7117
SHA-256 | 9773caf065be9c5f7c1b57330e6aebc627b8f3c6632b045a8257a108b8da6d9d
Red Hat Security Advisory 2017-0216-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0216-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.

tags | advisory, remote, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-7117
SHA-256 | c186c3b266a35ae94614ffd7a976f4b1e2eb276249557cbb40ab3439fcd12aae
Red Hat Security Advisory 2017-0217-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0217-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.

tags | advisory, remote, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-2847, CVE-2016-7117
SHA-256 | 0f04199e8b96f3c0ef49b41aa0b81c70b56ac8c4e9e510b9a19ddf9c1b0c225a
Gentoo Linux Security Advisory 201701-76
Posted Jan 31, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-76 - Multiple vulnerabilities have been found in HarfBuzz, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.6 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-8947, CVE-2016-2052
SHA-256 | c4c43fcf2857f96ff6e6e6c393e86dcc4e8f80c56171ed36cf7a530c3cb25994
Red Hat Security Advisory 2017-0214-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0214-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
SHA-256 | f4f50df16590df135e030cf35334e92ba1f77e66d0e7be3a8b1762fff8cdb46e
Red Hat Security Advisory 2017-0212-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0212-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
SHA-256 | b998263bac801bdf05507dd054133c1c0a715741d1d2f96c11ded4a4c365f07b
Red Hat Security Advisory 2017-0211-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0211-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
SHA-256 | cbd1b0894feca5060b35372d9de8469d1a1ab60046d7d13765e6cb15c5f5c95a
Red Hat Security Advisory 2017-0213-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0213-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
SHA-256 | b2641d56ba15d1ad8f1fb0ac80fb12918d10204de071e367093ddb8886171dc5
Libarchive 3.2.2 lha_read_file_header_1() Denial Of Service
Posted Jan 31, 2017
Authored by Jakub Jirasek | Site secunia.com

Secunia Research has discovered a vulnerability in libarchive, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "lha_read_file_header_1()" function (archive_read_support_format_lha.c), which can be exploited to trigger an out-of-bounds read memory access via a specially crafted archive. The vulnerability is confirmed in version 3.2.2. Other versions may also be affected.

tags | advisory, denial of service
advisories | CVE-2017-5601
SHA-256 | aa2df6dcc8af97d089cfa8e980271155e3918baf57560ac35d78aea7e00ccc4b
Hacking Printers Advisory 6
Posted Jan 31, 2017
Authored by Jens Mueller

This post is about putting printers out of their misery and destroying the NVRAM through ordinary print jobs.

tags | advisory
SHA-256 | e2cd86b8adc6667167b8f7b8f181989c96fee30d127929b13743dc8b7d1e5967
Hacking Printers Advisory 5
Posted Jan 31, 2017
Authored by Jens Mueller

This post is about resetting a printer to factory defaults through ordinary print jobs, therefore bypassing all protection mechanisms like user-set passwords.

tags | advisory
SHA-256 | c0d3ac08f94bc071adf9e63784f30829f42fad0694c4e352f9eb78b9c01cd3f8
Hacking Printers Advisory 4
Posted Jan 31, 2017
Authored by Jens Mueller

This post is about buffer overflows in a printer's LPD daemon and PJL interpreter which leads to denial of service or potentially even to code execution. Multiple printers are affected.

tags | advisory, denial of service, overflow, code execution
SHA-256 | ed3f781546ee705d1385f6e94873f6738e66f693d3e7c6ffb379426cacaefa6b
Heimdal Security DLL Hijacking
Posted Jan 31, 2017
Authored by Stefan Kanthak

Heimdal Security's SetupLauncher is vulnerable to DLL hijacking.

tags | advisory
systems | windows
SHA-256 | 943d15090aa9969816c66d337a95a511ef46089ce4b7786320fe7e66d6aa41c9
Hacking Printers Advisory 3
Posted Jan 31, 2017
Authored by Jens Mueller

This post is about abusing Brother's proprietary PJL extensions to dump the printers NVRAM and gain access to interesting stuff like passwords.

tags | advisory
SHA-256 | 64ec02b37690bb546138e1297152bd405cb48e04234c442b4a8aec0a22fd3850
Ubiquiti Networks Cross Site Scripting / Cross Site Request Forgery
Posted Jan 31, 2017
Authored by T. Weber | Site sec-consult.com

Multiple Ubiquiti Networks products, e.g. TS-16-CARRIER, TS-5-POE, TS-8-PRO, AG-HP-2G16, AG-HP-2G20, AG-HP-5G23, AG-HP-5G27, AirGrid M, AirGrid M2, AirGrid M5, AR, AR-HP, BM2HP, BM2-Ti, BM5HP, BM5-Ti, LiteStation M5, locoM2, locoM5, locoM9, M2, M3, M365, M5, M900, NB-2G18, NB-5G22, NB-5G25, NBM3, NBM365, NBM9, NSM2, NSM3, NSM365, NSM5, PBM10, PBM3, PBM365, PBM5, PICOM2HP, Power AP N, PicoStation2, and PicoStation2HP, suffer from cross site request forgery and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 4a2988f01c967e7566bb9ea5bcb29f14c63cd7b2d4a3c1dd2838ed0d41bb2f69
Debian Security Advisory 3773-1
Posted Jan 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3773-1 - Several vulnerabilities were discovered in OpenSSL.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-7056, CVE-2016-8610, CVE-2017-3731
SHA-256 | 01bd6a88895c0b06c9b01d6c418869bc5ad658b8207b7d6490fcf993610bde45
Gentoo Linux Security Advisory 201701-75
Posted Jan 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-75 - Multiple vulnerabilities have been found in Perl, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 5.22.3_rc4 are affected.

tags | advisory, remote, arbitrary, perl, vulnerability
systems | linux, gentoo
advisories | CVE-2015-8607, CVE-2015-8853, CVE-2016-1238, CVE-2016-2381, CVE-2016-6185
SHA-256 | cdd279034985732a13fb92530da2b6d854d1f02cd93718b3a52824aa2a52f265
Gentoo Linux Security Advisory 201701-74
Posted Jan 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-74 - A null pointer dereference in libpng might allow remote attackers to execute arbitrary code. Versions less than 1.6.27 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2016-10087
SHA-256 | fec2b100230e5daf7b9607b673fd4f0979935e8cb9be848a14b124c44fa09039
Gentoo Linux Security Advisory 201701-73
Posted Jan 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-73 - Multiple vulnerabilities have been discovered in SQUASHFS, the worst of which may allow execution of arbitrary code. Versions less than 4.3-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-4645, CVE-2015-4646
SHA-256 | 51d90b5ad7aea88d09829959fb2b0c242de7ea7ebeb8c6c78c6752780ed42d8f
Gentoo Linux Security Advisory 201701-72
Posted Jan 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-72 - An integer overflow in libXpm might allow remote attackers to execute arbitrary code or cause a Denial of Service Condition. Versions less than 3.5.12 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2016-10164
SHA-256 | 8a2fadd8b7a6caeb148437403351410b082712ed4fb4b75fb40f3413d8fe4d69
Gentoo Linux Security Advisory 201701-71
Posted Jan 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-71 - Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 2.8.10 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2016-7122, CVE-2016-7450, CVE-2016-7502, CVE-2016-7555, CVE-2016-7562, CVE-2016-7785, CVE-2016-7905
SHA-256 | 4eae4002ea3e8b2494743560c62012ead3425cd69a1fd8c641207e7b38a524ed
Page 1 of 11
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Sam Bankman-Fried's Sentencing Hearing Over FTX Fraud Begins Today
Posted Mar 28, 2024

tags | headline, fraud, cryptography
Sellafield To Be Prosecuted For IT Security Offenses
Posted Mar 28, 2024

tags | headline, government, britain, flaw
These 17,000 Microsoft Exchange Servers Are A Ticking Time Bomb
Posted Mar 28, 2024

tags | headline, microsoft, email, flaw
Analyse, Hunt, And Classify Malware Using .NET Metadata
Posted Mar 27, 2024

tags | headline, hacker, malware, microsoft
VPN Apps On Google Play Turn Android Devices Into Proxies
Posted Mar 27, 2024

tags | headline, privacy, phone, flaw, google
Fortinet FortiClient EMS SQL Injection Flaw Exploited In The Wild
Posted Mar 27, 2024

tags | headline, hacker, flaw
Google Reveals 0-Day Exploits In Enterprise Tech Surged 64% Last Year
Posted Mar 27, 2024

tags | headline, flaw, google, zero day
Ray AI Framework Vulnerability Exploited To Hack Hundreds Of Clusters
Posted Mar 27, 2024

tags | headline, hacker, flaw
Justice Dept Indicts 7 Accused In 14 Year Long Hack Campaign By Chinese Government
Posted Mar 26, 2024

tags | headline, hacker, government, usa, china, cyberwar, spyware, backdoor
Ransomware Can Mean Life Or Death At Hospital, But DEF CON Hackers Have A Plan
Posted Mar 26, 2024

tags | headline, hacker, malware, conference, cryptography
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close