all things security
Showing 1 - 18 of 18 RSS Feed

Files Date: 2016-05-12

Ubuntu Security Notice USN-2974-1
Posted May 12, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2974-1 - Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak host memory bytes. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-2391, CVE-2016-2392, CVE-2016-2538, CVE-2016-2841, CVE-2016-2857, CVE-2016-2858, CVE-2016-3710, CVE-2016-3712, CVE-2016-4001, CVE-2016-4002, CVE-2016-4020, CVE-2016-4037
MD5 | c2708302081e86ba5d1224f981e5cb22
Red Hat Security Advisory 2016-1033-01
Posted May 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1033-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-0758
MD5 | 16df6ec8e58c0a8d3b345509edad0e5f
Red Hat Security Advisory 2016-1051-01
Posted May 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1051-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a newer upstream version: kernel-rt. This version provides a number of bug fixes and enhancements, including: [scsi] bnx2fc: Fix FCP RSP residual parsing and remove explicit logouts [scsi] mpt3sas: Fix for Asynchronous completion of timedout IO and task abort of timedout IO

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2016-0758
MD5 | 44fadedd535904b16b405b22594b554f
Red Hat Security Advisory 2016-1055-01
Posted May 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1055-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a newer upstream version: kernel-rt. This version provides a number of bug fixes and enhancements, including: [scsi] bnx2fc: Fix FCP RSP residual parsing and remove explicit logouts [scsi] mpt3sas: Fix for Asynchronous completion of timedout IO and task abort of timedout IO

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2016-0758
MD5 | f7a977d6927d413a1a374d7cff57e4c7
Red Hat Security Advisory 2016-1041-01
Posted May 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1041-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 38.8.0. Security Fix: Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-2805, CVE-2016-2807
MD5 | c2abbece9bb118b9d30d4dc52fafa358
HP Security Bulletin HPSBST03599 1
Posted May 12, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03599 1 - A vulnerability in OpenSSH has been addressed by HPE 3PAR OS. The vulnerabily could be exploited remotely resulting in Denial of Service (DoS) or access restriction bypass. Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2015-5600
MD5 | 573b8e0bc1bffaea0206f4a694d0f161
HP Security Bulletin HPSBST03598 1
Posted May 12, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03598 1 - HPE 3PAR OS has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). This vulnerability could be remotely exploited to cause Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.

tags | advisory, denial of service, overflow, arbitrary
advisories | CVE-2015-7547
MD5 | d78db4f563a88069386c71ff8987004d
HP Security Bulletin HPSBST03586 1
Posted May 12, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03586 1 - A potential security vulnerability has been identified in HPE 3PAR OS. This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely to allow unauthorized modification. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-4000
MD5 | 6aacd036bb22010c97ed6d33f0dfedde
HP Security Bulletin HPSBNS03581 2
Posted May 12, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBNS03581 2 - Security vulnerabilities in Samba could potentially impact HPE NonStop Servers. These vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in Denial of Service (DoS), arbitrary file deletion, disclosure of sensitive information, unauthorized access, or unauthorized modification of file or database. Note: This product is NOT affected by the 'Badlock' vulnerability (CVE-2016-2118). Affected RVUs: L15.02 - L15.08.01 J06.04 - J06.19.02 H06.15 - H06.29.01. Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
advisories | CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115
MD5 | 1bb2c8e02d009ad76188a91614d092d3
HP Security Bulletin HPSBHF03592 1
Posted May 12, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03592 1 - Several potential security vulnerabilities have been identified in the OpenFlow Virtual Appliance (OVA) version of the HPE VAN SDN Controller using OpenSSL which could be exploited remotely to allow Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification of information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-2842
MD5 | 61c9994c227e99f6a23ca3f00654626c
Red Hat Security Advisory 2016-1025-01
Posted May 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1025-01 - PCRE is a Perl-compatible regular expression library. Security Fix: Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code.

tags | advisory, arbitrary, perl
systems | linux, redhat
advisories | CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2015-8391, CVE-2016-3191
MD5 | ea4c5211eeddf89b210e60b859ff9162
Red Hat Security Advisory 2016-1039-01
Posted May 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1039-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR3. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449
MD5 | 7673ff1b01ad777370c1fae4566768c6
Red Hat Security Advisory 2016-1038-01
Posted May 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1038-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. An access flaw was discovered in OpenShift; the /etc/origin/master/master-config.yaml configuration file, which could contain Active Directory credentials, was world-readable. A local user could exploit this flaw to obtain authentication credentials from the master-config.yaml file. If you believe that the password in this file has been viewed by an attacker you should reset the password after installing this update.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2016-2142
MD5 | 0641256fe597efdff4b1de3f407baae1
Huawei Mobile Broadband HL Service 22.001.25.00.03 Local Privilege Escalation
Posted May 12, 2016
Authored by Florian Bogner

Huawei Mobile Broadband HL Service versions 22.001.25.00.03 and below are vulnerable to a DLL side loading attack allowing normal unprivileged users to gain full SYSTEM access.

tags | exploit
advisories | CVE-2016-2855
MD5 | 1e5fb53e7a9b0a870cea79231268057a
ASP Webshell For IIS 8
Posted May 12, 2016
Authored by Savio Bot

ASP webshell backdoor designed specifically for IIS 8.

tags | tool, rootkit, asp
systems | windows
MD5 | 5b19b3cbecf0cf539f8e5a3954f4af53
Core FTP Server 32-Bit Build 587 Heap Overflow
Posted May 12, 2016
Authored by Paul Purcell

Core FTP Server 32-Bit build 587 heap overflow denial of service exploit.

tags | exploit, denial of service, overflow
MD5 | 9810cfcc13ad5f802d2fa4ec5074d5f4
Adobe Reader DC 15.010.20060 Memory Corruption
Posted May 12, 2016
Authored by Pier-Luc Maltais

Adobe Reader DC versions 15.010.20060 and below memory corruption proof of concept exploit.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2016-1077
MD5 | 65f99d20b7b57f87b318258170273847
Ipswitch WS_FTP LE 12.3 SEH Overwrite
Posted May 12, 2016
Authored by Zahid Adeel

Ipswitch WS_FTP LE version 12.3 search field SEH overwrite proof of concept exploit.

tags | exploit, proof of concept
MD5 | 41f32eb7834dd78325018e663a18101f
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close