what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2016-06-27

Untangle NGFW 12.1.0 Beta execEvil() Command Injection
Posted Jun 27, 2016
Authored by Matt Bush

Untangle NGFW versions 12.1.0 Beta and below execEvil() authentication root command injection exploit.

tags | exploit, root
MD5 | 56bdc55fb88fda0ef763c7a3c12281cb
Ubuntu Security Notice USN-3017-1
Posted Jun 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3017-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
MD5 | 837c9e2dd1134fd6e3aee5b278f1ce18
Ubuntu Security Notice USN-3017-2
Posted Jun 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3017-2 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
MD5 | 1ed79e00454b171deb039a5cf745115d
Red Hat Security Advisory 2016-1341-01
Posted Jun 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1341-01 - The kernel-rt package contain the Linux kernel, the core of any Linux operating system. This update provides a build of the kernel-rt package for Red Hat Enterprise MRG 2.5 that is layered on Red Hat Enterprise Linux 6, and provides a number of bug fixes.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2015-8767, CVE-2016-3707, CVE-2016-4565
MD5 | 6aaf594cda9a717fe213de5921432fe3
Ubuntu Security Notice USN-3016-3
Posted Jun 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3016-3 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
MD5 | 7391a4889dd81238fe497f1044247fa6
Gentoo Linux Security Advisory 201606-17
Posted Jun 27, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201606-17 - Multiple vulnerabilities have been found in hostapd and wpa_supplicant, allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 2.5 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3686, CVE-2015-1863, CVE-2015-4141, CVE-2015-4142, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146
MD5 | 4b29a0e4d3ca2e8716436e7d6de3ad1e
Riverbed SteelCentral NetProfiler / NetExpress 10.8.7 XSS / Code Execution
Posted Jun 27, 2016
Authored by Francesco Oddo | Site security-assessment.com

Riverbed SteelCentral NetProfiler and NetExpress versions 10.8.7 and below suffer from command injection, privilege escalation, local file inclusion, account hijacking, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | c2a57e3ce94140794b85cec84ac1a2df
Ubuntu Security Notice USN-3016-2
Posted Jun 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3016-2 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
MD5 | c2b73eae21142de8424ba8a935f1c5c5
Blue Team Training Toolkit (BT3) 1.0
Posted Jun 27, 2016
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the lastest versions of Encripto's Maligno and Pcapteller.

tags | tool, python
systems | unix
MD5 | fe72d5213c072e79f6609c0612fe7c75
Ubuntu Security Notice USN-3016-1
Posted Jun 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3016-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
MD5 | 84ab189171451d96452c4c4141299acd
iBilling 3.7.0 Cross Site Scripting
Posted Jun 27, 2016
Authored by Bikramaditya Guha | Site zeroscience.mk

iBilling version 3.7.0 suffers from multiple stored and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | bf9a60f4755adc168482ca6ca79b30ff
Option CloudGate Insecure Direct Object Reference Auth Bypass
Posted Jun 27, 2016
Authored by LiquidWorm | Site zeroscience.mk

The CloudGate M2M gateway from Option suffers from an insecure direct object reference that allows for authorization bypass as well as cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 8ec49c54eabd794596458298922b2f09
Panda 16.1.2 Local Privilege Escalation
Posted Jun 27, 2016
Authored by Ashraf Alharbi | Site security-assessment.com

Multiple Panda Security products are vulnerable to local privilege escalation. As the USERS group has write permissions over the folder where the PSEvents.exe process is located, it is possible to execute malicious code as Local System.

tags | advisory, local
MD5 | 51cf79e6ac06536f86a7e8327b01b1dd
Gentoo Linux Security Advisory 201606-16
Posted Jun 27, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201606-16 - A buffer overflow in PLIB might allow remote attackers to execute arbitrary code. Versions less than 1.8.5-r1 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2011-4620
MD5 | ebfc88a24f0a1ba7382272ef5304fc6c
Gentoo Linux Security Advisory 201606-15
Posted Jun 27, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201606-15 - Multiple vulnerabilities have been found in FreeXL, allowing remote attackers to executive arbitrary code or cause Denial of Service. Versions less than 1.0.1 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2753, CVE-2015-2754, CVE-2015-2776
MD5 | 7110159b134b0dacfada8114a45e9565
Gentoo Linux Security Advisory 201606-14
Posted Jun 27, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201606-14 - Multiple vulnerabilities have been found in ImageMagick including overflows and possible Denials of Service. Versions less than 6.9.0.3 are affected.

tags | advisory, overflow, vulnerability
systems | linux, gentoo
MD5 | 3101103b0d57ca84f274671079f42657
Page 1 of 1
Back1Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close