exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-03-16

Adobe Flash op_pushwith Incorrect Jit Optimization
Posted Mar 16, 2016
Authored by Google Security Research, ianbeer

The avmplus bytecode verifier misses a control-flow path via op_pushwith throwing an exception allowing crafted bytecode to be incorrectly optimized which can trivially be abused to get code execution.

tags | exploit, code execution
systems | linux
advisories | CVE-2014-0586
MD5 | 2c70ef02f129e446597e6ba7cb2c7bc0
Microsoft Internet Explorer Read AV In MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout
Posted Mar 16, 2016
Authored by Google Security Research, mbarbella

Microsoft Internet Explorer has a read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout issue.

tags | exploit
systems | linux
advisories | CVE-2016-0108
MD5 | 36af4deb93bbbb8b11281f20a53471ab
HP Security Bulletin HPSBGN03558 1
Posted Mar 16, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03558 1 - A potential security vulnerability has been identified with ArcSight ESM and ESM Express. The vulnerability could be remotely exploited to allow disclosure of sensitive information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2016-1992
MD5 | 7d903b4c124c08ec546f0fc5c68fd5a9
Ubuntu Security Notice USN-2935-1
Posted Mar 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2935-1 - It was discovered that the PAM pam_userdb module incorrectly used a case-insensitive method when comparing hashed passwords. A local attacker could possibly use this issue to make brute force attacks easier. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Sebastian Krahmer discovered that the PAM pam_timestamp module incorrectly performed filtering. A local attacker could use this issue to create arbitrary files, or possibly bypass authentication. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2013-7041, CVE-2014-2583, CVE-2015-3238
MD5 | ce271125441982f49cb9d96fe41b5855
Ubuntu Security Notice USN-2930-3
Posted Mar 16, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2930-3 - Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7566, CVE-2015-8767, CVE-2016-0723, CVE-2016-2384, CVE-2016-2782, CVE-2016-3134, CVE-2016-3135
MD5 | 2ec0aba9f3947ea423049137036b97e6
Debian Security Advisory 3518-1
Posted Mar 16, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3518-1 - Several vulnerabilities were found in SPIP, a website engine for publishing, resulting in code injection.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-3153, CVE-2016-3154
MD5 | 0319f8fc8152465d7e9063c77c8304f1
Slackware Security Advisory - seamonkey Updates
Posted Mar 16, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | e38122e2ef4d4dc24c701f241c7ad036
Slackware Security Advisory - git Updates
Posted Mar 16, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-2315, CVE-2016-2324
MD5 | 8a5e0abce27b9ac2fb355d7a847cac41
Mobile Security Framework MobSF 0.9.1
Posted Mar 16, 2016
Authored by Ajin Abraham | Site github.com

Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK and IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting.

Changes: Improved and responsive UI. Dynamic SSL testing. Various other updates and improvements.
tags | tool, web, vulnerability, fuzzer, xxe
systems | cisco, ios
MD5 | a8ac951b0e02bb3cc5dd36141d17023c
Apache TomEE Patched
Posted Mar 16, 2016
Authored by Romain Manni-Bucau

Apache TomEE versions 7.0.0-M3 and 1.7.4 have been released to address the vulnerability in CVE-2016-0779.

tags | advisory
advisories | CVE-2016-0779
MD5 | b826ad8b5ba540dd75d18f01d67de387
Litecart CMS 1.3.4 Cross Site Scripting
Posted Mar 16, 2016
Authored by Ravindra Singh Rathore

Litecart CMS version 1.3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1bdda19df88a1a503feb5764cf075d0e
Netgear CG3000v2 Password Change Bypass
Posted Mar 16, 2016
Authored by Paul Szabo

The Netgear CG3000v2 cable modem fails to validate an admin's old password prior to changing to a new one. It also appears to suffer from cross site request forgery issues.

tags | exploit, bypass, csrf
MD5 | 297357958638c529db4933d79205e0ff
Netwrix Auditor 7.1.322.0 ActiveX (sourceFile) Stack Buffer Overflow
Posted Mar 16, 2016
Authored by LiquidWorm | Site zeroscience.mk

Netwrix Auditor version 7.1.322.0 suffers from a stack-based buffer overflow vulnerability when parsing large amount of bytes to the 'sourceFile' string parameter in PackFile() and UnpackFile() functions in 'Netwrix.Common.CollectEngine.dll' library, resulting in stack overrun overwriting several registers including the SEH chain. An attacker can gain access to the system of the affected node and execute arbitrary code.

tags | exploit, overflow, arbitrary
MD5 | 3c63cc6ace2a7ba347447566cbebf380
Security BSides Las Vegas 2016 Call For Papers
Posted Mar 16, 2016
Authored by BSides LV

BSides Las Vegas 2016 has announced its Call For Papers. It will take place August 2nd and 3rd, 2016, in Las Vegas, Nevada.

tags | paper, conference
MD5 | 46e413345eedeed9c5cc838bd8c3edd3
Chamilo LMS 1.10.2 Cross Site Scripting
Posted Mar 16, 2016
Authored by Lawrence Amer | Site vulnerability-lab.com

Chamilo LMS version 1.10.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f0485a69a97e3189e768ff9010e7f90a
Page 1 of 1
Back1Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close