exploit the possibilities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2016-05-11

CIScan 1.00 SEH Overwrite
Posted May 11, 2016
Authored by Nipun Jaswal

CIScan version 1.00 hostname/IP field SEH overwrite proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 1c1639749211f240dcd240d71ae6baae3868ec116f68c568a80f04dbc1b2b775
Debian Security Advisory 3565-2
Posted May 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3565-2 - This updates fixes a regression introduced in botan1.10 by DSA-3565-1: packages depending on libbotan1.10 needed to be rebuilt against the latest version to function properly.

tags | advisory
systems | linux, debian
SHA-256 | 70b8cbda7bfda9e7216941507884b903eff8d917e9a5df3a690e2e497cd8374c
Slackware Security Advisory - imagemagick Updates
Posted May 11, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New imagemagick packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, CVE-2016-3718
SHA-256 | c4da51baeb811c7024d5c6795c0b076bea7647f672ffea50e9194da2d6fc2420
HP Security Bulletin HPSBUX03574 1
Posted May 11, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03574 1 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to cause access restriction bypass, authentication bypass, Denial of Service (DoS), unauthorized access to files, access restriction bypass, or unauthorized information disclosure. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, info disclosure
systems | hpux
advisories | CVE-2013-0213, CVE-2013-0214, CVE-2013-4475, CVE-2013-4496, CVE-2014-0178, CVE-2014-0244, CVE-2014-3493, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299
SHA-256 | 3425ca46ec9693308573785c2ac516d648f5b8e32172b2e8f2ba16ba7c8482b9
HP Security Bulletin HPSBUX03596 1
Posted May 11, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03596 1 - A security vulnerability in Samba was addressed by HPE HP-UX running CIFS Server (Samba). The vulnerability could be exploited resulting in remote access restriction bypass and unauthorized access. Revision 1 of this advisory.

tags | advisory, remote
systems | hpux
advisories | CVE-2015-7560
SHA-256 | e898f5880922ffdf8c30a8d319996d5b29645af69d70eea364258818e0e6290d
Debian Security Advisory 3574-1
Posted May 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3574-1 - Rock Stevens, Andrew Ruef and Marcin 'Icewall' Noga discovered a heap-based buffer overflow vulnerability in the zip_read_mac_metadata function in libarchive, a multi-format archive and compression library, which may lead to the execution of arbitrary code if a user or automated system is tricked into processing a specially crafted ZIP file.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-1541
SHA-256 | 5c7a63f165516bff86da6dfcf9cb9e9abd17ee133b43b69d6f316ed34e7ffb09
Red Hat Security Advisory 2016-1019-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1019-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions support performed read/write operations via I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2016-3710
SHA-256 | 628740b7624c1abc6ab198c9f90872c710e83616f8dd9056639180897a122c93
Ubuntu Security Notice USN-2972-1
Posted May 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2972-1 - Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3427
SHA-256 | 8b420ca2da3bd41a15c5a2b68fb3ad054683eab52e549eda69381c0f0666c596
Red Hat Security Advisory 2016-0780-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0780-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a specially crafted NTP packet to crash ntpd.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5194, CVE-2015-5195, CVE-2015-5219, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7852, CVE-2015-7977, CVE-2015-7978
SHA-256 | 74e2b989b3c600a50d525a32a6dc0ba22bf800d2e75ca1cfaf034dede452cefd
Red Hat Security Advisory 2016-0760-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0760-01 - The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Security Fix: Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2014-3538, CVE-2014-3587, CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9620, CVE-2014-9653
SHA-256 | 74c1ca1ed93125f94be406547b097bf1860154407ec1d26cb056d56739aed076
Red Hat Security Advisory 2016-0855-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0855-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that reporting emulation failures to user space could lead to either a local or a L2->L1 denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain systems, HPET is mapped to userspace as part of vdso and thus an unprivileged user may generate MMIO transactions this way.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2010-5313, CVE-2013-4312, CVE-2014-7842, CVE-2014-8134, CVE-2015-5156, CVE-2015-7509, CVE-2015-8215, CVE-2015-8324, CVE-2015-8543
SHA-256 | 04e242034fb3ec62c7605bb20048f0fac25d6bf4a31d5570797bd3c137afe067
Red Hat Security Advisory 2016-0778-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0778-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. IcedTea-Web now also contains PolicyEditor - a simple tool to configure Java policies. The following packages have been upgraded to a newer upstream version: icedtea-web. Security Fix:

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2015-5234, CVE-2015-5235
SHA-256 | f1234920e2484f170f88b4b6c398cd38d95345eed3bc3411320acf14b6a8b77f
Red Hat Security Advisory 2016-0741-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0741-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: It was found that the OpenSSH client did not properly enforce the ForwardX11Timeout setting. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested.

tags | advisory, remote, local, protocol
systems | linux, redhat, unix
advisories | CVE-2015-5352, CVE-2015-6563, CVE-2015-6564, CVE-2016-1908
SHA-256 | 00e52addfae71f7599c46f84945f6728921c76a58d7ccf320ceccef95da62c08
QuickBooks Desktop SQL Injection / Code Execution
Posted May 11, 2016
Authored by Maxim Tomashevich

QuickBooks Desktop versions 2007 through 2016 suffers from SQL injection and code execution vulnerabilities.

tags | advisory, vulnerability, code execution, sql injection
SHA-256 | 522210df2f1638a874161c747425539463331fcf2caf494e89043f5ce88c2e80
Trend Micro Mobile Security Man-In-The-Middle
Posted May 11, 2016
Authored by David Coomber

Trend Micro Mobile Security iOS application versions 3.1.1034 and below fail to validate the SSL certificate it receives when connecting to the mobile application login server.

tags | advisory
systems | ios
advisories | CVE-2016-3664
SHA-256 | e551b1880ff922cd6c0047e14ee549c65dcc283403e2bdbf2f66d2992a0517bc
Android Broadcom Wi-Fi Driver Memory Corruption
Posted May 11, 2016
Authored by AbdSec

Android Broadcom Wi-Fi driver memory corruption proof of concept exploit.

tags | exploit, proof of concept
advisories | CVE-2016-0801
SHA-256 | c4c12cb38e6d2b70be8735e7ec14759ae9fc80ee9eaf6ef89e5d82541843c1e2
Skype Content Spoofing / Phishing
Posted May 11, 2016
Authored by Danny Kopping

Skype appears to possibly be susceptible to a content spoofing vulnerability.

tags | exploit, spoof
systems | linux
SHA-256 | 1818fa20690442196c2929353bf64fe6a49db93abd0c384a6575fe27f68fa6fd
Joomla Event Manager 2.x Cross Site Scripting
Posted May 11, 2016
Authored by T3NZOG4N, Mojtaba MobhaM

Joomla Event Manager component version 2.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b2b22fefa48cf08c718c9172065b478d23024466d877da760ed560e364b738a2
Wordpress BulletProof Security 53.3 Cross Site Scripting
Posted May 11, 2016
Authored by Onur YILMAZ | Site netsparker.com

Wordpress BulletProof Security version 53.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 355fd2db564941e22cb266eb97843d68bf8f592f15e9be6a9a9a9155c62fff30
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close