exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 143 RSS Feed

Files

Apache Tomcat 7.x / 8.x / 9.x Information Disclosure
Posted Apr 10, 2017
Authored by Mark Thomas | Site tomcat.apache.org

While investigating bug 60718, it was noticed that some calls to application listeners did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby access and/or modify information associated with another web application. Apache Tomcat versions 7.0.0 through 7.0.75, 8.0.0.RC1 through 8.0.41, 8.5.0 through 8.5.11, and 9.0.0.M1 through 9.0.0.M17 are affected.

tags | advisory, web
advisories | CVE-2017-5648
SHA-256 | 193ab6114148905ba8825ba1b184c06507caac43be27d616db0d37daee7cc903
Apache Tomcat 8.x / 9.x Refactoring Information Disclosure
Posted Apr 10, 2017
Authored by Mark Thomas | Site tomcat.apache.org

The refactoring of the HTTP connectors for 8.5.x onwards, introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up. Apache Tomcat versions 8.5.0 through 8.5.12 and 9.0.0.M1 through 9.0.0.M18 are affected.

tags | advisory, web
advisories | CVE-2017-5651
SHA-256 | 9e9a2ed68a0484d3c5eedcf6b96e3c1f556c0d256bfd0937b7b5acc81297e9ef
WebKit Focus Event UXSS
Posted Apr 10, 2017
Authored by Google Security Research, lokihardt

WebKit suffers from a cross site scripting vulnerability via a focus event and a link element.

tags | advisory, xss
advisories | CVE-2017-2479
SHA-256 | 150fd73a684ece855490a6f6c898fd1b32492efd3abf6b355ecf7177e77dc76a
Broadcom bcmdhd Memory Corruption
Posted Apr 9, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from multiple memory corruption vulnerabilities in bcmdhd when handling WLFC information.

tags | advisory, vulnerability
advisories | CVE-2017-0571
SHA-256 | f5a58cf7ae8276a39860c6aea58e0dbe45912d3449e817de2e068153129564d2
Broadcom wl_iw_get_essid Heap Overflow
Posted Apr 9, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from a heap overflow vulnerability in wl_iw_get_essid when handling WLC_GET_SSID ioctl results.

tags | advisory, overflow
advisories | CVE-2017-0570
SHA-256 | 290d4f4b7d8973357ff913a822be18104af998be5b4d71d3585dfee6d09af6eb
Broadcom wl_run_escan Heap Overflow
Posted Apr 9, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from a heap overflow vulnerability in wl_run_escan when handling WLC_GET_VALID_CHANNELS ioctl results.

tags | advisory, overflow
advisories | CVE-2017-0568
SHA-256 | 291dbbd1b6fa1f4bb1ac9db10257990a591040ae6e962893e5de0d5929b8dab6
Broadcom dhd_pno_process_anqpo_result Memory Corruption
Posted Apr 9, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from multiple memory corruption vulnerabilities in dhd_pno_process_anqpo_result.

tags | advisory, vulnerability
advisories | CVE-2017-0572
SHA-256 | b0689c637971f9d92016ed6cc9a06cc2bde2eac581f326162630e2243388a994
Broadcom 802.11r Buffer Overflow
Posted Apr 9, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from a stack buffer overflow vulnerability when handling 802.11r (FT) authentication responses.

tags | advisory, overflow
advisories | CVE-2017-6975
SHA-256 | d2ef0e83678dbf66b678140acdb0c0d53f11b0be952be36eeb035b68cf4771c2
Debian Security Advisory 3827-1
Posted Apr 7, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3827-1 - Multiple vulnerabilities have been discovered in the JasPer library for processing JPEG-2000 images, which may result in denial of service or the execution of arbitrary code if a malformed image is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-10249, CVE-2016-10251, CVE-2016-9591
SHA-256 | 4170f85a10bcb8468b41aabc85e4629e67fb361a2d7f3f41e41a62a5cd16a152
Red Hat Security Advisory 2017-0867-03
Posted Apr 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0867-03 - In accordance with the Red Hat Virtualization 3.x Support Life Cycle Policy, support will end on September 30, 2017. Red Hat will not provide extended support for the Red Hat Virtualization Manager and Red Hat Virtualization Host.

tags | advisory
systems | linux, redhat
SHA-256 | f33b71aaa82828c0f92dc1dc044fbc3c7a4872a31e889767ee542be1189baa1c
HPE Security Bulletin HPESBGN03733 1
Posted Apr 7, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03733 1 - A potential security vulnerability in Jakarta Multipart parser in Apache Struts has been addressed in HPE Universal CMDB. This vulnerability could be remotely exploited to allow code execution via mishandled file upload. Revision 1 of this advisory.

tags | advisory, code execution, file upload
advisories | CVE-2017-5638
SHA-256 | 203b21286e8f35dd6f52eec0b3e4bbb43621d80d6ac0d878939de5e01acf4c15
Apache Ignite 1.8 XXE Injection
Posted Apr 7, 2017
Authored by Pierre Ernst

Apache Ignite versions 1.0.0-RC3 through 1.8 suffer from an arbitrary file read that can be leveraged due to an eXternal Xml Entity vulnerability.

tags | advisory, arbitrary, xxe
advisories | CVE-2016-6805
SHA-256 | 087495b3f9da905fb1b199761aceab54aedc4dac4fd57ad1a8752e7faefe80e4
Apple Security Advisory 2017-04-04-1
Posted Apr 6, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-04-04-1 - Apple Music 2.0 for Android is now available and addresses a certificate validation issue.

tags | advisory
systems | apple
advisories | CVE-2017-2387
SHA-256 | e2d4a49ec8aa12899165073f8d711b115f575439dfdded9070be8dcfe447ab51
Asterisk Project Security Advisory - AST-2017-001
Posted Apr 6, 2017
Authored by Kevin Harwell | Site asterisk.org

Asterisk Project Security Advisory - No size checking is done when setting the user field on a CDR. Thus, it is possible for someone to use an arbitrarily large string and write past the end of the user field storage buffer. This allows the possibility of remote code injection.

tags | advisory, remote
SHA-256 | 4f394dc143a808e8b1929549291dac026ba69e8dc9fd92c43b3dff47220e1290
VMU-C CSRF / XSS / Access Control
Posted Apr 6, 2017
Authored by Karn Ganeshen

The VMU-C webserver suffers from cross site request forgery, cross site scripting, access control, weak credential management, and insecure storage vulnerabilities. VMU-C EM prior to firmware Version A11_U05 and VMU-C PV prior to firmware Version A17 are affected.

tags | advisory, vulnerability, xss, info disclosure, csrf
advisories | CVE-2017-5144, CVE-2017-5145, CVE-2017-5146
SHA-256 | 1582c6722bcf37eb3cd5c16f529748ff9d4b17c5c7e4c15f8293942e38016191
LAquis SCADA 4.1 Access Control
Posted Apr 6, 2017
Authored by Karn Ganeshen

LAquis SCADA version 4.1 suffers from access control issues.

tags | advisory, bypass
advisories | CVE-2017-6016
SHA-256 | 86fbbd5516820667a46d0ba5ad09fd19f5f20c2b0184e3600ed71fd84482b636
DragonWave Horizon 1.01.03 Hardcoded Credentials
Posted Apr 6, 2017
Authored by Ian Ling

DragonWave Horizon version 1.01.03 suffers from having hardcoded credentials embedded in the device.

tags | advisory
SHA-256 | 07fb435be21a3d69e7b704cc6f1844bf8bd4a0b4dcbf64c0fbf09ed42effb437
Apple Music Android Application Man-In-The-Middle
Posted Apr 6, 2017
Authored by David Coomber

The Apple Music Android application (version 1.2.1 and below) does not validate the SSL certificate received when connecting to the mobile application login and payment servers.

tags | advisory
systems | apple
advisories | CVE-2017-2387
SHA-256 | 1422d48bcd8eed64fc465a014de8e359bdf5f4adb5d983d4dc5bc3f09063b2b3
Ubuntu Security Notice USN-3256-2
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3256-2 - USN-3256-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel for each of the respective prior Ubuntu LTS releases. Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-7308
SHA-256 | 0a024b3bf399c95b2aeecc68c98b80da26d74f0a716f244a4f7a58f6f4bc64cc
Ubuntu Security Notice USN-3256-1
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3256-1 - Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7308
SHA-256 | f4ca15580e67fd9476cb039ae24645bb0ce52d4a6c1d4964893c2575f2d9aa18
Red Hat Security Advisory 2017-0882-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0882-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | b674a25c203085102059e046eef50d9ddd2935f8aeff93d3a82c1b92766c6b11
Red Hat Security Advisory 2017-0880-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0880-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | b9bd3d751642aa95bc54de0d855132f51ca43ead478fb94dd12a4bd0281fe752
Red Hat Security Advisory 2017-0881-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0881-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | bea0b64f2a4443e4c40404ed6aad20164128fc2a0cfcfd3afbadce45566f9ffb
Red Hat Security Advisory 2017-0879-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0879-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | 9cf7b3d5d5e9c44892f94ab840b31ca88fb08221f05cbfb0fa79ca231c9666f2
Ubuntu Security Notice USN-3255-1
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3255-1 - It was discovered that LightDM incorrectly handled home directory creation for guest users. A local attacker could use this issue to gain ownership of arbitrary directory paths and possibly gain administrative privileges.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2017-7358
SHA-256 | e3c530aa3a6c8b4341919d114315f695cce907d048180f01f6fa591ffdad7621
Page 5 of 6
Back23456Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close