Exploit the possiblities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2016-05-11

CIScan 1.00 SEH Overwrite
Posted May 11, 2016
Authored by Nipun Jaswal

CIScan version 1.00 hostname/IP field SEH overwrite proof of concept exploit.

tags | exploit, proof of concept
MD5 | c3c0359fb54254d1870bc180a8ca5ece
Debian Security Advisory 3565-2
Posted May 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3565-2 - This updates fixes a regression introduced in botan1.10 by DSA-3565-1: packages depending on libbotan1.10 needed to be rebuilt against the latest version to function properly.

tags | advisory
systems | linux, debian
MD5 | 8a9743710c96d8dc2a2eec878e39d771
Slackware Security Advisory - imagemagick Updates
Posted May 11, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New imagemagick packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, CVE-2016-3718
MD5 | 36d97be975d0d3d470d73f0ab58c8564
HP Security Bulletin HPSBUX03574 1
Posted May 11, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03574 1 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to cause access restriction bypass, authentication bypass, Denial of Service (DoS), unauthorized access to files, access restriction bypass, or unauthorized information disclosure. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, info disclosure
systems | hpux
advisories | CVE-2013-0213, CVE-2013-0214, CVE-2013-4475, CVE-2013-4496, CVE-2014-0178, CVE-2014-0244, CVE-2014-3493, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299
MD5 | f01fb9a03c992de3ed9c82daad434793
HP Security Bulletin HPSBUX03596 1
Posted May 11, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03596 1 - A security vulnerability in Samba was addressed by HPE HP-UX running CIFS Server (Samba). The vulnerability could be exploited resulting in remote access restriction bypass and unauthorized access. Revision 1 of this advisory.

tags | advisory, remote
systems | hpux
advisories | CVE-2015-7560
MD5 | 74d048f3999304a4464a5b447f331b8b
Debian Security Advisory 3574-1
Posted May 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3574-1 - Rock Stevens, Andrew Ruef and Marcin 'Icewall' Noga discovered a heap-based buffer overflow vulnerability in the zip_read_mac_metadata function in libarchive, a multi-format archive and compression library, which may lead to the execution of arbitrary code if a user or automated system is tricked into processing a specially crafted ZIP file.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-1541
MD5 | 517987c8f09f9204559585507cb2df50
Red Hat Security Advisory 2016-1019-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1019-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions support performed read/write operations via I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2016-3710
MD5 | 38651c41bde50f7dccbe41b3d070d58f
Ubuntu Security Notice USN-2972-1
Posted May 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2972-1 - Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3427
MD5 | 0c5d63c317c90fe8077c26374117a999
Red Hat Security Advisory 2016-0780-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0780-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a specially crafted NTP packet to crash ntpd.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5194, CVE-2015-5195, CVE-2015-5219, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7852, CVE-2015-7977, CVE-2015-7978
MD5 | a1d0851e7a72fb841f8762f84f38160f
Red Hat Security Advisory 2016-0760-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0760-01 - The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Security Fix: Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2014-3538, CVE-2014-3587, CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9620, CVE-2014-9653
MD5 | 2e3ee6fc54a9e04d8e7d163dfd9da4d7
Red Hat Security Advisory 2016-0855-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0855-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that reporting emulation failures to user space could lead to either a local or a L2->L1 denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain systems, HPET is mapped to userspace as part of vdso and thus an unprivileged user may generate MMIO transactions this way.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2010-5313, CVE-2013-4312, CVE-2014-7842, CVE-2014-8134, CVE-2015-5156, CVE-2015-7509, CVE-2015-8215, CVE-2015-8324, CVE-2015-8543
MD5 | e741f0c840e7320779345d2b7c520e64
Red Hat Security Advisory 2016-0778-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0778-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. IcedTea-Web now also contains PolicyEditor - a simple tool to configure Java policies. The following packages have been upgraded to a newer upstream version: icedtea-web. Security Fix:

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2015-5234, CVE-2015-5235
MD5 | e97d78c74c3ecf7c15efe1b564e01772
Red Hat Security Advisory 2016-0741-01
Posted May 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0741-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: It was found that the OpenSSH client did not properly enforce the ForwardX11Timeout setting. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested.

tags | advisory, remote, local, protocol
systems | linux, redhat, unix
advisories | CVE-2015-5352, CVE-2015-6563, CVE-2015-6564, CVE-2016-1908
MD5 | 47cb9b4988f2bd49f622325736e076bd
QuickBooks Desktop SQL Injection / Code Execution
Posted May 11, 2016
Authored by Maxim Tomashevich

QuickBooks Desktop versions 2007 through 2016 suffers from SQL injection and code execution vulnerabilities.

tags | advisory, vulnerability, code execution, sql injection
MD5 | 05c8159e7fa28e8610ef903b9eaf5763
Trend Micro Mobile Security Man-In-The-Middle
Posted May 11, 2016
Authored by David Coomber

Trend Micro Mobile Security iOS application versions 3.1.1034 and below fail to validate the SSL certificate it receives when connecting to the mobile application login server.

tags | advisory
systems | ios
advisories | CVE-2016-3664
MD5 | 85cb234c73866b26c22a4774c83e692f
Android Broadcom Wi-Fi Driver Memory Corruption
Posted May 11, 2016
Authored by AbdSec

Android Broadcom Wi-Fi driver memory corruption proof of concept exploit.

tags | exploit, proof of concept
advisories | CVE-2016-0801
MD5 | 225cdfa780cf529ef6e597c18f9da528
Skype Content Spoofing / Phishing
Posted May 11, 2016
Authored by Danny Kopping

Skype appears to possibly be susceptible to a content spoofing vulnerability.

tags | exploit, spoof
systems | linux
MD5 | c54c1508ede440917aae5211ccd3376c
Joomla Event Manager 2.x Cross Site Scripting
Posted May 11, 2016
Authored by T3NZOG4N, Mojtaba MobhaM

Joomla Event Manager component version 2.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b3348f8fec1d9889655f6cb7b0d8b76c
Wordpress BulletProof Security 53.3 Cross Site Scripting
Posted May 11, 2016
Authored by Onur YILMAZ

Wordpress BulletProof Security version 53.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6df4b03f8ab2dd131c735595e114483d
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close