exploit the possibilities
Showing 1 - 5 of 5 RSS Feed

CVE-2017-1495

Status Candidate

Overview

IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a privileged user to cause a memory dump that could contain highly sensitive information including access credentials. IBM X-Force ID: 128693.

Related Files

HikVision Wi-Fi IP Camera Wireless Access Point State
Posted Nov 28, 2017
Authored by IOT Sec

HikVision Wi-Fi IP cameras come with a default SSID "davinci", with a setting of no WiFi encryption or authentication. Depending on the firmware version, there is no configuration option within the camera to turn off Wi-Fi. If a camera is deployed via wired ethernet, then the WiFi settings won't be adjusted, and a rogue AP with the SSID "davinci" can be associated to the camera to provide a new attack vector via WiFi to a wired network camera. Tested on firmware versions 5.3.0, 5.4.0, and 5.4.5 and model number DS-2CD2432F-IW.

tags | exploit
advisories | CVE-2017-14953
MD5 | 87464d23582bc4da4d3894ca7fc74bea
Ubuntu Security Notice USN-3487-1
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3487-1 - It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS. It was discovered that on the PowerPC architecture, the kernel did not properly sanitize the signal stack when handling sigreturn. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000255, CVE-2017-12153, CVE-2017-12154, CVE-2017-12188, CVE-2017-12190, CVE-2017-12192, CVE-2017-14156, CVE-2017-14489, CVE-2017-14954, CVE-2017-15265, CVE-2017-15537, CVE-2017-15649, CVE-2017-16525, CVE-2017-16526, CVE-2017-16527, CVE-2017-16529, CVE-2017-16530, CVE-2017-16531, CVE-2017-16533, CVE-2017-16534
MD5 | 7ad11b332e12a1efd657b9f496e49a87
Check_mk 1.2.8p25 save_users() Race Condition
Posted Oct 19, 2017
Authored by Julien Ahrens | Site rcesecurity.com

Check_mk versions 1.2.8p25 and below suffer from a save_users() race condition that leads to sensitive information disclosure.

tags | exploit, info disclosure
advisories | CVE-2017-14955
MD5 | 20c85c9a771f1de93e046c52df63537c
AlienVault USM 5.4.2 Cross Site Request Forgery
Posted Oct 14, 2017
Authored by Julien Ahrens | Site rcesecurity.com

AlienVault USM version 5.4.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-14956
MD5 | 6e771ba0baa2d865a2bac29ab5c0ceb6
IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass
Posted Sep 15, 2017
Authored by Samandeep Singh, Goh Zhi Hao, Mohammad Shah Bin Mohammad Esa | Site sec-consult.com

IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 (including Cloud version 11.5) suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities.

tags | exploit, vulnerability, xxe
advisories | CVE-2017-1383, CVE-2017-1467, CVE-2017-1468, CVE-2017-1495
MD5 | df508740935e04a74179d3725b5fea36
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    14 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close