Exploit the possiblities
Showing 1 - 25 of 57 RSS Feed

Files Date: 2016-01-27

Eclipse Birt Report Viewer 4.5.0 Cross Site Scripting
Posted Jan 27, 2016

Eclipse Birt Report Viewer versions 4.5.0 and below suffer from a persistent cross site scripting vulnerability.

tags | advisory, xss
MD5 | 9ad5566dee9d72b2b90a01d7d66c48bc
SAP HANA hdbindexserver Memory Corruption
Posted Jan 27, 2016
Authored by Mathieu Geli

A buffer overflow vulnerability exists in SAP HANA interface. If an attacker has a network access to the SQL interface or the SAP HANA Extended Application Services interface of an SAP HANA system, the vulnerability enables the attacker to inject code into the working memory that is subsequently executed by the application. It can also be used to cause a general fault in the product causing the product to terminate.

tags | exploit, overflow
MD5 | 1500983ad9c3e2a4c13660b2ee1a2a6f
RECON 2016 Call For Papers
Posted Jan 27, 2016
Authored by REC0N 2016 | Site recon.cx

REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. For 2016 it will be held June 17th through the 19th and the Call For Papers has been announced.

tags | paper, conference
MD5 | d9d0ca8b9962a5a5cd37b74315b61878
Ubuntu Security Notice USN-2877-1
Posted Jan 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2877-1 - A bad cast was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. An issue was discovered when initializing the UnacceleratedImageBufferSurface class in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-1612, CVE-2016-1614, CVE-2016-1617, CVE-2016-1618, CVE-2016-1620, CVE-2016-2051, CVE-2016-2052
MD5 | 95550d23f554660181fd6dd8be791098
Gentoo Linux Security Advisory 201601-03
Posted Jan 27, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201601-3 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.559 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-8045, CVE-2015-8047, CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406
MD5 | 0ef69ee7fef199721ab3496d3ede0e84
Ubuntu Security Notice USN-2880-1
Posted Jan 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2880-1 - Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman, Carsten Book, Randell Jesup, Nicolas Pierron, Eric Rescorla, Tyson Smith, and Gabor Krizsanits discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Gustavo Grieco discovered an out-of-memory crash when loading GIF images in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-1930, CVE-2016-1931, CVE-2016-1933, CVE-2016-1935, CVE-2016-1937, CVE-2016-1938, CVE-2016-1939, CVE-2016-1942, CVE-2016-1944, CVE-2016-1945, CVE-2016-1946, CVE-2016-1947
MD5 | fab86f677b54973bca700d9242842c41
Gentoo Linux Security Advisory 201601-02
Posted Jan 27, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201601-2 - Multiple vulnerabilities have been found in WebKitGTK+, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 2.4.9 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-1344, CVE-2014-1384, CVE-2014-1385, CVE-2014-1386, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-1390
MD5 | aeb8dafb1e6b37b2c20a0d7677604ba6
Debian Security Advisory 3456-1
Posted Jan 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3456-1 - Several vulnerabilities were discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2015-6792, CVE-2016-1612, CVE-2016-1613, CVE-2016-1614, CVE-2016-1615, CVE-2016-1616, CVE-2016-1617, CVE-2016-1618, CVE-2016-1619, CVE-2016-1620
MD5 | 4d7d4835aac6ccd1c536224649647eb9
Red Hat Security Advisory 2016-0074-01
Posted Jan 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0074-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND processed certain malformed Address Prefix List records. A remote, authenticated attacker could use this flaw to cause named to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-8704
MD5 | 01b037030faad9a276880455ece1614a
Red Hat Security Advisory 2016-0073-01
Posted Jan 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0073-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND processed certain malformed Address Prefix List records. A remote, authenticated attacker could use this flaw to cause named to crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-8704
MD5 | dec639894f5190a4a3e8e4171a36a260
Red Hat Security Advisory 2016-0072-01
Posted Jan 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0072-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. All Chromium users should upgrade to these updated packages, which contain Chromium version 48.0.2564.82, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1612, CVE-2016-1613, CVE-2016-1614, CVE-2016-1615, CVE-2016-1616, CVE-2016-1617, CVE-2016-1618, CVE-2016-1619, CVE-2016-1620, CVE-2016-2051, CVE-2016-2052
MD5 | 6f6f7d013fe329ce981693189cfc02b1
Debian Security Advisory 3455-1
Posted Jan 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3455-1 - Isaac Boukris discovered that cURL, an URL transfer library, reused NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for the new transfer. This could lead to HTTP requests being sent over the connection authenticated as a different user.

tags | advisory, web
systems | linux, debian
advisories | CVE-2016-0755
MD5 | 3d34f6395667bc1ff99c8cf65d40d475
Red Hat Security Advisory 2016-0070-01
Posted Jan 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0070-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain requests. An authenticated remote attacker could use this flaw to gain additional access to resources such as RAM and disk space.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662, CVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667, CVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807, CVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813, CVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319, CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323, CVE-2015-5324, CVE-2015-5325, CVE-2015-5326, CVE-2015-7537
MD5 | a3d8157b86e83180009056f3e24d488d
FreeBSD Security Advisory - FreeBSD-SA-16:10.linux
Posted Jan 27, 2016
Authored by Isaac Dunham, Brent Cook, Warner Losh | Site security.freebsd.org

FreeBSD Security Advisory - A programming error in the Linux compatibility layer could cause the issetugid(2) system call to return incorrect information. If an application relies on output of the issetugid(2) system call and that information is incorrect, this could lead to a privilege escalation.

tags | advisory
systems | linux, freebsd
advisories | CVE-2016-1883
MD5 | 00d34015638239c7b35d55fdff5be632
FreeBSD Security Advisory - FreeBSD-SA-16:09.ntp
Posted Jan 27, 2016
Authored by Cisco ASIG / Network Time Foundation | Site security.freebsd.org

FreeBSD Security Advisory - Multiple vulnerabilities have been discovered in ntp 4.2.8p5.

tags | advisory, vulnerability
systems | freebsd, bsd
advisories | CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976
MD5 | 050d44ff421cf4c2ff19f2d29927a634
FreeBSD Security Advisory - FreeBSD-SA-16:08.bind
Posted Jan 27, 2016
Authored by ISC | Site security.freebsd.org

FreeBSD Security Advisory - There is an off-by-one error in a buffer size check when performing certain string formatting operations. Slaves using text-format db files could be vulnerable if receiving a malformed record in a zone transfer from their master. Masters using text-format db files could be vulnerable if they accept a malformed record in a DDNS update message. Recursive resolvers are potentially vulnerable when debug logging is enabled and if they are fed a deliberately malformed record by a malicious server. A server which has cached a specially constructed record could encounter this condition while performing 'rndc dumpdb'.

tags | advisory
systems | freebsd
advisories | CVE-2015-8704
MD5 | 58ee0826c7ba3739bb2d731b7fc83928
Debian Security Advisory 3454-1
Posted Jan 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3454-1 - Multiple vulnerabilities have been discovered in VirtualBox, an x86 virtualisation solution.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-5307, CVE-2015-8104, CVE-2016-0495, CVE-2016-0592
MD5 | 928150f1f1fbd941210a4cf479174f9f
Gentoo Linux Security Advisory 201601-04
Posted Jan 27, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201601-4 - Multiple vulnerabilities have been found in OpenSMTPD, the worst allowing remote attackers to execute arbitrary code. Versions less than 5.7.3_p1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
MD5 | 30e03b974b5c539ea454533a7beefe4c
Red Hat Security Advisory 2016-0071-01
Posted Jan 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0071-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1930, CVE-2016-1935
MD5 | 4e485a79a869bc6be78c608b0ba94548
Red Hat Security Advisory 2016-0069-01
Posted Jan 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0069-01 - In accordance with the Red Hat CloudForms Support Life Cycle Policy, support will end on April 10, 2016. Red Hat will not provide extended support for this product.

tags | advisory
systems | linux, redhat
MD5 | b3d59c9da06d7ea56b56e958cb5fe65b
IP-Array IPTables Firewall Script 1.0.3
Posted Jan 27, 2016
Authored by AllKind | Site ip-array.sourceforge.net

A Linux IPv4 firewall and traffic shaper for single hosts to small and mid-sized networks. It allows flexible rule creation, while also shipping with presets for common needs. Rules are written in simple XML, allowing various ways to group and nest the iptables arguments. An interactive mode is available in order to build configuration files in a wizard based manner. Extensive documentation is also included.

Changes: This is a major update to IP-Array. Rules, ruleblocks and their templates are now written in simple XML. Grouping and nesting of iptables tags allows efficient and time saving rule writing. Various other updates have also been added.
tags | tool
systems | linux, unix
MD5 | 5de73f4bf4db4c69688b36bc9605af12
iOS Kernel IOHIDEventService Use-After-Free
Posted Jan 27, 2016
Authored by Google Security Research, ianbeer

The iOS kernel suffers from a use-after-free vulnerability in IOHIDEventService.

tags | exploit, kernel
systems | cisco, linux, ios
advisories | CVE-2016-1719
MD5 | 17fd1039e481d24448d676071d0469a3
Pdfium Opj_j2k_read_mcc Out-Of-Bounds Read
Posted Jan 27, 2016
Authored by Google Security Research, mjurczyk

Pdfium suffers from a heap-based out-of-bounds read in Opj_j2k_read_mcc (libopenjpeg).

tags | exploit
systems | linux
MD5 | a14ff286605df4a23ae38ba8611b5bf8
Secure Item Hub 1.0 XSS / Code Execution / File Upload
Posted Jan 27, 2016
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Secure Item Hub version 1.0 suffers from input validation, code execution, and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file upload
MD5 | 8060801cf815a6a06bb7d7a942380a29
Android Libstagefright Tag Parsing Heap Buffer Overflow
Posted Jan 27, 2016
Authored by Google Security Research, scvitti

This proof of concept demonstrates the Android Libstagefright heap buffer overflow that occurs due to an integer overflow in MP3 ID3 tag parsing.

tags | exploit, overflow, proof of concept
systems | linux
advisories | CVE-2015-6604
MD5 | ff9b3227da297d81a6576c0ad5330a06
Page 1 of 3
Back123Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close