exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-04-28

HPE Security Bulletin HPSBUX03583 SSRT110084 1
Posted Apr 28, 2016
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03583 SSRT110084 1 - Potential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2016-1285, CVE-2016-1286
SHA-256 | a91427fd382a1816a0da8390e9635c1956206d8290d7b0c0dfd9a0ac6deecedf
PHP 7.x Heap Overflow
Posted Apr 28, 2016
Authored by Hans Jerry Illikainen

An integer wrap may occur in PHP 7.x before version 7.0.6 when reading zip files with the getFromIndex() and getFromName() methods of ZipArchive, resulting in a heap overflow. Full exploit included.

tags | exploit, overflow, php
advisories | CVE-2016-3078
SHA-256 | e8c95e113360c07e5f57ee1a402ad502f85525d7f354dd5b76ad74e45439655d
Red Hat Security Advisory 2016-0699-01
Posted Apr 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0699-01 - In accordance with the Red Hat Enterprise Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 3.x offering will be retired as of October 31, 2016, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Developer Toolset Version 3.x after October 31, 2016.

tags | advisory
systems | linux, redhat
SHA-256 | a55ad15db53514823d1d1fcbc99e80f53ff3cc86246f228b316e78ef5ddaacad
Debian Security Advisory 3560-1
Posted Apr 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3560-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

tags | advisory, web, php, vulnerability
systems | linux, debian
advisories | CVE-2015-8865, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073
SHA-256 | 0823460b2d4bc6ef5d63b5785ab262127bc73b4bf73dd3927aedf0f2de56e342
Apache Cordova iOS 3.9.1 Access Bypass
Posted Apr 28, 2016
Authored by Muneaki Nishimura

Apache Cordova iOS versions 3.9.1 and below suffer from an access bypass vulnerability.

tags | advisory, bypass
systems | ios
advisories | CVE-2015-5207
SHA-256 | fae203a05fc5e593cedf2d62a055f9b7f81ada5058f60301bd2b9a2abe342180
Apache Cordova iOS 3.9.1 Arbitrary Plugin Execution
Posted Apr 28, 2016
Authored by Muneaki Nishimura

Apache Cordova iOS versions 3.9.1 and below allow for arbitrary plugin execution.

tags | advisory, arbitrary
systems | ios
advisories | CVE-2015-5208
SHA-256 | fefb824e808b4133ebdf4a6c2f3d50502a18ea0647eef7619d23119976a4004b
Packet Fence 6.0.0
Posted Apr 28, 2016
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Various updates. Typo fixes added along with doc modifications.
tags | tool, remote
systems | unix
SHA-256 | 75fc6c20c12cf4e031e93efe5bffa57b320a916e36c23e023712a96b95a0a6bf
Microsoft Windows Kernel win32k.sys TTF Processing Pool Corruption
Posted Apr 28, 2016
Authored by Google Security Research, mjurczyk

A Microsoft Windows kernel crash exists in the win32k.sys driver while processing a corrupted TTF font file.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2016-0145
SHA-256 | 20e2a865b13b1b14dde608971f4405d9d26b6e13cce289f692f5aa53d27dd8b7
Android Service Manager One Way Binder Transaction Crash
Posted Apr 28, 2016
Authored by Google Security Research, forshaw

If an application sends a one way binder transaction the service tries to send a reply which fails. This causes the service manager to exit its binder loop and the process dies causing the system to reboot. Tested on Android version 6.0.1 February patches.

tags | exploit, denial of service
systems | linux
SHA-256 | 24774ca1e49bd4db1b9ed63ebb744a6f55a49da06db379a0c1076409bd39b4c2
Ubuntu Security Notice USN-2936-1
Posted Apr 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2936-1 - Christian Holler, Tyson Smith, Phil Ringalda, Gary Kwong, Jesse Ruderman, Mats Palmgren, Carsten Book, Boris Zbarsky, David Bolter, Randell Jesup, Andrew McCreight, and Steve Fink discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2804, CVE-2016-2806, CVE-2016-2807, CVE-2016-2808, CVE-2016-2811, CVE-2016-2812, CVE-2016-2814, CVE-2016-2816, CVE-2016-2817, CVE-2016-2820, CVE-2018-2817
SHA-256 | 72de8bd9f672f0da0f03941e20b339aa30efeab5c6302718862f00e934ebad4a
Ubuntu Security Notice USN-2934-1
Posted Apr 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2934-1 - Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-1950, CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1964, CVE-2016-1966, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | 1b82ab9e46c4ac83735da4ebe80a00ac45d9d42790929bd0cfc5b0114e1a9c92
Ubuntu Security Notice USN-2955-1
Posted Apr 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2955-1 - A use-after-free was discovered when responding synchronously to permission requests. An attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. An out-of-bounds read was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-1578, CVE-2016-1646, CVE-2016-1647, CVE-2016-1649, CVE-2016-1653, CVE-2016-1654, CVE-2016-1655, CVE-2016-1659, CVE-2016-3679
SHA-256 | 98d91da3fa3807dd891052480ad6b5a8bd4ff5417450535aa999cbb614b528bf
Debian Security Advisory 3559-1
Posted Apr 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3559-1 - Multiple security issues have been found in Iceweasel, Debian's version buffer overflows may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-2805, CVE-2016-2807, CVE-2016-2808, CVE-2016-2814
SHA-256 | 86b8102c6b493627ceb712cc49a70e3ab9e3ccbe6b4eb4d0ab648cea41dbd21c
Ubuntu Security Notice USN-2952-2
Posted Apr 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2952-2 - USN-2952-1 fixed vulnerabilities in PHP. One of the backported patches caused a regression in the PHP Soap client. This update fixes the problem. It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-9767, CVE-2015-8838, CVE-2016-1903, CVE-2016-2554, CVE-2016-3141, CVE-2016-3142
SHA-256 | 34256a7fbb2ead22a5a09a7ec0edeb11a8a3dd11aea8a9162bc767ed7eb68101
Ubuntu Security Notice USN-2950-2
Posted Apr 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-2 - USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, spoof, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | d00c71363fd9011b1911761bd598b570e7edef600cd48c0634d3cf0850df7357
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close