exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-09-30

RSA OneStep 6.9 Path Traversal
Posted Sep 30, 2015
Site emc.com

RSA OneStep is potentially affected by a path traversal vulnerability. Attackers could potentially exploit this vulnerability to access unauthorized information by supplying specially crafted strings in input parameters of the application. Versions 6.9 prior to build 559 are affected.

tags | advisory
advisories | CVE-2015-4546
MD5 | 1466569ad46b4a6b634b507eee7e7477
FreeBSD Security Advisory - rpcbind(8) Denial Of Service
Posted Sep 30, 2015
Site security.freebsd.org

FreeBSD Security Advisory - In rpcbind(8), netbuf structures are copied directly, which would result in two netbuf structures that reference to one shared address buffer. When one of the two netbuf structures is freed, access to the other netbuf structure would result in an undefined result that may crash the rpcbind(8) daemon. A remote attacker who can send specifically crafted packets to the rpcbind(8) daemon can cause it to crash, resulting in a denial of service condition.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2015-7236
MD5 | 85136eada6303b10454b9288940958f4
Kaseya Virtual System Administrator Code Execution / Privilege Escalation
Posted Sep 30, 2015
Authored by Pedro Ribeiro

Kaseya Virtual System Administrator suffers from multiple code execution vulnerabilities and a privilege escalation vulnerability. VSA versions 7.0.0.0 through 7.0.0.32, 8.0.0.0 through 8.0.0.22, 9.0.0.0 through 9.0.0.18, and 9.1.0.0 through 9.1.0.8 are affected.

tags | exploit, vulnerability, code execution
advisories | CVE-2015-6589, CVE-2015-6922
MD5 | c5ce0ad42b5f4e9209f7d699f7abb8c9
Mitsubishi Melsec FX3G-24M Denial Of Service
Posted Sep 30, 2015
Authored by Ralf Spenneberg

Mitsubishi Melsec FX3G-24M suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2015-3938
MD5 | 2a10a9dca38e65e0d1a507ad24a8483e
RSA Web Threat Detection Privilege Escalation / Information Disclosure
Posted Sep 30, 2015
Site emc.com

RSA Web Threat Detection versions prior to 5.1 SP1 suffer from information disclosure and privilege escalation vulnerabilities.

tags | advisory, web, vulnerability, info disclosure
advisories | CVE-2015-4547, CVE-2015-4548
MD5 | fd6f34493ccb67c9f12e954ed209387e
Western Digital My Cloud Command Injection
Posted Sep 30, 2015
Authored by absane

Western Digital My Cloud with firmware versions 04.01.03-421 and 04.01.04-422 suffer from a command injection vulnerability.

tags | exploit
MD5 | c17220221eba2bd68f5752e3dcea1a6e
Red Hat Security Advisory 2015-1841-01
Posted Sep 30, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1841-01 - Chromium is an open-source web browser, powered by WebKit. Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to bypass cross origin restrictions, and access or modify data from an unrelated web site. All Chromium users should upgrade to these updated packages, which contain Chromium version 45.0.2454.101, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2015-1303, CVE-2015-1304
MD5 | f5523431a03fd843ba500bd9c157d392
Red Hat Security Advisory 2015-1840-01
Posted Sep 30, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1840-01 - OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. A flaw was found in the way the OpenLDAP server daemon parsed certain Basic Encoding Rules data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. All openldap users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-6908
MD5 | d5b96d8a94356d76d134850a5c659856
Ubuntu Security Notice USN-2752-1
Posted Sep 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2752-1 - Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5697, CVE-2015-6252
MD5 | 52554575e2a0ce5d684e1bc4fa1e368a
Ubuntu Security Notice USN-2751-1
Posted Sep 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2751-1 - Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5697, CVE-2015-6252
MD5 | 643e482946e57a7583cd9f40b72675e8
Ubuntu Security Notice USN-2749-1
Posted Sep 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2749-1 - Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5697, CVE-2015-6252
MD5 | 2ee701663b1b00bc0cfe1d85de8faed2
Ubuntu Security Notice USN-2750-1
Posted Sep 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2750-1 - It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5707
MD5 | 7ae61b9878679390fc739eeaf034b528
Ubuntu Security Notice USN-2753-1
Posted Sep 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2753-1 - Roman Fiedler discovered a directory traversal flaw in lxc-start. A local attacker with access to an LXC container could exploit this flaw to run programs inside the container that are not confined by AppArmor or expose unintended files in the host to the container.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2015-1335
MD5 | df1085880d1ebae718836a8704ad98c9
freeswitch Heap Overflow
Posted Sep 30, 2015
Authored by Marcello Duarte

The JSON parser in freeswitch versions prior to 1.6.2 and 1.4.23 suffer from a heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2015-7392
MD5 | eb4dea485d7aacf70aaa6db606c77381
WordPress mTheme-Unus Local File Inclusion
Posted Sep 30, 2015
Authored by Milad Hacking

WordPress mTheme-Unus theme versions prior to 2.3 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 20176880b789d3d7f22d9fe6ab1f4e6e
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close