Twenty Year Anniversary
Showing 1 - 9 of 9 RSS Feed

CVE-2016-1001

Status Candidate

Overview

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.

Related Files

Ubuntu Security Notice USN-3538-1
Posted Jan 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3538-1 - Jann Horn discovered that OpenSSH incorrectly loaded PKCS#11 modules from untrusted directories. A remote attacker could possibly use this issue to execute arbitrary PKCS#11 modules. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Jann Horn discovered that OpenSSH incorrectly handled permissions on Unix-domain sockets when privilege separation is disabled. A local attacker could possibly use this issue to gain privileges. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, arbitrary, local
systems | linux, unix, ubuntu
advisories | CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2017-15906
MD5 | b38f34db0e15c7e599d23d4349fda45d
Red Hat Security Advisory 2017-2029-01
Posted Aug 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2029-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. The following packages have been upgraded to a later upstream version: openssh. Security Fix: A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses.

tags | advisory, remote, protocol
systems | linux, redhat, unix
advisories | CVE-2016-10009, CVE-2016-10011, CVE-2016-10012, CVE-2016-6210, CVE-2016-6515
MD5 | 4f8a28af393580faadbb14af7cbc682c
Debian Security Advisory 3847-1
Posted May 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3847-1 - Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen hypervisor, which may lead to privilege escalation, guest-to-host breakout, denial of service or information leaks.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2016-10013, CVE-2016-10024, CVE-2016-9932, CVE-2017-7228
MD5 | 46b33a3c85b762ad3077f102ed02350f
Apple Security Advisory 2017-03-27-3
Posted Mar 27, 2017
Authored by Apple

Apple Security Advisory 2017-03-27-3 - macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite are now available and address multiple vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2016-0736, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10158, CVE-2016-10159, CVE-2016-10160, CVE-2016-10161, CVE-2016-2161, CVE-2016-3619, CVE-2016-5387, CVE-2016-5636, CVE-2016-7056, CVE-2016-7585, CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934
MD5 | 45c029714edb76f81d0476fe19cef9ef
FreeBSD Security Advisory - FreeBSD-SA-17:01.openssh
Posted Jan 11, 2017
Site security.freebsd.org

FreeBSD Security Advisory - The ssh-agent(1) agent supports loading a PKCS#11 module from outside a trusted whitelist. An attacker can request loading of a PKCS#11 module across forwarded agent-socket. When privilege separation is disabled, forwarded Unix domain sockets would be created by sshd(8) with the privileges of 'root' instead of the authenticated user. A remote attacker who have control of a forwarded agent-socket on a remote system and have the ability to write files on the system running ssh-agent(1) agent can run arbitrary code under the same user credential. Because the attacker must already have some control on both systems, it is relatively hard to exploit this vulnerability in a practical attack. When privilege separation is disabled (on FreeBSD, privilege separation is enabled by default and has to be explicitly disabled), an authenticated attacker can potentially gain root privileges on systems running OpenSSH server.

tags | advisory, remote, arbitrary, root
systems | unix, freebsd, bsd
advisories | CVE-2016-10009, CVE-2016-10010
MD5 | 2022ff5492e80b6bf9eb7f85b3d2016f
Slackware Security Advisory - openssh Updates
Posted Dec 25, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012
MD5 | b808cbcd3fb6f15ac5b37fa258c3bdf6
OpenSSH Local Privilege Escalation
Posted Dec 23, 2016
Authored by Jann Horn, Google Security Research

OpenSSH can forward TCP sockets and UNIX domain sockets. If privilege separation is disabled, then on the server side, the forwarding is handled by a child of sshd that has root privileges. For TCP server sockets, sshd explicitly checks whether an attempt is made to bind to a low port (below IPPORT_RESERVED) and, if so, requires the client to authenticate as root. However, for UNIX domain sockets, no such security measures are implemented. This means that, using "ssh -L", an attacker who is permitted to log in as a normal user over SSH can effectively connect to non-abstract unix domain sockets with root privileges. On systems that run systemd, this can for example be exploited by asking systemd to add an LD_PRELOAD environment variable for all following daemon launches and then asking it to restart cron or so. The attached exploit demonstrates this - if it is executed on a system with systemd where the user is allowed to ssh to his own account and where privsep is disabled, it yields a root shell.

tags | exploit, shell, root, tcp
systems | unix
advisories | CVE-2016-10010
MD5 | b93e78906a304aa126934a6c44a6999b
Adobe Flash Zlib Codec Heap Overflow
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

Adobe Flash has a heap overflow vulnerability in the Zlib codecs when playing flv files.

tags | exploit, overflow
systems | linux
advisories | CVE-2016-1001
MD5 | 23ce280b247644997dad3db0b091a591
Red Hat Security Advisory 2016-0438-01
Posted Mar 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0438-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010
MD5 | fa800c799aaa7a2496eb49680394bbd1
Page 1 of 1
Back1Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close