Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-01-07

Red Hat Security Advisory 2016-0013-01
Posted Jan 7, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0013-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. A vulnerability was discovered in the way OpenStack Compute networking handled security group updates; changes were not applied to already running VM instances. A remote attacker could use this flaw to access running VM instances.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2015-7713
MD5 | a5cd8408b8284e5cc2790d85ab9e660c
Ubuntu Security Notice USN-2863-1
Posted Jan 7, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2863-1 - Karthikeyan Bhargavan and Gaetan Leurent discovered that OpenSSL incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2015-7575
MD5 | a37b04eb2ba25affcc7ea58b5cbee2f4
Red Hat Security Advisory 2016-0005-01
Posted Jan 7, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0005-01 - The rpcbind utility is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote attacker could possibly exploit this flaw to crash the rpcbind service by performing a series of UDP and TCP calls. All rpcbind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the rpcbind service is running, it will be automatically restarted after installing this update.

tags | advisory, remote, udp, tcp
systems | linux, redhat
advisories | CVE-2015-7236
MD5 | e100980c6b32a8e007eb994d1c4d1444
Serendipity 2.0.2 Cross Site Scripting
Posted Jan 7, 2016
Authored by Onur YILMAZ, Selcuk Miynat

Serendipity version 2.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-8603
MD5 | 3a04b6fedf60495b8d1c6362aa41aa61
OpenCart 2.1.0.1 Cross Site Scripting
Posted Jan 7, 2016
Authored by Onur YILMAZ, Ziyahan Albeniz

OpenCart version 2.1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-4671
MD5 | 15d5d8918fa9c5d97f7f9375af97ca48
AVM FRITZ!Box: Buffer Overflow
Posted Jan 7, 2016
Site redteam-pentesting.de

RedTeam Pentesting discovered that several models of the AVM FRITZ!Box are vulnerable to a stack-based buffer overflow, which allows attackers to execute arbitrary code on the device. Versions prior to 6.30 are affected.

tags | exploit, overflow, arbitrary
MD5 | 353488ab88471c7cf1348d2626a23a19
AVM FRITZ!Box: Arbitrary Code Execution Via Firmware Images
Posted Jan 7, 2016
Site redteam-pentesting.de

The firmware upgrade process of the FRITZ!Box 7490 is flawed. Specially crafted firmware images can overwrite critical files. Arbitrary code can get executed if an attempt is made to install such a manipulated firmware. Versions prior to 6.30 are affected.

tags | exploit, arbitrary
advisories | CVE-2014-8886
MD5 | 1a19bf8fd3ad744f6f2090372f002c3c
ZoneAlarm DLL Hijacking
Posted Jan 7, 2016
Authored by Stefan Kanthak

ZoneAlarm installers suffer from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | bd032d002f0f5b65acb4a02e009216aa
Emsisoft Anti Malware DLL Hijacking
Posted Jan 7, 2016
Authored by Stefan Kanthak

Emsisoft Anti Malware suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | aed6304b1265f3adc7da17adcfd205a1
ownCloud 8.2.1 / 8.1.4 / 8.0.9 Information Exposure
Posted Jan 7, 2016
Authored by Dr. Erlijn van Genuchten

ownCloud versions 8.2.1 and below, 8.1.4 and below, and 8.0.9 and below suffer from an information exposure vulnerability via directory listings.

tags | exploit
advisories | CVE-2016-1499
MD5 | cb1d5a61671252d127d71dc1fa78ef09
Ubuntu Security Notice USN-2862-1
Posted Jan 7, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2862-1 - It was discovered that Pygments incorrectly sanitized strings used to search system fonts. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-8557
MD5 | 82163d473efb7d5eff7e94e27b3a2e8e
HP Security Bulletin HPSBGN03530 1
Posted Jan 7, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03530 1 - A potential security vulnerability has been identified in HPE UCMDB Browser. The vulnerability could be exploited to allow remote disclosure of sensitive information and result in local unauthorized access. Note: This vulnerability only impacts customers using UCMDB browser. Revision 1 of this advisory.

tags | advisory, remote, local
advisories | CVE-2015-6862
MD5 | a47f28f6a2389242b3f3c7ddd20ad8fb
Red Hat Security Advisory 2016-0004-01
Posted Jan 7, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0004-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-5307, CVE-2015-8104
MD5 | 7d6a14f9dafcf7c790a3733c51a79a36
WordPress Stanford Theme Cross Site Scripting
Posted Jan 7, 2016
Authored by Sha4yan

The WordPress Stanford theme suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 76a07029058aede4dc19488f678f0fc2
Ubuntu Security Notice USN-2861-1
Posted Jan 7, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2861-1 - It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program. Qixue Xiao and Chen Yu discovered that libpng incorrectly handled certain malformed images. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-8472, CVE-2015-8540
MD5 | ce9ceeacf9d72e4742054c86c38b90da
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    14 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close