what you don't know can hurt you
Showing 1 - 24 of 24 RSS Feed

Files Date: 2015-09-23

Windows Kernel BGetRealizedBrush Use-After-Free
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a use-after-free vulnerability in BGetRealizedBrush.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2518
MD5 | 6c331efa6a0b0048a57ab86a21eb0424
iTop 2.1.0-2127 Cross Site Scripting
Posted Sep 23, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

iTop version 2.1.0-2127 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-6544
MD5 | 0e78c64ced78444af677131e0b9b9f29
Open-Xchange Server 6 / OX AppSuite Cross Site Scripting
Posted Sep 23, 2015
Authored by Martin Heiland

Open-Xchange Server 6 version 6.22.9 and AppSuite versions 7.6.2 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-5375
MD5 | 99dde2180ecb64791f723bcd32efcafa
w3tw0rk / Pitbul IRC Bot Remote Code Execution
Posted Sep 23, 2015
Authored by Jay Turla | Site metasploit.com

This Metasploit module allows remote command execution on the w3tw0rk / Pitbul IRC Bot.

tags | exploit, remote
MD5 | a348890e184faa2b20c7c612229a3932
Guard 2.0.0-rev7 SQL Injection
Posted Sep 23, 2015
Authored by Martin Heiland

Guard versions 2.0.0-rev7 and below suffer from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
advisories | CVE-2015-5703
MD5 | 7181ab5f46a2f86c4174378b16b57a6d
Slackware Security Advisory - mozilla-firefox Updates
Posted Sep 23, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 937de68ff8f851f786d5ad9351c7b535
Ubuntu Security Notice USN-2743-2
Posted Sep 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2743-2 - USN-2743-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-4502, CVE-2015-4504, CVE-2015-4506, CVE-2015-4507, CVE-2015-4508, CVE-2015-4509, CVE-2015-4510, CVE-2015-4512, CVE-2015-4516, CVE-2015-4519, CVE-2015-4520, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
MD5 | 92240ca5132a0f0a9921f8a6a208f29f
Windows Kernel FlashWindowEx Memory Corruption
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a FlashWindowEx related memory corruption vulnerability.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2511
MD5 | c06f7d9e56578cd6b9b6fdf8944e8c48
Ubuntu Security Notice USN-2743-1
Posted Sep 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2743-1 - Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-4500, CVE-2015-4501, CVE-2015-4502, CVE-2015-4504, CVE-2015-4506, CVE-2015-4507, CVE-2015-4508, CVE-2015-4509, CVE-2015-4510, CVE-2015-4512, CVE-2015-4516, CVE-2015-4517, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
MD5 | e16dcea8230150859b7a2ab97b2bf47a
SAP Business Objects Memory Corruption
Posted Sep 23, 2015
Authored by Will Vandevanter | Site onapsis.com

Onapsis Security Advisory - SAP Business Objects suffers from a memory corruption vulnerability. By exploiting this vulnerability an unauthenticated attacker could read or write any business-relevant information from the Business Intelligence Platform and also render the system unavailable to other users.

tags | advisory
MD5 | 9c3b4413424aa1583e56b36cff3401d7
HP Security Bulletin HPSBGN03391 1
Posted Sep 23, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03391 1 - A potential security vulnerability has been identified with HP Universal CMDB Foundation, HP Universal Discovery, HP Universal CMDB Configuration Manager, and HP Universal CMDB Browser. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
MD5 | eefa62cddd7a5a14d42c23b371b89617
HPE Security Bulletin HPSBUX03511 SSRT102248 1
Posted Sep 23, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03511 SSRT102248 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2015-5477, CVE-2015-5722
MD5 | a914255097782bd38670d4a4c6731949
Red Hat Security Advisory 2015-1814-01
Posted Sep 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1814-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin APSB15-23 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2015-5567, CVE-2015-5568, CVE-2015-5570, CVE-2015-5571, CVE-2015-5572, CVE-2015-5573, CVE-2015-5574, CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5581, CVE-2015-5582, CVE-2015-5584, CVE-2015-5587, CVE-2015-5588, CVE-2015-6676, CVE-2015-6677, CVE-2015-6678, CVE-2015-6679, CVE-2015-6682
MD5 | 8444234de89f63752ceb844a66ad5cc1
Debian Security Advisory 3364-1
Posted Sep 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3364-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-0272, CVE-2015-2925, CVE-2015-5156, CVE-2015-6252, CVE-2015-6937
MD5 | 064d6bf5728d9a6968a4687817e7599d
Red Hat Security Advisory 2015-1834-01
Posted Sep 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1834-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-4500, CVE-2015-4509, CVE-2015-4510
MD5 | ddde5c42bc2e7f46bceb6130a0c3bdb5
Red Hat Security Advisory 2015-1833-01
Posted Sep 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1833-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5165
MD5 | 3a254905a139b4cad29ba85b107f9b86
Windows Kernel DeferWindowPos Use-After-Free
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a use-after-free vulnerability related to DeferWindowPos.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2366
MD5 | 771b7ab055281b2881d46e32423592f5
Cisco AnyConnect DLL Side Loading Privilege Escalation
Posted Sep 23, 2015
Authored by Yorick Koster, Securify B.V.

Cisco AnyConnect Secure Mobility Client for Windows is affected by an vulnerability that allows local attackers to execute arbitrary DLL files with elevated privilege. By exploiting this vulnerability is is possible for the attacker to gain SYSTEM privileges.

tags | exploit, arbitrary, local
systems | cisco, linux, windows
advisories | CVE-2015-6305
MD5 | 919fb71d8c00eef7045530e8e0932a5c
Cryptokiller Tool 1.0
Posted Sep 23, 2015
Authored by Mert SARICA

Cryptokiller is a proof of concept tool designed to detect and stop the infection of Cryptolocker malware. It requires installation prior to infection.

tags | tool, proof of concept
MD5 | c7d54277ec4c4b2f135c1bd9971aa87c
OS X Regex Engine Integer Signedness / Overflow
Posted Sep 23, 2015
Authored by Google Security Research, ianbeer

OS X Regex Engine (TRE) suffers from integer signedness and overflow issues.

tags | exploit, overflow
systems | linux, apple, osx
advisories | CVE-2015-3798
MD5 | b3e63f40edf650e945be050b95cee62d
Windows Kernel Printer Device Contexts Use-After-Free
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a use-after-free vulnerability in printer device contexts.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2507
MD5 | e2003ff99e314874b0dfa78bd60b4ece
Windows Kernel Cursor Object Use-After-Free
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a use-after-free vulnerability in the cursor object.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2517
MD5 | be24525e9fc67e02cb9f2c256f9327a8
OS X Regex Engine Stack Buffer Overflow
Posted Sep 23, 2015
Authored by Google Security Research, ianbeer

OS X Regex Engine (TRE) suffers from a stack buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, apple, osx
advisories | CVE-2015-3796
MD5 | f85a0765d88cae33afc0a1351323e720
Windows Kernel NtGdiStretchBlt Pool Buffer Overflow
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a pool buffer overflow in NtGdiStretchBlt.

tags | exploit, overflow, kernel
systems | linux, windows
advisories | CVE-2015-2512
MD5 | d30fbcc4ba65b1d8c93c1baa6b4765f8
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    6 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close