what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2016-04-12

ImPAX Agility 1.1074.RC.b122.20150602 Cross Site Scripting
Posted Apr 12, 2016
Authored by vesp3r

ImPAX Agility version 1.1074.RC.b122.20150602 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 00413c8da6cb8eb2b7ada588fd97a1ad
Red Hat Security Advisory 2016-0620-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0620-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. The following packages have been upgraded to a newer upstream version: Samba.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 8f4ed3b14b95c091c06a962fcf9a1deb
Red Hat Security Advisory 2016-0624-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0624-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | bd886d49681bbb4b290a389b7c13cac5
Red Hat Security Advisory 2016-0619-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0619-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | db8e359bb1a3ecd2968685f1a4b1a6e5
Red Hat Security Advisory 2016-0623-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0623-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | 0022ff7ca37c188d322e7a31ec45ec5a
Red Hat Security Advisory 2016-0621-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0621-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol and the Local Security Authority Remote Protocol. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.

tags | advisory, remote, local, protocol
systems | linux, redhat
advisories | CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | 5a5a54c79c42cba1d4da606b43ee932f
Red Hat Security Advisory 2016-0613-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0613-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | 47ace9eafbb0054244cabc57ed4d373e
Red Hat Security Advisory 2016-0611-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0611-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5370, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118
MD5 | ff1e4aa271b5719bc43e907e9416f0c9
Microsoft Security Bulletin Summary For April, 2016
Posted Apr 12, 2016
Site microsoft.com

This bulletin summary lists thirteen released Microsoft security bulletins for April, 2016.

tags | advisory
MD5 | f270da838a31764f23edbfc2f3bc47ff
IBM Java Issue 70 Bad Patch
Posted Apr 12, 2016
Authored by Adam Gowdiak | Site security-explorations.com

The patch for Issue 70 in IBM Java discovered by Security Explorations in 2013 was found to be faulty. Included are the full report and a proof of concept.

tags | exploit, java, proof of concept
systems | linux
advisories | CVE-2013-5456
MD5 | 0d5c6c7e0a9744495ab910305201e727
Debian Security Advisory 3485-2
Posted Apr 12, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3485-2 - The update for didiwiki issued as DSA-3485-1 introduced a regression that caused a large number of valid pages to not be accessible anymore. This occurred mostly for pages whose names started with non-ascii characters.

tags | advisory
systems | linux, debian
MD5 | 1018fef5ef52fdc3778da526e99f676f
Red Hat Security Advisory 2016-0617-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0617-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-0774
MD5 | a284b8713fdb3d064b6a6753590d29a3
Red Hat Security Advisory 2016-0615-01
Posted Apr 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0615-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service or, possibly, execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-2074
MD5 | 2b75693d918e3e41b85c0b40db86cb26
RockMongo 1.1.8 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 12, 2016
Authored by Ozer Goker

RockMongo version 1.1.8 suffers from cross site request forgery, cross site scripting, and html injection vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | aee073368a9401710c1d3b33cf2a7c15
WordPress Robo Gallery 2.0.14 Code Execution
Posted Apr 12, 2016
Authored by ICG SEC | Site vulnerability-lab.com

WordPress Robo Gallery plugin version 2.0.14 suffers from a code execution vulnerability.

tags | exploit, code execution
MD5 | eaecec265158312e6974d84e3bc7c4c9
.NET Framework 4.6 DLL Hijacking
Posted Apr 12, 2016
Authored by Yorick Koster, Securify B.V.

A DLL side loading vulnerability was found in the .NET Framework version 4.6 when running on Windows Vista or Windows 7. This issue can be exploited by luring a victim into opening an Office document from the attacker's share. An attacker can use this issue to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system. If the WebDAV Mini-Redirector is enabled, it is possible to exploit this issue over the internet. This issue can be exploited even if the Office document is opened in Protected View.

tags | advisory, arbitrary
systems | windows, vista, 7
advisories | CVE-2016-0148
MD5 | 9d6218459b0672ff015bd46081a7d5cd
Page 1 of 1
Back1Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    19 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close