exploit the possibilities
Showing 1 - 23 of 23 RSS Feed

Files Date: 2016-02-10

D-Link DCS-930L Authenticated Remote Command Execution
Posted Feb 10, 2016
Authored by Nicholas Starke | Site metasploit.com

The D-Link DCS-930L Network Video Camera is vulnerable to OS Command Injection via the web interface. The vulnerability exists at /setSystemCommand, which is accessible with credentials. This vulnerability was present in firmware version 2.01 and fixed by 2.12.

tags | exploit, web
MD5 | ddc747214ad4a4c1f0e032dfddc35ed3
360-FAAR Firewall Analysis Audit And Repair 0.5.6
Posted Feb 10, 2016
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release updates the bloobj mode to fix the bug introduced "for names with spaces".
tags | tool, perl
systems | unix
MD5 | d84bc7e15e0603a3d966adbd7178a4da
GNU Transport Layer Security Library 3.4.9
Posted Feb 10, 2016
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability. This is the current stable release.

Changes: Bug fix release.
tags | protocol, library
MD5 | 1b3b6d55d0e2b6d01a54f53129f1da9b
GNU Transport Layer Security Library 3.3.21
Posted Feb 10, 2016
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability. This is the previous stable release.

Changes: Bug fix release. Disables RC4 from the default priorities.
tags | protocol, library
MD5 | b698ee3814ff0d4415e9a60e99656204
Slackware Security Advisory - curl Updates
Posted Feb 10, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-0755
MD5 | 58f1e066069847a09cf398e10ccd8a0e
Slackware Security Advisory - libsndfile Updates
Posted Feb 10, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libsndfile packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-9496, CVE-2014-9756, CVE-2015-7805
MD5 | 9a54ae907807d3bfe30fb66a953ec2b4
Debian Security Advisory 3472-1
Posted Feb 10, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3472-1 - Two vulnerabilities were discovered in wordpress, a web blogging tool.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2016-2221, CVE-2016-2222
MD5 | ed426b28a3bff5b1337da9d3008df11c
Debian Security Advisory 3470-1
Posted Feb 10, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3470-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-7295, CVE-2015-7504, CVE-2015-7512, CVE-2015-8345, CVE-2015-8504, CVE-2015-8558, CVE-2015-8743, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922
MD5 | 39bf91a809d301fe035ac60af251050f
Debian Security Advisory 3469-1
Posted Feb 10, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3469-1 - Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-7295, CVE-2015-7504, CVE-2015-7512, CVE-2015-8345, CVE-2015-8504, CVE-2015-8558, CVE-2015-8743, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922
MD5 | 34b6d4c51cc5e4f14224ee3dfa59d600
Debian Security Advisory 3471-1
Posted Feb 10, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3471-1 - Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-7295, CVE-2015-7504, CVE-2015-7512, CVE-2015-7549, CVE-2015-8345, CVE-2015-8504, CVE-2015-8550, CVE-2015-8558, CVE-2015-8567, CVE-2015-8568, CVE-2015-8613, CVE-2015-8619, CVE-2015-8743, CVE-2015-8744, CVE-2015-8745, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922, CVE-2016-1981
MD5 | ded9adc12dd631492b3380a60465ca09
Red Hat Security Advisory 2016-0158-01
Posted Feb 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0158-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. An information-exposure flaw was found in the Django date filter. If an application allowed users to provide non-validated date formats, a malicious end user could expose application-settings data by providing the relevant applications-settings key instead of a valid date format.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2015-8213
MD5 | 66cef5b36cc3630b2141823fcc8493a9
Red Hat Security Advisory 2016-0157-01
Posted Feb 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0157-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. An information-exposure flaw was found in the Django date filter. If an application allowed users to provide non-validated date formats, a malicious end user could expose application-settings data by providing the relevant applications-settings key instead of a valid date format.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2015-8213
MD5 | 1d1f4dce9ace349f9908cb1a0e1d55b6
Red Hat Security Advisory 2016-0152-01
Posted Feb 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0152-01 - The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the system. This issue was discovered by Mateusz Guzik of Red Hat.

tags | advisory, arbitrary, local
systems | linux, redhat
advisories | CVE-2015-7529
MD5 | 15ff0821ec6f519aa7a7bbee63d5d3dc
Red Hat Security Advisory 2016-0156-01
Posted Feb 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0156-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. An information-exposure flaw was found in the Django date filter. If an application allowed users to provide non-validated date formats, a malicious end user could expose application-settings data by providing the relevant applications-settings key instead of a valid date format.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2015-8213
MD5 | 2db399f9c3bdc9974fb381ff590e13d9
Red Hat Security Advisory 2016-0155-01
Posted Feb 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0155-01 - OpenStack Object Storage provides object storage in virtual containers, which allows users to store and retrieve files. The service's distributed architecture supports horizontal scaling; redundancy as failure-proofing is provided through software-based data replication. Because Object Storage supports asynchronous eventual consistency replication, it is well suited to multiple data-center deployment. A memory-leak issue was found in OpenStack Object Storage, in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2016-0737, CVE-2016-0738
MD5 | 4fda8a0c34517e937bbab455b903ad0e
Ubuntu Security Notice USN-2892-1
Posted Feb 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2892-1 - It was discovered that nginx incorrectly handled certain DNS server responses when the resolver is enabled. A remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service. It was discovered that nginx incorrectly handled CNAME response processing when the resolver is enabled. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-0742, CVE-2016-0746, CVE-2016-0747
MD5 | 1a7fa25fcd1529bf2318519641ffe64b
Ubuntu Security Notice USN-2880-2
Posted Feb 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2880-2 - USN-2880-1 fixed vulnerabilities in Firefox. This update introduced a regression which caused Firefox to crash on startup with some configurations. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-1933, CVE-2016-1935, CVE-2016-1937, CVE-2016-1938, CVE-2016-1939, CVE-2016-1942, CVE-2016-1947
MD5 | 5fdf68efeb82cf068a16906c3b06f79b
Microsoft Security Bulletin Revision Increment For February, 2016
Posted Feb 10, 2016
Site microsoft.com

This bulletin summary lists two bulletins that have undergone a major revision increment for February, 2016.

tags | advisory
MD5 | d969559fb0b2dfa8c2e5830ce2828c20
Joomla Scatalog 2.0 SQL Injection
Posted Feb 10, 2016
Authored by indoushka

Joomla Scatalog component version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b36254dc86eafe62ca5c0a068cf4ef47
Joomla Subcategory 1.2.15 SQL Injection
Posted Feb 10, 2016
Authored by indoushka

Joomla Subcategory component version 1.2.15 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ae2e532a00b7f90457f4f048c5068d71
ManageEngine Network Configuration Management Build 11000 Privilege Escalation
Posted Feb 10, 2016
Authored by Kaustubh G. Padwad

ManageEngine Network Configuration Management build version 11000 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | 721f8a3a32e703192c42c95a2ac482cc
Microsoft Security Bulletin Summary For February, 2016
Posted Feb 10, 2016
Site microsoft.com

This bulletin summary lists nine released Microsoft security bulletins for February, 2016.

tags | advisory
MD5 | a623d3bf23d119823a0e6ae8432de530
OS X Sysmond XPC Type Confusion Privilege Escalation
Posted Feb 10, 2016
Authored by Google Security Research, ianbeer

OS X suffers from a privilege escalation vulnerability due to XPC type confusion in sysmond.

tags | exploit
systems | linux, apple, osx
advisories | CVE-2014-8835
MD5 | 3ac26a15ec16701e2fb2e821afc62436
Page 1 of 1
Back1Next

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    15 Files
  • 3
    Mar 3rd
    30 Files
  • 4
    Mar 4th
    13 Files
  • 5
    Mar 5th
    9 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close