Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-01-20

Cisco Security Advisory 20160120-d9036
Posted Jan 20, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in Cisco Modular Encoding Platform D9036 Software could allow an unauthenticated, remote attacker to log in to the system shell with the privileges of the root user. The vulnerability occurs because the root user has a default and static password. This account is created at installation and cannot be changed or deleted without impacting the functionality of the system. An attacker could exploit this vulnerability by remotely connecting to the affected system via SSH using this account. Successful exploitation could allow the attacker to access the system with the privileges of the root user. In addition to the root user, the guest user account also has a default and static password. The guest account is created at installation and cannot be changed or deleted without impacting the functionality of the system. However, this account has limited privileges on the system. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote, shell, root
systems | cisco
MD5 | ebdd6dfecaa4338c4ee32b9b3ab8d478
Debian Security Advisory 3450-1
Posted Jan 20, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3450-1 - Jann Horn discovered that the setuid-root mount.ecryptfs_private helper in the ecryptfs-utils would mount over any target directory that the user owns, including a directory in procfs. A local attacker could use this flaw to escalate his privileges.

tags | advisory, local, root
systems | linux, debian
advisories | CVE-2016-1572
MD5 | d6bc02a8bddb355340b2cba1703824ac
OpenVAS Greenbone Security Assistant Cross Site Scripting
Posted Jan 20, 2016
Authored by Sebastian Neef

OpenVAS Greenbone Security Assistant versions 6.x below 6.0.8 suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2016-1926
MD5 | 1a59a781c3efcec650c13bb74e014137
Apple Security Advisory 2016-01-19-3
Posted Jan 20, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-01-19-3 - Safari 9.0.3 is now available and addresses privacy and multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2016-1723, CVE-2016-1724, CVE-2016-1725, CVE-2016-1726, CVE-2016-1727, CVE-2016-1728
MD5 | 68e4a30025de49d9eabd0b9c407b35e3
Apple Security Advisory 2016-01-19-2
Posted Jan 20, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-01-19-2 - OS X El Capitan 10.11.3 and Security Update 2016-001 are now available and address memory corruption, code execution, and privilege escalation vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, osx
advisories | CVE-2015-7995, CVE-2016-1716, CVE-2016-1717, CVE-2016-1718, CVE-2016-1719, CVE-2016-1720, CVE-2016-1721, CVE-2016-1722, CVE-2016-1729
MD5 | 1a3cee9c9c4fc15f51453f6d8a64e885
Apple Security Advisory 2016-01-19-1
Posted Jan 20, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-01-19-1 - iOS 9.2.1 is now available and addresses memory corruption and privacy issues.

tags | advisory
systems | cisco, apple, ios
advisories | CVE-2015-7995, CVE-2016-1717, CVE-2016-1719, CVE-2016-1720, CVE-2016-1721, CVE-2016-1722, CVE-2016-1723, CVE-2016-1724, CVE-2016-1725, CVE-2016-1726, CVE-2016-1727, CVE-2016-1728, CVE-2016-1730
MD5 | 470cd82843f59354869fd415b08df6f6
LiteSpeed Web Server 5.1.0 HTTP Header Injection
Posted Jan 20, 2016
Authored by Onur YILMAZ, Ziyahan Albeniz

LiteSpeed Web Server version 5.1.0 suffers from an HTTP header injection vulnerability.

tags | exploit, web
MD5 | bece966a42fae106ba7987bef7376642
Ubuntu Security Notice USN-2876-1
Posted Jan 20, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2876-1 - Jann Horn discovered that mount.ecryptfs_private would mount over certain directories in the proc filesystem. A local attacker could use this to escalate their privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2016-1572
MD5 | 97a59594a8a453d7fee8b903a0abd70f
Debian Security Advisory 3449-1
Posted Jan 20, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3449-1 - It was discovered that specific APL RR data could trigger an INSIST failure in apl_42.c and cause the BIND DNS server to exit, leading to a denial-of-service.

tags | advisory
systems | linux, debian
advisories | CVE-2015-8704
MD5 | ad418bd1af06945d747e7e8b7a57ec26
Cisco Security Advisory 20160120-ucsm
Posted Jan 20, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in a CGI script in the Cisco UCS Manager and the Cisco Firepower 9000 Series appliance could allow an unauthenticated, remote attacker to execute arbitrary commands on the Cisco Unified Computing System (UCS) Manager or the Cisco Firepower 9000 Series appliance. The vulnerability is due to unprotecting calling of shell commands in the CGI script. An attacker could exploit this vulnerability by sending a crafted HTTP request to the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance. An exploit could allow the attacker to execute arbitrary commands on the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance. Cisco has released software updates that address this vulnerability.

tags | advisory, remote, web, arbitrary, shell, cgi
systems | cisco
MD5 | 81be42b796da948d3e3551e62ead161f
HP Security Bulletin HPSBGN03534 1
Posted Jan 20, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03534 1 - A vulnerability in Microsoft Report Viewer was addressed by HPE Performance Center. This is a Cross-Site scripting (XSS) vulnerability that could allow remote information disclosure. Revision 1 of this advisory.

tags | advisory, remote, xss, info disclosure
advisories | CVE-2011-1976
MD5 | 94a36f3a65796e981165d8e35889449f
Linux Kernel REFCOUNT Overflow / Use-After-Free
Posted Jan 20, 2016
Authored by Perception Point Team

Linux kernel REFCOUNT overflow / use-after-free in keyrings exploit.

tags | exploit, overflow, kernel
systems | linux
advisories | CVE-2016-0728
MD5 | 34396c12f213e51a4db58308f7b55727
Ubuntu Security Notice USN-2874-1
Posted Jan 20, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2874-1 - It was discovered that Bind incorrectly handled certain APL data. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-8704
MD5 | 6f43fac3672c40d7ece9b592b2ef1126
OpenSCAP Libraries 1.2.8
Posted Jan 20, 2016
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Various updates and improvements.
tags | protocol, library
systems | unix
MD5 | d26a148d834635363ac8cdd707828302
Ubuntu Security Notice USN-2875-1
Posted Jan 20, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2875-1 - It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-7499, CVE-2015-8710
MD5 | 07b53ecec5889dacd9144ce7a83ccb33
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    28 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close